Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Getting "DMC Alert - Near Critical Disk Usage"

schlote
Engager
‎02-16-2021 01:49 PM

We are at 91% so not immediately urgent but how do I find out why this is alerting? on one of 2 indexers. Other is at ~80 percent...

We are new to splunk, been running for a few months now. First time this alert came up.

 

0 Karma
Reply

scelikok
SplunkTrust
SplunkTrust
‎02-17-2021 06:48 AM

It depends on your total disk capacity and your setup.  In order to give some idea;

- Splunk will stop indexing and responding to searches if disk free space gets lower than 5 GB default.

- If your indexes are in those disks you should check your volume settings for indexes.

- Total volumes should be lower than total disk size.

- OS and Datamodels should be taken into account.

You can see below document;

https://docs.splunk.com/Documentation/Splunk/8.1.2/Indexer/Configureindexstoragesize 

If this reply helps you an upvote and "Accept as Solution" is appreciated.
Reply

scelikok
SplunkTrust
SplunkTrust
‎02-17-2021 05:03 AM

Hi @schlote,

They should be coming from Monitoring Console Platform alerts. The default threshold for Disk Usage is 80. You can check/edit these alerts settings on your Monitoring Console | Settings | Alert Setup page.  

If this reply helps you an upvote and "Accept as Solution" is appreciated.
Reply

schlote
Engager
‎02-17-2021 06:33 AM

Any suggestions on things to check regarding usage? 

Should I be concerned that this is filling up? or is this normal...

usage is still at 91% today so it has not increased in the last 24h.

 

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...