Measure throughput (eps, kbps) per Input

JensT · ‎07-01-2010

We would like to measure the performance and throughput. I would like to have line-graphs that shows:

Thanks,

Jens

Jeremiah · ‎07-01-2010

If you're running the latest version, some of that info is on the Index Activity dashboard, and you can use that search as a start.

By input, are you referring to source, sourcetype, or host?

kbps by sourcetype: index="_internal" (source=/metrics.log OR source=\metrics.log) group="per_sourcetype_thruput" | timechart avg(kbps) by series

eps by sourcetype: index="_internal" (source=/metrics.log OR source=\metrics.log) group="per_sourcetype_thruput" | timechart avg(eps) by series

If you wanted host or source, use group="per_source_thruput" or group="per_host_thruput" instead.

JensT · ‎07-05-2010

Hello Jeremiah,

seems like i have to enable something, because your searches return nothing.

I am using Splunk 4.1.2

Cheers,

Jens

Genti · ‎07-01-2010

and if you want more data you can use source=metrics.log
This will include metrics.log.1-5

Lowell · ‎07-01-2010

You can just do source=*metrics.log

Join the Conversation