Overview Dashboard

About the Overview (Beta) dashboard

The Overview (Beta) dashboard provides an intuitive and organized view of your metrics, making your data more actionable.

If you need to access the legacy Overview dashboard, it is available through a link at the top of this dashboard.

Note: Beta features described in this document are provided by Splunk to you "as is" without any warranties, maintenance and support, or service-level commitments. Splunk makes this Beta feature available at its sole discretion and may discontinue it at any time. These documents are not yet publicly available and we ask that you keep this information confidential. Use of Beta features is subject to the Splunk Pre-Release Agreement for Hosted Services.

What does this dashboard show?

Get a summary of your deployment's most important metrics using the Overview dashboard:

  • View a summary of your deployment's license entitlements and understand your resource usage with status indicators for each license entitlement metric.

  • Personalize your dashboard and choose the metrics that are most important to your users.

  • Access action items such as Refresh and Open in search in each metric's ellipses menu.

  • Provide feedback to the Splunk MC team using the Feedback button.

  • Monitor forwarders and get alerts when forwarders are missing.

How the dashboard works

The MC monitors key metrics in the background. Each metric card includes a tooltip with more information on the metric, and a link to its respective dashboard.

In standalone deployments, all searches are run against the local Splunk server.

In distributed deployments, searches are run against servers that have been assigned the following default Splunk search groups:
Metric Monitored group
Indexing rate dmc_group_indexer
Peers searchable, Indexes searchable, Bucket copies, Raw data size in replicated indexes dmc_group_cluster_master
License usage, License peer warnings dmc_group_license_master
Search metrics dmc_group_search_head
Kvstore dmc_group_kv_store

View and customize your top metrics view

Your dashboard selections apply to your own view of the Overview dashboard. Other users can choose their own panels according to their own preferences. Different metrics are available depending on your deployment's architecture.

Select Add or remove metrics to choose which metrics to track on the Overview dashboard:

Tracked Metric Architecture Description
License usage Both Shows your organization's current license usage as a percentage of the total amount. See Indexing: License Usage.
License peers with warnings Distributed The number of license peers at least one hard warning, and which may be in danger of a license violation. For more information about warnings, see What is a license warning?.
Average indexing rate Both The average indexer throughput across all indexers, in KB per second.
Peers searchable Distributed The number of indexer peers that are currently participating in searches. A lower number indicates that some indexer peers may be unavailable. See Indexing: Indexer Clustering: Status
Indexes searchable Distributed The number of searchable indexes reflects the searchability of data stores across all indexes in your cluster. Indexes may not be searchable when the data is unavailable or when the indexing process is experiencing issues.
Bucket copies Distributed The total number of bucket copies, aggregated across all cluster peers. See Buckets and indexer clusters.
Rawdata size in replicated indexes Distributed The amount of all compressed rawdata in replicated indexes. See Data files.
No. of missing forwarders Both Requires attention when forwarders do not have indexer connection in the past 15 minutes.
Disk usage Standalone Shows the average throughput across all indexes in KB per second. See Indexing Performance: Deployment.
CPU usage Distributed A bar graph showing the health of CPU usage by server group. The instances may be Healthy, in a Warning state, in a Critical state, or Unknown. An unknown state indicates connection issues.
Memory usage Distributed A bar graph showing the health of memory usage by server group. The instances may be Healthy, in a Warning state, in a Critical state, or Unknown. An unknown state indicates connection issues.
CPU usage - All processes Standalone The percentage of CPU being used by all processes. 100% is equal to 1 CPU core.
Memory usage - All processes Standalone The percentage of memory being used by all processes.
CPU Usage - Splunk Enterprise Standalone The percentage of CPU being used by Splunk Enterprise processes only. 100% is equal to 1 CPU core.
Memory Usage - Splunk Enterprise Standalone The percentage of memory being used by Splunk Enterprise processes only.
Concurrent searches Both The total search concurrency, aggregated across all search heads. High numbers of concurrent searches can impact performance. See How concurrent users and searches impact performance.
Average concurrent searches Both The total search concurrency, averaged across all search heads.

Optimization resources

See the Optimization resources section at the bottom of the dashboard for more information on how to optimize deployment resources.

See Workload Management Overview for information on applying configurations to prioritize and manage search workloads.