Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Windows serveruptime Dashboard

bsaujla131984
Path Finder
‎01-17-2020 07:44 PM

I would like to create a dashboard to show Windows server up time where it is more than 60 days..

Basically I would like to present as a count of servers running continuously for more than 60 days.

Tags (1)
0 Karma
Reply

bsaujla131984
Path Finder
‎01-18-2020 02:42 AM

Thanks to4kawa for you reply.

It is not working for me... All I want to take the count of server which have been running for more than 60 days by using following query :-

index = win_perf host= A OR host=B OR host=C OR host=D | eval Uptime_Days = System_Up_Time/86400 | stats count by host | where Uptime_Days>60

0 Karma
Reply

to4kawa
Ultra Champion
‎01-18-2020 02:58 AM

my answer is updated. please confirm.

0 Karma
Reply

to4kawa
Ultra Champion
‎01-18-2020 03:01 PM

sorry, I've mistake, typo. my answer is amended. please confirm.

0 Karma
Reply

bsaujla131984
Path Finder
‎01-18-2020 04:13 PM

I cant find your amended answer?

0 Karma
Reply

to4kawa
Ultra Champion
‎01-18-2020 05:03 PM

I put label.

0 Karma
Reply

bsaujla131984
Path Finder
‎01-18-2020 06:06 PM

can you copy your answer her again please?

0 Karma
Reply

to4kawa
Ultra Champion
‎01-18-2020 07:21 PM 
|tstats count prestats=t where index=win_perf host=A OR host=B OR host=C OR host=D by host _time span=1d
| timechart count by host
0 Karma
Reply

bsaujla131984
Path Finder
‎01-18-2020 07:29 PM

I am getting following error :-

Error in 'TsidxStats': WHERE clause is not an exact query

0 Karma
Reply

to4kawa
Ultra Champion
‎01-18-2020 08:29 PM

my answer amended, please confirm.

Reply

to4kawa
Ultra Champion
‎01-18-2020 01:22 AM

amended:

|tstats count prestats=t where index=win_perf by host _time span=1d
| timechart count by host

check this results and modify query.

Reply

bsaujla131984
Path Finder
‎01-18-2020 01:16 AM

Actually I have got the search to display the servers which have been running for more than 60 days, however I am trying to get the count of servers which are running for more than 60 days..

Search to display up time is as below:-

index = win_perf host= A OR host=B OR host=C OR host=D | eval Uptime_Days = System_Up_Time/86400 | chart max(Uptime_Days) as "System Uptime in Days" by host

What I want to know the count of servers running more than 60 days ... I am trying following :-

index = win_perf host= A OR host=B OR host=C OR host=D | eval Uptime_Days = System_Up_Time/86400 | stats count by host | where Uptime_Days>60

However I am not getting any result back...

0 Karma
Reply

to4kawa
Ultra Champion
‎01-17-2020 08:24 PM

Splunk App for Windows Infrastructure Reference

How about using it?

0 Karma
Reply
Get Updates on the Splunk Community!

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...

.conf24 | Personalize your .conf experience with Learning Paths!

Personalize your .conf24 Experience Learning paths allow you to level up your skill sets and dive deeper ...

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...