Why is daily EPS get less?

Mien · ‎10-22-2023

Hi,

May I know, why is daily EPS on specific date get less than usually?

Is there any factor or cause to the less EPS count?

Thank you.

gcusello · ‎10-22-2023

Hi @Mien ,

your question is just a little vague:

which days are you comparing?

which data source?

there could be many factors.

Ciao.

Giuseppe

Mien · ‎10-22-2023

Hi @gcusello

For example, in a week, (average EPS). 18th Oct and 19th Oct got less than the actual. Meanwhile, on 15 Oct, 16 Oct, 17th Oct, 20th Oct and 21st Oct data looks normal.

The data source, /opt/splunk/var/log/splunk/metrics.log

gcusello · ‎10-22-2023

Hi @Mien,

if the days in which you're receiving less data aren't the weekend, you should analyze if in that days there are some scheduled activities or a downtime of that systems.

In addition, you should analyze if this behaviour is all weeks or only in one.

then compare /opt/splunk/var/log/splunk/metrics.log file dimensions to understand if the issue is on Splunk or on the system.

Ciao.

Giuseppe

Why is daily EPS get less?

count

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Network to App: Observability Unlocked [May & June Series]

Join the Conversation

Why is daily EPS get less?

count

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Network to App: Observability Unlocked [May & June Series]