Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Query to show inbound and outboud network traffic

israbenbr
Explorer
‎12-02-2021 08:01 AM

Hello everyone,

I am trying to create queries to show the max and average values of inbound and outbound network traffic (unit : Gbps) of my forwarders

I already configured the Splunk add on for unix and linux on my forwarders, but don't know which script to enable to collect the data needed

Also, i installed the Pavo network traffic app for splunk, but don't know how to configure it

For info, my splunk server is on a single instance deployment

Any ideas ? 

 

Thanks ! 

Labels (4)
0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎12-03-2021 05:10 PM

My previous response was mistaken.  To get network bandwidth, you want to enable bandwidth.sh.  It gives two fields of your interest, rxKB_PS and txKB_PS.  You need to convert them into GB per second at search time.

For questions about setting up input, the forum Getting Data In may give faster response.

0 Karma
Reply
Get Updates on the Splunk Community!

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

The latest enhancements across the Splunk Observability portfolio deliver greater flexibility, better data and ...

Alerting Best Practices: How to Create Good Detectors

At their best, detectors and the alerts they trigger notify teams when applications aren’t performing as ...

Discover Powerful New Features in Splunk Cloud Platform: Enhanced Analytics, ...

Hey Splunky people! We are excited to share the latest updates in Splunk Cloud Platform 9.3.2408. In this ...