Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

splunk metrics collection

rajkumar_2
New Member
‎02-23-2017 03:46 AM

Hi,

we have to prepare splunk usage report. we would like to have data such as
Which app creates load?
App wise usage, ie how many users are accessing which app?
Number of concurrent users logged in hourly basis for 24 hours?
which savedsearch /alerts consumes resources?
Which user consumes resources?
current storage of each index?

This will give us a clear picture how splunk is used and whether we require to add more resources to splunk clusters.

Can you please provide the queries?

Thanks
Raj

Tags (1)
0 Karma
Reply

woodcock
Esteemed Legend
‎02-23-2017 07:08 AM

Much of this is already done inside the Management Console:

https://docs.splunk.com/Documentation/Splunk/6.5.2/DMC/DMCoverview

There are also many apps that attempt to shed light in this area; do a search on splunkbase:

https://splunkbase.splunk.com/

You can try a bunch and copy the queries that they use for your own dashboard.

0 Karma
Reply

rajkumar_2
New Member
‎02-23-2017 04:13 PM

Thank you. The Distributed Management Console we have doesn't show such info. we're using splunk 6.4.0.

0 Karma
Reply

woodcock
Esteemed Legend
‎03-25-2017 03:21 AM

Here are some apps to try:
Meta Woot! https://splunkbase.splunk.com/app/2949/
Search Activity https://splunkbase.splunk.com/app/2632/
Search Log Processing https://splunkbase.splunk.com/app/3019/
S.O.S https://splunkbase.splunk.com/app/748/

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...