Re: Why is daily EPS get less?

Mien · ‎10-22-2023

Hi,

May I know, why is daily EPS on specific date get less than usually?

Is there any factor or cause to the less EPS count?

Thank you.

gcusello · ‎10-22-2023

Hi @Mien ,

your question is just a little vague:

which days are you comparing?

which data source?

there could be many factors.

Ciao.

Giuseppe

Mien · ‎10-22-2023

Hi @gcusello

For example, in a week, (average EPS). 18th Oct and 19th Oct got less than the actual. Meanwhile, on 15 Oct, 16 Oct, 17th Oct, 20th Oct and 21st Oct data looks normal.

The data source, /opt/splunk/var/log/splunk/metrics.log

gcusello · ‎10-22-2023

Hi @Mien,

if the days in which you're receiving less data aren't the weekend, you should analyze if in that days there are some scheduled activities or a downtime of that systems.

In addition, you should analyze if this behaviour is all weeks or only in one.

then compare /opt/splunk/var/log/splunk/metrics.log file dimensions to understand if the issue is on Splunk or on the system.

Ciao.

Giuseppe

Why is daily EPS get less?

count

Index This | When is October more than just the tenth month?

Observe and Secure All Apps with Splunk

What’s New & Next in Splunk SOAR

Are you a member of the Splunk Community?

Why is daily EPS get less?

count

Index This | When is October more than just the tenth month?

Observe and Secure All Apps with Splunk

What’s New & Next in Splunk SOAR