Does anyone know the login user run some real time searches when user just is opening the following screen page.
When I checked the CPU usage in splunk server by monitoring console, it is the cause for my user who was role of "user" to run some real-time-searches .
And the search was running as real-time-search during 1 hour.
At the duration, my user did not run ad-hoc search and schedule-search.
I am wondering the panel of "What to Search" might be the cause to run some real-time-searches.
Additionally, does anyone know how to let them be disable?