Getting Data In
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do I know the title of my system index

aohls
Contributor
‎07-18-2019 11:29 AM

I have read through the documentation and still feel that I am missing something with creating an index summary. I want to use sistats and have my data setup how I want it to generate the index summary. How would I know what the summary is named or how do I generate an index summary for where my data will get stored. I might have missed a key point but I done see how if I use sistats I know how to reference my data.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

adonio
Ultra Champion
‎07-18-2019 01:07 PM

a summary index is just like any other index
for creating, setting, and all other purposes

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

adonio
Ultra Champion
‎07-18-2019 01:07 PM

a summary index is just like any other index
for creating, setting, and all other purposes

0 Karma
Reply
Solved! Jump to solution

aohls
Contributor
‎07-19-2019 05:57 AM

So at the end of the search if I have sistats. How would I then search that index? I might need to read up on indexing more but I am looking to speed searching the data. Using sistats seems that it would allow me to search just that data but I am not sure how I would then search it after. Is it more of a behind the scenes item where my search will simply be faste?

0 Karma
Reply
Solved! Jump to solution

aohls
Contributor
‎07-19-2019 07:44 AM

@adonio thank you. I checked these before and it clicked better this time. Will this persist data also? We have about a 3 month limit. I am creating a manual dataset to persist for a longer timerange. Do indexes keep data longer also or only accelerate reporting?

0 Karma
Reply
Solved! Jump to solution

adonio
Ultra Champion
‎07-19-2019 07:56 AM

you can set index to whatever retention period you want
retention is limited by either time or size, whatever comes first

0 Karma
Reply
Solved! Jump to solution

aohls
Contributor
‎07-19-2019 08:56 AM

This makes a lot more sense thank you. I think half the confusion has come from me not having the access to create an index.

0 Karma
Reply
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...
Top