Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Query to show inbound and outboud network traffic

israbenbr
Explorer
‎12-02-2021 08:01 AM

Hello everyone,

I am trying to create queries to show the max and average values of inbound and outbound network traffic (unit : Gbps) of my forwarders

I already configured the Splunk add on for unix and linux on my forwarders, but don't know which script to enable to collect the data needed

Also, i installed the Pavo network traffic app for splunk, but don't know how to configure it

For info, my splunk server is on a single instance deployment

Any ideas ? 

 

Thanks ! 

Labels (4)
0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎12-03-2021 05:10 PM

My previous response was mistaken.  To get network bandwidth, you want to enable bandwidth.sh.  It gives two fields of your interest, rxKB_PS and txKB_PS.  You need to convert them into GB per second at search time.

For questions about setting up input, the forum Getting Data In may give faster response.

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Your Guide to SPL2 at .conf24!

So, you’re headed to .conf24? You’re in for a good time. Las Vegas weather is just *chef’s kiss* beautiful in ...