All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Example of how to monitor storage speed I/O utilization by host?

sloshburch
Splunk Employee
Splunk Employee
‎11-20-2019 08:32 AM

Does anyone have examples of how to use Splunk to monitor storage speed I/O utilization by host?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

sloshburch
Splunk Employee
Splunk Employee
‎11-20-2019 08:32 AM

The Splunk Product Best Practices team helped produce this response. Read more about use case examples Splunk® Platform Use Cases on Splunk Docs.

This use case enables system administrators to monitor disk operations and when swapping is executed to know when systems may slow down. I/O operations are time consuming and may impact the user experience. This use case checks the number of disk operations of multiple database hosts, and visualizes it over time.

This use case is from the Splunk Essentials for Infrastructure Troubleshooting and Monitoring app. For more examples, see the Splunk Essentials for Infrastructure Troubleshooting and Monitoring on Splunkbase.

Measuring Storage Speed IO Utilization by Host

Load data

How to implement: Ingest operating system logs and metrics into Splunk Enterprise. Install the Splunk Add-on for Windows or *nix, and enable iostat monitoring for your entire infrastructure. Enable the iostat.sh scripted input in the Splunk Add-on for Windows or *nix. Find the Splunk Add-on for Windows and Splunk Add-on for Unix and Linux on Splunkbase.

Data check: This use case depends on operating system logs and operating system metrics.

Get insights

Track disk I/O utilization to identify systems that are running high storage operations using the Splunk Add-on for Windows or *nix TA. Build dashboards and alerts to respond when needed and take proactive measures.

Use the following search:

index=* tag=oshost tag=performance tag=storage

| stats avg(total_ops) BY host

Best practice: In searches, replace the asterisk in index=* with the name of the index that contains the data. By default, Splunk stores data in the main index. Therefore, index=* becomes index=main. Use the OR operator to specify one or multiple indexes to search. For example, index=main OR index=security. See About managing indexes and How indexing works in Splunk docs for details.

Help

If no results appear, deploy the Add-ons to the search heads to access the knowledge objects necessary for simple searching. See About installing Splunk add-ons on Splunk Docs for assistance.

For more support, post a question to the Splunk Answers community.

View solution in original post

Reply
Solved! Jump to solution
Solution

sloshburch
Splunk Employee
Splunk Employee
‎11-20-2019 08:32 AM

The Splunk Product Best Practices team helped produce this response. Read more about use case examples Splunk® Platform Use Cases on Splunk Docs.

This use case enables system administrators to monitor disk operations and when swapping is executed to know when systems may slow down. I/O operations are time consuming and may impact the user experience. This use case checks the number of disk operations of multiple database hosts, and visualizes it over time.

This use case is from the Splunk Essentials for Infrastructure Troubleshooting and Monitoring app. For more examples, see the Splunk Essentials for Infrastructure Troubleshooting and Monitoring on Splunkbase.

Measuring Storage Speed IO Utilization by Host

Load data

How to implement: Ingest operating system logs and metrics into Splunk Enterprise. Install the Splunk Add-on for Windows or *nix, and enable iostat monitoring for your entire infrastructure. Enable the iostat.sh scripted input in the Splunk Add-on for Windows or *nix. Find the Splunk Add-on for Windows and Splunk Add-on for Unix and Linux on Splunkbase.

Data check: This use case depends on operating system logs and operating system metrics.

Get insights

Track disk I/O utilization to identify systems that are running high storage operations using the Splunk Add-on for Windows or *nix TA. Build dashboards and alerts to respond when needed and take proactive measures.

Use the following search:

index=* tag=oshost tag=performance tag=storage

| stats avg(total_ops) BY host

Best practice: In searches, replace the asterisk in index=* with the name of the index that contains the data. By default, Splunk stores data in the main index. Therefore, index=* becomes index=main. Use the OR operator to specify one or multiple indexes to search. For example, index=main OR index=security. See About managing indexes and How indexing works in Splunk docs for details.

Help

If no results appear, deploy the Add-ons to the search heads to access the knowledge objects necessary for simple searching. See About installing Splunk add-ons on Splunk Docs for assistance.

For more support, post a question to the Splunk Answers community.

Reply
Solved! Jump to solution

sloshburch
Splunk Employee
Splunk Employee
‎12-09-2019 09:33 AM

Update: I added a related video.

0 Karma
Reply
Get Updates on the Splunk Community!

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

For the past four years, Splunk has partnered with Enterprise Strategy Group to conduct a survey that gauges ...

Data-Driven Success: Splunk & Financial Services

Splunk streamlines the process of extracting insights from large volumes of data. In this fast-paced world, ...