Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What does the "Value" variable in my memory collection logs mean?

drizzo
Path Finder
‎07-24-2017 09:56 AM

When I enter In my the following into my Search... 

 index=* host=* sourcetype="Perfmon"Memory" collection=Memory object=Memory counter="% Committed Bytes In Use"

I receive logs containing information about memory usage. However, there is a variable called, Value. I'm assuming it has to do something with how many bytes are being committed... maybe? It would have to be too low of an actual value though; just seven bytes being used? Impossibly small.

My end goal is to have a Time Chart of all the PC on my network with memory usage from the past 24 hours.

I tried to look this up through Splunk Answers, Splunk Docs, and Window's Technet, but with no avail. Any assistance would be lovely.

Example of Log: 

07/24/2017 12:43:45.233 -0400
collection=Memory
object=Memory
counter="% Committed Bytes in Use"
instance=0
Value=7.0622917708150004
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

niketn
Legend
‎07-24-2017 10:41 AM

Since the performance counter you have chosen is % Committed Bytes In Use, a Value of 7.06% is the percent of total memory available. Windows Technet has details on this: https://blogs.technet.microsoft.com/askperf/2008/01/25/an-overview-of-troubleshooting-memory-issues/.

You can also compare these values/performance counters using Performance Monitor in Windows Start > run > perfmon

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

View solution in original post

Reply
Solved! Jump to solution
Solution

niketn
Legend
‎07-24-2017 10:41 AM

Since the performance counter you have chosen is % Committed Bytes In Use, a Value of 7.06% is the percent of total memory available. Windows Technet has details on this: https://blogs.technet.microsoft.com/askperf/2008/01/25/an-overview-of-troubleshooting-memory-issues/.

You can also compare these values/performance counters using Performance Monitor in Windows Start > run > perfmon

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...