Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How is Max_size_kb determined

richnavis
Contributor
‎02-09-2012 02:44 PM

I am looking to troubleshoot performance problems (Indexing latency) on my splunk indexers. I noticed that there is a lot of blocking, apparently due to the max_size_kb being reached on the indexqueue. I am not seeing any disk latency, so not sure why this is happening..

Anyone know how the max_size_kb is determined, and if it is changeable?

Reply
1 Solution
Solved! Jump to solution
Solution

ChrisG
Splunk Employee
Splunk Employee
‎02-10-2012 08:37 AM

Yes, it's in the queue settings of $SPLUNK/etc/system/local/server.conf (see http://docs.splunk.com/Documentation/Splunk/4.3/Admin/Serverconf for reference).

View solution in original post

Reply
Solved! Jump to solution
Solution

ChrisG
Splunk Employee
Splunk Employee
‎02-10-2012 08:37 AM

Yes, it's in the queue settings of $SPLUNK/etc/system/local/server.conf (see http://docs.splunk.com/Documentation/Splunk/4.3/Admin/Serverconf for reference).

Reply
Get Updates on the Splunk Community!

Industry Solutions for Supply Chain and OT, Amazon Use Cases, Plus More New Articles ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...