Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to estimate number of days left for disk to full?

venky1544
Builder
‎07-10-2023 03:43 AM

Hi 

i have dataset where data is ingested into  splunk once a day at 5PM everyday

Below is the dataset  USED_SPACE and TOTAL SPACE are in MB 

date=10/07/2023 17:00:00 drive=HD USED_SPACE=10 TOTAL_space=100

date=09/07/2023 17:00:00 drive=HD USED_SPACE=12 TOTAL_space=100

date=08/07/2023 17:00:00 drive=HD USED_SPACE=13 TOTAL_space=100

date=07/07/2023 17:00:00 drive=HD USED_SPACE=10 TOTAL_space=100

Based on the growth of the used_space per day i want to calculate the days left for the drive to reach TOTAL space basically in how many days would it reach for Total space need a separate column as days remaining 

 

Labels (1)
Labels
0 Karma
Reply

GaetanVP
Contributor
‎07-10-2023 04:12 AM

Hello @venky1544,

I do not understand 100% of your problem,

How exactly do you receive / ingest the data ? Once a day you will have a new line inside your dataset ? Would you be able to share a screenshot of a Splunk Search where you display those data ? 

Also I am surprise that your USED_SPACE does not grows from 07 to 10, it goes 10 to 13 to 10MB again ?

Regards,

GaetanVP

0 Karma
Reply

venky1544
Builder
‎07-10-2023 05:17 AM

Hi @GaetanVP 

the data is coming from a file. its once  a day so everyday you will have a new line appended to the file why the surprise, space in a drive doesn't mean it should always go linearly from 7  to 10. somedays some might copy total 13MB of files someday some might copy and delete so space in disk would change to 10MB 

i hope it clears your confusion

Thanks

 

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎07-10-2023 04:33 AM

Hi

you could use splunk to predict used disk space. See function predict from command documentation and there are some examples on net/community. 
r. Ismo 

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...