Hi, please help me asap if possible. I'm using spl...

Rody333 · ‎04-27-2018

I'm using splunk could and having access to search head. Is there any search query to find out indexing and EPS rate.

elliotproebstel · ‎04-27-2018

Here are some queries supplied by @martin_mueller in an older post.

 index=_internal component=metrics TERM(group=thruput) | timechart per_second(ev) by splunk_server
 index=_internal component=metrics TERM(group=thruput) | timechart avg(instantaneous_eps) by splunk_server

He suggests that the two may produce very different metrics if your server isn't on all day.

elliotproebstel · ‎05-02-2018

Have you had a chance to try these queries? Did they work for you?

Rody333 · ‎05-02-2018

Yes, I got results. Just to confirm: 1st query is to get indexing rate in kbps and 2nd query is to get "event per second'. Please correct me.

elliotproebstel · ‎05-03-2018

According to @martin_mueller, both of these should be outputting events per second.

Rody333 · ‎05-03-2018

okay, but both giving different results like 1st query giving 200,210 etc and 2nd query giving 3,4, etc. I'm little confused which 1 to agree for.

somesoni2 · ‎04-27-2018

Do you've DMC configured on your search head? If you do, you can see all metrics about indexing in the indexing performance dashboard in there.
http://docs.splunk.com/Documentation/Splunk/7.0.3/DMC/IndexingDeployment

Rody333 · ‎05-02-2018

I don't have privilege for DMC.. only I have is Search head with limited privilege. So, if you can help me with any search query can get me desired result.

Hi, please help me asap if possible. I'm using splunk could and having access to search head. Is there any search query to find out indexing and EPS rate.

Introducing Splunk Enterprise 9.2

Adoption of RUM and APM at Splunk

Routing logs with Splunk OTel Collector for Kubernetes