Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

See Gigabytes Added to Each Index in Last 24 hours

davespatz
Explorer
‎09-19-2015 02:03 PM

Issue:

Various internal groups pay for space in Splunk based on their needs. For example, dev teams paid for 40GB's for their application logs while Exchange team paid for 20GB's per day (just two examples). I need to be able to say if one team is exceeding what they paid for internally. We will only have two indexers so I can't separate by indexer so looks like I can't create license pools either by indexer (both indexers we have are used for everything).

Question:
If I just create separate indexes for each group, how can I see how much data was added to the index each day?

Tags (1)
0 Karma
Reply

masonmorales
Influencer
‎09-19-2015 10:53 PM

If you don't like the license reports that ship with Splunk, check out: https://splunkbase.splunk.com/app/2678/

0 Karma
Reply

badrinath_itrs
Communicator
‎09-19-2015 08:27 PM

Hi,

This has been answered several times, you can always take a look into the License Usage report and can also do a split based on host, source, sourcetype and index.

Here is the detailed documentation .

http://docs.splunk.com/Documentation/Splunk/6.2.5/Admin/AboutSplunksLicenseUsageReportView

0 Karma
Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...