Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Query Mountpoint monitoring via splunk

aparnaa
Path Finder
‎11-05-2016 01:16 AM

Hi All

Can you please let me know if we can monitor mount point via splunk , if yes please let me know what changes are required
OS : Windows

We have mount points in DB servers and want to monitor them also

Thanks,
aparna

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

aparnaa
Path Finder
‎11-05-2016 02:49 AM

I did some more checking and found that because of the below details in input.conf file, mount point details where already showing up
File system names were listed in "instance" field

[perfmon://Free Disk Space]
counters = Free Megabytes;% Free Space
disabled = 0
instances = *
interval = 120
object = LogicalDisk
index = _infra_index

Below query showed free space details
index=infra source="Perfmon:Free Disk Space" instance!=_Total counter="% Free Space"| table host,counter,instance,Value | dedup host,counter,instance,Value | eval Free_space=round(Value,2) | Where Free_space < 25 | rename instance as "Disk Drive" Free_space as "Free Space %" | fields - Value,counter

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

aparnaa
Path Finder
‎11-05-2016 02:49 AM

I did some more checking and found that because of the below details in input.conf file, mount point details where already showing up
File system names were listed in "instance" field

[perfmon://Free Disk Space]
counters = Free Megabytes;% Free Space
disabled = 0
instances = *
interval = 120
object = LogicalDisk
index = _infra_index

Below query showed free space details
index=infra source="Perfmon:Free Disk Space" instance!=_Total counter="% Free Space"| table host,counter,instance,Value | dedup host,counter,instance,Value | eval Free_space=round(Value,2) | Where Free_space < 25 | rename instance as "Disk Drive" Free_space as "Free Space %" | fields - Value,counter

0 Karma
Reply
Solved! Jump to solution

aparnaa
Path Finder
‎11-05-2016 01:51 AM

I found these in my input.conf but wasnt sure which actually monitors mount point
[perfmon://Free Disk Space]
counters = Free Megabytes;% Free Space
disabled = 0
instances = *
interval = 120
object = LogicalDisk
index = infra_index

[perfmon://PhysicalDisk]
counters = Avg. Disk Read Queue Length; Avg. Disk Write Queue Length; Avg. Disk sec/Read; Avg. Disk sec/Write; Avg. Disk Bytes/Read; Avg. Disk Bytes/Write
disabled = 0
instances = _Total
interval = 120
object = PhysicalDisk
index = infra_index

0 Karma
Reply
Get Updates on the Splunk Community!

October Community Champions: A Shoutout to Our Contributors!

As October comes to a close, we want to take a moment to celebrate the people who make the Splunk Community ...

Community Content Calendar, November Edition

Welcome to the November edition of our Community Spotlight! Each month, we dive into the Splunk Community to ...

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...