Overview Dashboard

About the Overview (Beta) dashboard

The Overview (Beta) dashboard provides an intuitive and organized view of your metrics, making your data more actionable.

If you need to access the legacy Overview dashboard, it is available through a link at the top of this dashboard.

Note: Beta features described in this document are provided by Splunk to you "as is" without any warranties, maintenance and support, or service-level commitments. Splunk makes this Beta feature available at its sole discretion and may discontinue it at any time. These documents are not yet publicly available and we ask that you keep this information confidential. Use of Beta features is subject to the Splunk Pre-Release Agreement for Hosted Services.

What does this dashboard show?

Get a summary of your deployment's most important metrics using the Overview dashboard:

View a summary of your deployment's license entitlements and understand your resource usage with status indicators for each license entitlement metric.
Personalize your dashboard and choose the metrics that are most important to your users.
Access action items such as Refresh and Open in search in each metric's ellipses menu.
Provide feedback to the Splunk MC team using the Feedback button.
Monitor forwarders and get alerts when forwarders are missing.

How the dashboard works

The MC monitors key metrics in the background. Each metric card includes a tooltip with more information on the metric, and a link to its respective dashboard.

In standalone deployments, all searches are run against the local Splunk server.

In distributed deployments, searches are run against servers that have been assigned the following default Splunk search groups:


Metric	Monitored group
Indexing rate	dmc_group_indexer
Peers searchable, Indexes searchable, Bucket copies, Raw data size in replicated indexes	dmc_group_cluster_master
License usage, License peer warnings	dmc_group_license_master
Search metrics	dmc_group_search_head
Kvstore	dmc_group_kv_store

View and customize your top metrics view

Your dashboard selections apply to your own view of the Overview dashboard. Other users can choose their own panels according to their own preferences. Different metrics are available depending on your deployment's architecture.

Select Add or remove metrics to choose which metrics to track on the Overview dashboard:


Tracked Metric	Architecture	Description
License usage	Both	Shows your organization's current license usage as a percentage of the total amount. See Indexing: License Usage.
License peers with warnings	Distributed	The number of license peers at least one hard warning, and which may be in danger of a license violation. For more information about warnings, see What is a license warning?.
Average indexing rate	Both	The average indexer throughput across all indexers, in KB per second.
Peers searchable	Distributed	The number of indexer peers that are currently participating in searches. A lower number indicates that some indexer peers may be unavailable. See Indexing: Indexer Clustering: Status
Indexes searchable	Distributed	The number of searchable indexes reflects the searchability of data stores across all indexes in your cluster. Indexes may not be searchable when the data is unavailable or when the indexing process is experiencing issues.
Bucket copies	Distributed	The total number of bucket copies, aggregated across all cluster peers. See Buckets and indexer clusters.
Rawdata size in replicated indexes	Distributed	The amount of all compressed rawdata in replicated indexes. See Data files.
No. of missing forwarders	Both	Requires attention when forwarders do not have indexer connection in the past 15 minutes.
Disk usage	Standalone	Shows the average throughput across all indexes in KB per second. See Indexing Performance: Deployment.
CPU usage	Distributed	A bar graph showing the health of CPU usage by server group. The instances may be Healthy, in a Warning state, in a Critical state, or Unknown. An unknown state indicates connection issues.
Memory usage	Distributed	A bar graph showing the health of memory usage by server group. The instances may be Healthy, in a Warning state, in a Critical state, or Unknown. An unknown state indicates connection issues.
CPU usage - All processes	Standalone	The percentage of CPU being used by all processes. 100% is equal to 1 CPU core.
Memory usage - All processes	Standalone	The percentage of memory being used by all processes.
CPU Usage - Splunk Enterprise	Standalone	The percentage of CPU being used by Splunk Enterprise processes only. 100% is equal to 1 CPU core.
Memory Usage - Splunk Enterprise	Standalone	The percentage of memory being used by Splunk Enterprise processes only.
Concurrent searches	Both	The total search concurrency, aggregated across all search heads. High numbers of concurrent searches can impact performance. See How concurrent users and searches impact performance.
Average concurrent searches	Both	The total search concurrency, averaged across all search heads.

Optimization resources

See the Optimization resources section at the bottom of the dashboard for more information on how to optimize deployment resources.

See Workload Management Overview for information on applying configurations to prioritize and manage search workloads.