examples of searches to capture network thruput

Kendrick33 · ‎10-05-2010

Do you have any examples of searches capturing network thruput?

Simeon · ‎10-05-2010

Splunk will track the top 10 inputs based on source and host. To retrieve that information, you could run the following search:

index=_internal source=*metrics.log* per_host_thruput | timechart sum(kb) by series

To increase the number of tracked inputs, you can set that in your limits.conf file for metrics tracking.

Genti · ‎10-05-2010

how about this:

index="_internal" source="*metrics.log*" per_host_thruput | timechart max(kbps) by series | addtotals

Kendrick33 · ‎10-05-2010

I am monitoring a cluster of servers and am trying to capture the network thruput by host. I know splunk has a basic one out of the box. Thrput_by_host(*). However, I would like to be able to pinpoint the thruput of each server. When I attempted to hone the search, I couldn't get any data back. For example

Thruput_by_host(*) | timechart span=24h avg(Thruput_by_host()) as AvgHostThruput, AvgHostThruput renders nothing.

Simeon · ‎10-05-2010

Your question is not very clear without any information about the data source (input).

examples of searches to capture network thruput

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life