This relies on the search posted earlier: This will display storage and license usage broken down by groups, predefined in the chargeback app customers.csv
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 |
<form> <label>License and Storage Usage</label> <fieldset submitButton="false"> <input type="dropdown" token="grouppicker"> <label>Group</label> <choice value="Group1">Group1</choice> <choice value="Group2">Group2</choice> <choice value="Group3">Group3</choice> <choice value="Group4">Group4</choice> <choice value="Group5">Group5</choice> <choice value="Group6">Group6</choice> <choice value="*">All Groups</choice> <default>*</default> </input> </fieldset> <row> <panel> <title>All Storage Usage</title> <single> <search> <query>| inputlookup size_license_group_usage.csv | search group=$grouppicker$ | stats sum(currentDBSizeMB) AS SplunkIndexSizeMB | eval SplunkIndexSize=case( SplunkIndexSizeMB>=(1024*1024),round(SplunkIndexSizeMB/(1024*1024),2)."TB", SplunkIndexSizeMB>=(1024),round(SplunkIndexSizeMB/(1024),2)."GB", 1=1,SplunkIndexSizeMB."B") | fields SplunkIndexSize</query> <earliest>-24h@h</earliest> <latest>now</latest> <sampleRatio>1</sampleRatio> </search> <option name="drilldown">none</option> <option name="rangeColors">["0x53a051","0x0877a6","0xf8be34","0xf1813f","0xdc4e41"]</option> <option name="refresh.display">progressbar</option> </single> </panel> <panel> <title>Yesterday's License Usage</title> <single> <search> <query>| inputlookup size_license_group_usage.csv | search group=$grouppicker$ | rename sum(Yesterday) AS ydaydata | stats sum(ydaydata) as ydaydata | eval volume_converted=case( ydaydata>=(1024),round(ydaydata/(1024),2)."TB", 1=1,round(ydaydata,2)."GB") | rename volume_converted AS "Yesterday's License Usage" | fields "Yesterday's License Usage"</query> <earliest>-24h@h</earliest> <latest>now</latest> <sampleRatio>1</sampleRatio> </search> <option name="drilldown">none</option> <option name="rangeColors">["0x53a051","0x0877a6","0xf8be34","0xf1813f","0xdc4e41"]</option> <option name="refresh.display">progressbar</option> </single> </panel> </row> <row> <panel> <title>License and Storage for Selected Group by Index</title> <table> <search> <query>| inputlookup size_license_group_usage.csv | search group=$grouppicker$ | rename sum(Average) AS "Average GB License Daily" | rename sum(Yesterday) AS "Yesterdays GB License Usage" | eval "Index Storage Usage MB" = tostring(currentDBSizeMB, "commas") | fields group indexname "Average GB License Daily" "Yesterdays GB License Usage" "Index Storage Usage MB"</query> <earliest>-24h@h</earliest> <latest>now</latest> <sampleRatio>1</sampleRatio> </search> <option name="count">100</option> <option name="dataOverlayMode">none</option> <option name="drilldown">none</option> <option name="percentagesRow">false</option> <option name="rowNumbers">false</option> <option name="totalsRow">false</option> <option name="wrap">true</option> <format type="number" field="Average GB License Daily"></format> <format type="number" field="Yesterdays GB License Usage"></format> <format type="color" field="group"> <colorPalette type="sharedList"></colorPalette> <scale type="sharedCategory"></scale> </format> </table> </panel> </row> </form> |
