Splunk ITSI
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk ITSI : How to configure CPU and Memory Utilization and disk usage KPI's?

Dinesh_Raja
Path Finder
‎08-10-2018 04:21 AM

I m new to ITSI, I would like to configure CPU & Memory Utilization, Disk usage KPI's on ITSI. Kindly let me know the steps from scratch/document which will help to achieve the same.

Thanks.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

skoelpin
SplunkTrust
SplunkTrust
‎08-10-2018 05:31 AM

You should try to use the least amount of searches as possible to get the values, you can use base searches to achieve this. If you're new to ITSI then perhaps you should experiment with adhoc searches first sense they are easier and will give faster time to value. First you create a new service Configure > Services then you need to create the 3 KPI's to that service. You need the searches for this. Then you can set thresholds.

View solution in original post

Reply
Solved! Jump to solution
Solution

skoelpin
SplunkTrust
SplunkTrust
‎08-10-2018 05:31 AM

You should try to use the least amount of searches as possible to get the values, you can use base searches to achieve this. If you're new to ITSI then perhaps you should experiment with adhoc searches first sense they are easier and will give faster time to value. First you create a new service Configure > Services then you need to create the 3 KPI's to that service. You need the searches for this. Then you can set thresholds.

Reply
Solved! Jump to solution

Dinesh_Raja
Path Finder
‎08-10-2018 05:57 AM

Thank you @skoelpin , it really helps.

0 Karma
Reply
Solved! Jump to solution

skoelpin
SplunkTrust
SplunkTrust
‎08-10-2018 06:52 AM

Glad to help. Did this answer your question? If so can you accept it to close it out? If not then feel free to ask additional questions and Id be happy to help

0 Karma
Reply
Solved! Jump to solution

sapanda
Path Finder
‎01-30-2019 01:55 AM

hello @skoelpin ,

I also have the same situation.

I have configured a new service( Name : Test Service) and associated a Windows and a Linux CI as entities to the same. Then I created 2 KPIs( CPU for Windows and Memory for Linux) using Ad hoc searches. But after then when i check the Service Analyzer , I am expecting to see my service in the same, but I am not able to see it. Any suggestions?

Thanks,
Sapan

0 Karma
Reply
Solved! Jump to solution

skoelpin
SplunkTrust
SplunkTrust
‎01-30-2019 06:17 AM

Open a new question and I will answer it

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Search APIを使えば調査過程が残せます

   このゲストブログは、JCOM株式会社の情報セキュリティ本部・専任部長である渡辺慎太郎氏によって執筆されました。 Note: This article is published in both Japanese ...

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

 Splunk is More Than Just the Web Console For Digital Forensics and Incident Response (DFIR) practitioners, ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...