Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Is it possible to search Splunk for list of concurrent searches usage over time?

Motoko89
Path Finder
‎05-26-2017 02:09 PM

Hello, is it possible to search Splunk for list of concurrent searches usage over time by searching internal log?

Similar to this question for daily license usage:
https://answers.splunk.com/answers/68036/daily-license-usage-query.html

0 Karma
Reply

niketn
Legend
‎05-26-2017 02:52 PM

Refer to @somesoni2's answer for the same: https://answers.splunk.com/answers/381951/monitor-concurrent-searches.html

 index=_internal sourcetype=splunkd source=*metrics.log group=search_concurrency
____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma
Reply

adonio
Ultra Champion
‎05-26-2017 05:06 PM

or use the DMC (after 6.5.0 its called MC)

0 Karma
Reply

Richfez
SplunkTrust
SplunkTrust
‎05-26-2017 08:16 PM

Converted to answer, because I think it's an answer. 🙂

Also, perhaps to add to that just a tiny bit:

index=_internal sourcetype=splunkd source=*metrics.log group=search_concurrency earliest=-1w
| timechart max(active_hist_searches), max(active_realtime_searches)

Which will show the last week's worth. Do line chart.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Shape the Future of Splunk: Join the Product Research Lab!

Join the Splunk Product Research Lab and connect with us in the Slack channel #product-research-lab to get ...