How to create a Search for "DBX - Input Performanc...

mninansplunk · ‎04-06-2022

Hello,

We had an issue where where a DB Input we have fell behind in fetching the events. We seen that a few days ago the "Input Jobs Median Duration over Time" chart on the "DB Connect Input Performance" Dashboard went from 0 to over 200.

Is there a Search that can be done to obtain the Median of duration? I would love to create an alert for if this happens again.

richgalloway · ‎04-06-2022

Have you tried clicking the Edit button on that dashboard and looking at the search for that panel?

---
If this reply helps you, Karma would be appreciated.

mninansplunk · ‎04-06-2022

Thanks for the help, So I went into the Source and can see the Search Query, but I get no results when I try to Search it manually. I'm thinking I need to change the format but am not sure what that would be.

pivot DBX_Job_Metrics Job_Metrics median(duration) AS "Median of duration" SPLITROW _time AS
_time PERIOD auto SPLITCOL input_name
FILTER status is COMPLETED
FILTER input_name is myinput
SORT 100 _time ROWSUMMARY 0 COLSUMMARY 0 NUMCOLS 100 SHOWOTHER 1

Thanks again,

Tom

How to create a Search for "DBX - Input Performance - Input Jobs Median Duration Time" for a DB Input?

lookup

other

stats

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector

Adoption of Infrastructure Monitoring at Splunk