Monitoring Splunk
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

IOPS reported by bonnie++ and Splunk Monitoring console

koshyk
Super Champion
‎11-09-2017 02:08 AM

One of our client have 10K HDD in RAID10 and as per Bonnie++ Random Seeks (IOPS) comes to approx 1500 IOPS and wanted to build a dashboard for IOPS and disk usage. I was thinking to re-use the Monitoring console searches

But when I look into the Monitoring Console or DMC, the results show some Indexers of 6000 IOPS !! which is Not possible. Is this a problem with the Splunk api or does this involve RAM assistance?

the query used in DMC is:

| rest splunk_server_group=* splunk_server_group="*" /services/server/status/resource-usage/iostats   | eval iops = round(reads_ps + writes_ps)
0 Karma
Reply

nnmiller
SplunkTrust
SplunkTrust
‎12-18-2017 11:07 AM

You can't sum these as you have in your query, since they are IOPS per disk. From the /services/server/status/resource-usage/iostats docs page:

Access the most recent disk I/O statistics for each disk. This endpoint is currently supported for Linux, Windows, and Solaris. By default this endpoint is updated every 60s seconds.

Running:

splunk cmd splunkd instrument-resource-usage --debug > some_log_file.log 2>&1

shows that these stats come from /proc/diskstats

(HT: blachance_splunk)

Reply
Get Updates on the Splunk Community!

Splunk Enterprise Security: Your Command Center for PCI DSS Compliance

Every security professional knows the drill. The PCI DSS audit is approaching, and suddenly everyone's asking ...

Developer Spotlight with Guilhem Marchand

From Splunk Engineer to Founder: The Journey Behind TrackMe    After spending over 12 years working full time ...

Cisco Catalyst Center Meets Splunk ITSI: From 'Payments Are Down' to Root Cause in ...

The Problem: When Networks and Services Don't Talk Payment systems fail at a retail location. Customers are ...