Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

ソースタイプ別データ取り込み量確認方法

Splunk_Shinobi
Splunk Employee
Splunk Employee
‎06-18-2013 07:39 PM

ソースタイプ別に取り込まれているデータの容量を1日毎や1時間毎などで表示したいのですが、
SplunkのSearch画面から可能ですか?

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

melonman
Motivator
‎06-18-2013 07:55 PM

以下の様な感じではいかがでしょうか。

index=_internal sourcetype="splunkd" group="per_sourcetype_thruput" series!=splunk* | eval gb=kb/1024/1024 | timechart limit=20 minspan=1d sum(gb) by series

View solution in original post

Reply
Solved! Jump to solution
Solution

melonman
Motivator
‎06-18-2013 07:55 PM

以下の様な感じではいかがでしょうか。

index=_internal sourcetype="splunkd" group="per_sourcetype_thruput" series!=splunk* | eval gb=kb/1024/1024 | timechart limit=20 minspan=1d sum(gb) by series
Reply
Get Updates on the Splunk Community!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...

Splunk APM: New Product Features + Community Office Hours Recap!

Howdy Splunk Community! Over the past few months, we’ve had a lot going on in the world of Splunk Application ...

Index This | Forward, I’m heavy; backward, I’m not. What am I?

April 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...