Does anyone know the login user run some real time searches when user just is opening the following screen page.
When I checked the CPU usage in splunk server by monitoring console, it is the cause for my user who was role of "user" to run some real-time-searches .
And the search was running as real-time-search during 1 hour.
At the duration, my user did not run ad-hoc search and schedule-search.
I am wondering the panel of "What to Search" might be the cause to run some real-time-searches.
Additionally, does anyone know how to let them be disable?
Any advice or opinion are appreciated.
Thank you for your message.
you mean to set the following setting in /etc/local/ui-prefs.conf, don't you?
display.prefs.enableMetaData = 0
display.prefs.showDataSummary = 0