All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is there a way to generate a graph / chart that shows performance of scheduler?

neerajs_81
Builder
‎04-26-2023 12:33 AM

hi, is there a way to generate a graph / chart that shows performance of Scheduler ?
We are using Splunk Enterprise Security and there is an App available called "Cloud Monitoring console" which shows stuff like "Skipped Searches" , "Scheduler Activity" etc but not quite what we are looking for.

We would like to see how many searches were kicked off ( as in dispatched)  every hour or every 30 mins, kind of plot run time of searches .  End goal is to identify if we have too many searches running at a particular time slot n so on.


Labels (1)
Labels
Tags (1)
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎04-26-2023 01:53 AM

Hi

You could start e.g. with this

index=_audit action IN (search, rtsearch, accelerate_search)
| timechart count by info

r. Ismo 

Reply

neerajs_81
Builder
‎04-26-2023 02:40 AM

i ran your search , not sure i understand the result set.  How is this related to scheduler activity and
What do the different values of "info" mean  as shown below ?  To make it simple, is there a way to restrict this data based on the app : SplunkEnterpriseSecurity ? 

neerajs_81_0-1682501959691.png

 

0 Karma
Reply
Get Updates on the Splunk Community!

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

At this year’s Splunk University, I had the privilege of chatting with Devesh Logendran, one of the winners in ...

There's No Place Like Chrome and the Splunk Platform

WATCH NOW!Malware. Risky Extensions. Data Exfiltration. End-users are increasingly reliant on browsers to ...

Customer Experience | Join the Customer Advisory Board!

Are you ready to take your Splunk journey to the next level? 🚀 We invite you to join our elite squad ...