Performance data is a type of operating system data that is captured from operating systems (OS) like Windows, Linux, macOS and Unix. Regardless of which OS is used, an OS performs the crucial role of managing requests from and provisioning resources for the applications installed on them.
Data visibility
Monitoring the performance of the OS is crucial because resources such as memory, compute, and storage affect the performance of the applications that rely on these resources. For this reason, general application data is often associated with OS performance for IT Ops use cases, such as Mean Time to Identify (MTTI) and Mean Time to Resolve (MTTR).
High-value fields
In the Common Information Model, performance data is typically mapped to the Performance Data model. This data type has many available datasets, but users typically derive the most value out of the datasets listed here.
CPU
Amount of CPU load/consumption on the OS.
Memory
Amount of memory load/consumption of the OS.
Storage
Amount of storage load/consumption of the OS.
Known data sources and source types
Guidance for onboarding data can be found in the Splunk documentation, Getting Data In.
|
Data Source |
Sourcetype |
Recommend Add-Ons |
|
Windows OS |
There are many available sourcetypes, depending on what data you need. Listed below are the sourcetypes for CPU, memory, and storage.
|
|
|
*nix / macOS |
There are many available sourcetypes, depending on what data you need. Listed below are the sourcetypes for CPU, memory, and storage.
|
Comments
0 comments
Please sign in to leave a comment.