All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk for k8s - please review savedsearches.conf and add default time range constraints

guilmxm
Influencer
‎06-07-2018 08:43 AM

Hello,

Reviewing the new Splunk for k8s addon, you could please review the savedsearches.conf and add a minimal default earliest and latest timerange to the searches ?

For example:

dispatch.earliest_time = -24h
dispatch.latest_time = now

Currently the searches will run over All time by default since only the search definition exist on a per stanza statement.
That is not good practices for customers.

Kind regards,

Guilhem

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

mattymo
Splunk Employee
Splunk Employee
‎06-07-2018 09:21 AM

Hey Guilmxm!

Thanks for pointing this out. I provided the same feedback and am working with the team to clean up :).

Will report back once it is done. Also feel free to provide any other feedback you might have!

Matt

- MattyMo

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

mattymo
Splunk Employee
Splunk Employee
‎06-07-2018 09:21 AM

Hey Guilmxm!

Thanks for pointing this out. I provided the same feedback and am working with the team to clean up :).

Will report back once it is done. Also feel free to provide any other feedback you might have!

Matt

- MattyMo
0 Karma
Reply
Get Updates on the Splunk Community!

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...