Monitoring Splunk
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Splunk Disk Reporting Incorrect

trevor_dunstan8
Explorer
‎10-13-2020 08:56 PM

Hi all,

I am running a Splunk 7.3.0 distributed / clustered environment and I have noticed that the DMC is reporting that disk usage on my indexers is high ie around the 85% mark, however Windows Server 2016 says that it is around 65% as per attached screenshot. Its mainly the F drive as far as I can tell.

Disk usage was high previously however I then implemented retention policies on the indexes which cleared out a large amount of data, is it possible the DMC is caching an old value and is not updating ? I have restarted the Cluster master node and we have rebooted the index cluster since then I believe.

 

Any info would be great,

 

Thanks 

Labels (2)
Labels
Preview file
16 KB
0 Karma
Reply

trevor_dunstan8
Explorer
‎10-14-2020 06:50 PM

I thought that the Indexing cluster had been restarted but obviously not, storage figures reported correctly in DMC after cluster restart

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎10-13-2020 10:58 PM
At lest in linux version you must restart splunk after you have added/increased FS/LVM/Disks. Without restart REST queries didn't show those correctly.
r. Ismo
0 Karma
Reply

trevor_dunstan8
Explorer
‎10-14-2020 06:23 PM

We haven't extended the disks on the servers so that solution doesn't apply to us.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

    Thursday, July 9, 2026  |  11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...