Solved: Monitoring disk space

steveo2 · ‎06-29-2020

Hi, I'm using the following search to monitor disk space. I have 2 partitions, drive D and E. I am only returning results for drive D. I would have expected results for both. Any thoughts are appreciated. thanks

| rest splunk_server=Splunk01 /services/server/status/partitions-space | eval free = if(isnotnull(available), available, free) | eval usage = round((capacity - free) / 1024, 2) | eval capacity = round(capacity / 1024, 2) | eval compare_usage = usage." / ".capacity | eval pct_usage = round(usage / capacity * 100, 2) | stats first(fs_type) as fs_type first(compare_usage) as compare_usage first(pct_usage) as pct_usage by mount_point | rename mount_point as "Mount Point", fs_type as "File System Type", compare_usage as "Disk Usage (GB)", capacity as "Capacity (GB)", pct_usage as "Disk Usage (%)"

richgalloway · ‎06-29-2020

When you run the rest command by itself, do you see both mount points?

BTW, the rename command references the capacity field, but that field was discarded by stats.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway · ‎06-29-2020

When you run the rest command by itself, do you see both mount points?

BTW, the rename command references the capacity field, but that field was discarded by stats.

---
If this reply helps you, Karma would be appreciated.

Monitoring disk space

eval

Splunk Observability Synthetic Monitoring - Resolved Incident on Detector Alerts

Video | Tom’s Smartness Journey Continues

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?