Monitoring Splunk
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Splunk Administration
- :
- Monitoring Splunk
- :
- Query Mountpoint monitoring via splunk
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
aparnaa
Path Finder
11-05-2016
01:16 AM
Hi All
Can you please let me know if we can monitor mount point via splunk , if yes please let me know what changes are required
OS : Windows
We have mount points in DB servers and want to monitor them also
Thanks,
aparna
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
aparnaa
Path Finder
11-05-2016
02:49 AM
I did some more checking and found that because of the below details in input.conf file, mount point details where already showing up
File system names were listed in "instance" field
[perfmon://Free Disk Space]
counters = Free Megabytes;% Free Space
disabled = 0
instances = *
interval = 120
object = LogicalDisk
index = _infra_index
Below query showed free space details
index=infra source="Perfmon:Free Disk Space" instance!=_Total counter="% Free Space"| table host,counter,instance,Value | dedup host,counter,instance,Value | eval Free_space=round(Value,2) | Where Free_space < 25 | rename instance as "Disk Drive" Free_space as "Free Space %" | fields - Value,counter
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
aparnaa
Path Finder
11-05-2016
02:49 AM
I did some more checking and found that because of the below details in input.conf file, mount point details where already showing up
File system names were listed in "instance" field
[perfmon://Free Disk Space]
counters = Free Megabytes;% Free Space
disabled = 0
instances = *
interval = 120
object = LogicalDisk
index = _infra_index
Below query showed free space details
index=infra source="Perfmon:Free Disk Space" instance!=_Total counter="% Free Space"| table host,counter,instance,Value | dedup host,counter,instance,Value | eval Free_space=round(Value,2) | Where Free_space < 25 | rename instance as "Disk Drive" Free_space as "Free Space %" | fields - Value,counter
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
aparnaa
Path Finder
11-05-2016
01:51 AM
I found these in my input.conf but wasnt sure which actually monitors mount point
[perfmon://Free Disk Space]
counters = Free Megabytes;% Free Space
disabled = 0
instances = *
interval = 120
object = LogicalDisk
index = infra_index
[perfmon://PhysicalDisk]
counters = Avg. Disk Read Queue Length; Avg. Disk Write Queue Length; Avg. Disk sec/Read; Avg. Disk sec/Write; Avg. Disk Bytes/Read; Avg. Disk Bytes/Write
disabled = 0
instances = _Total
interval = 120
object = PhysicalDisk
index = infra_index
Get Updates on the Splunk Community!
Aligning Observability Costs with Business Value: Practical Strategies
Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...
Mastering Data Pipelines: Unlocking Value with Splunk
In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...
Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0
Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a ...
