how to monitor web app availability with splunk?
My understanding of Splunk is that its primary function is to be basically a data mining/aggregation tool for IT departments. Log collection, correlation and so forth. They may have some sort of active monitoring available, but I've not seen anything to verify that. If monitoring capabilities exist, they surely don't market them on their website.
Anyway you may want to consider using Splunk for what it's good at - data collection and searching. Then deploy another application for monitoring. There are many free/open source apps out there that do a superb job of application monitoring and notification. Zenoss, Nagios, and Zabbix are three that I've worked with and have proved themselves to work very well.
Related videos on Youtube
05 : 01
43 : 27
05 : 18
11 : 54
02 : 08
Justin Grant
I'm working on a brand-new consumer mobile startup. My dev skills are admittedly a bit rusty after many years as a product manager when the only software development I did was for side projects. Now I'm having fun getting up to speed on React, AWS, and TypeScript. Previously, I was VP Product at Cantaloupe Systems, the largest SaaS provider for the vending industry. We put cellular modems inside vending machines, collected data about every sale as well as machine status and alerts, and then crunched the resulting data to help vending operators know which machines need to be refilled and when, what's selling and what's not, who's stealing, which machines are broken, and much more. I led a small team responsible for product roadmap, user experience, and agile project management while trying to keep customers happy and revenue growing.
Updated on September 17, 2022Comments
-
Justin Grant over 1 year
I've recently downloaded and installed a Splunk 4.0.4 Server Enterprise trial (running on Windows Server 2008 if that matters), and now I want to set it up to monitor a few web pages in addition to the logs I'm already watching with Splunk.
I installed the "Web Page Monitor" app from the Splunk website, but now I'm baffled about how to set it up to start monitoring some web pages.
I poked around the file system and found \Program Files\Splunk\etc\apps\webping\ which (according to the MANIFEST file) has the friendly name of "Web Page Monitor". (No idea why Splunk isn't showing the friendly name on the Manager/Apps page-- it lists "webping" instead.)
Ideally, I'd like to have it check a particular URL every minute, and send me an email if it returns anything other than a 200 status or takes longer than 10 seconds to return.
Any idea how to do this?
UPDATE: I know that Splunk's monitoring/alerting support is pretty limited (and I'm trying out other monitoring tools in parallel) but that said my monitoring/alerting needs are not complex. Using multiple management tools, even if each is best-of-breed for its task, comes with a cost-- so while I'm trying out Nagios, etc. I'd also like to understand what Splunk can do (even if it's limited compared with other tools), so I can make an informed decision about whether to run a separate monitoring tool or not.
-
James over 14 years+1, Splunk is really the wrong tool for this job.
-
Justin Grant over 14 yearsagreed-- I'm not really thinking of using Splunk to replace a focused monitoring tool like Nagios, SiteScope, Big Brother, etc. Instead, I already have Splunk up and running in my environment and was wondering how its HTTP monitoring feature works-- see my updated question for more context.
