Insights Dashboard
Fleet health overview — node status, app coverage, certificate alerts, and Splunk version distribution
Insights Dashboard
The Insights Dashboard gives you a single-pane view of your Splunk fleet's health — node status, Splunk version distribution, cluster health, app coverage, and certificate expiration alerts.
Navigation
- Parent: Automation Platform
- Previous: Executions
- Next: Configuration Browser
- Related: Insights Nodes
Fleet Summary
Navigate to Automation Platform → Insights to see the fleet dashboard. The top-level cards show:
Node Status
| Metric | Description |
|---|---|
| Total | All enrolled nodes |
| Online | Nodes that checked in recently |
| Stale | Nodes that haven't checked in within the expected window |
| Offline | Nodes that are unreachable |
Splunk Version Distribution
A breakdown of Splunk Enterprise versions across your fleet, showing how many nodes run each version. Helps you identify hosts that need upgrades.
Cluster Health
| Metric | Description |
|---|---|
| Clustered hosts | Total hosts in index or search head clusters |
| RF not met | Replication factor violations |
| In maintenance | Hosts in maintenance mode |
| Rolling restart active | Clusters undergoing rolling restart |
| Bundle issues | Knowledge bundle replication problems |
| SHC not ready | Search head cluster members not ready |
Certificate Alerts
| Severity | Description |
|---|---|
| Expired | Certificates past their expiration date |
| Critical | Expiring within 7 days |
| Warning | Expiring within 30 days |
| Advisory | Expiring within 90 days |
| Healthy | Valid certificates with no upcoming expiration |
App Inventory
Navigate to Insights → Apps to see a cross-fleet app inventory. For each Splunk app, you see:
- App name and configuration stanza count
- Installed on — which hosts have the app
- Missing from — which hosts do not
- Coverage — percentage of enrolled hosts with the app installed
- Last seen — when the app was last detected
Expand any app row to see the full list of hosts where it is installed or missing.
Certificate Monitor
Navigate to Insights → Certificates to view all TLS certificates across your fleet. Filter by severity level and search by hostname, subject, or file path. Each certificate shows:
- Host, file path, subject, and issuer
- Validity dates and days remaining
- Severity badge (Expired, Critical, Warning, Advisory, or Healthy)
- Whether it is a default Splunk certificate or CA certificate
