All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How can I find out which systems are generating the most output

marvatwork
Explorer
‎11-05-2014 01:04 PM

About a week ago, daily usage jumped SIGNIFICANTLY. I was no where near the license capacity, now i'm exceeding it and I'm not sure what is generating it.
What can I do to find out what is generating most of the output.

0 Karma
Reply

Jeff_Lightly_Sp
Communicator
‎11-05-2014 01:08 PM

Got to Settings-System-Licensing. Click on Usage Report button,select Previous 30 days tab and from the Split by tab Split by Host from the dropdown. This may show the offending host if its not lumped in with "Other".

Reply

martin_mueller
SplunkTrust
SplunkTrust
‎11-05-2014 03:41 PM

There's also the SoS app to look at for current indexing throughput, or the new-in-6.2 distributed management console that has the same info in a prettier wrapping. License Usage Report will be easiest though because it's built-in.

0 Karma
Reply

Jeff_Lightly_Sp
Communicator
‎11-05-2014 01:16 PM

Martin Mueller also recently posted a nice solution that may help you too. See:

http://answers.splunk.com/answers/183473/how-to-find-the-daily-average-of-indexed-data-by-h.html

Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...