Calculating Splunk License Usage Based on a condit...

anandhalagaras1 · ‎04-08-2021

Hi Team,

I am aware that we can able to pull the license usage stats in splunk for index, host and sourcetype for a day. But whereas I want to pull the license usage stats in GB for last 30 days.

I have two requirement seperately to pull the exact license usage stats for last 30 days in Splunk.

1.)The first one would be based on the app and severity of how much logs are ingested in GB for last 30 days for both the index.

index=abc OR index=xyz app IN (splunk,"Splunk-Daemon") severity=informational

================================================================================

2.) The second condition would be based on a index for two sourcetypes with a particular keyword.

2.) index=abc sourcetype IN ("efg","ijk") "www.splunk.com*"

So for each requirement how can I be able to pull the license usage in Splunk for last 30 days. Kindly help on the same.

anandhalagaras1 · ‎04-15-2021

Hi Team,

Can anyone help on my query please.

anandhalagaras1 · ‎04-08-2021

Can anyone help on my query please.

Calculating Splunk License Usage Based on a condition

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Monitoring AI Agents with Splunk Observability Cloud

[Puzzles] Solve, Learn, Repeat: Tiling

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

Join the Conversation