Other Admin
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

search results only for 3 months

Gaya3_devi
Explorer
‎08-27-2024 12:59 AM

Hi Splunkers,
i have been working on a dashboard for that I need the data for last 7 months from jan 2024 to till date when i was searching for the logs it was only showing for the last 3 months data i.e., from 10, jun to till date and gradually all the logs are disappearing is there any way to fix this...
i tried this query 

| tstats earliest(_time) as first, latest(_time) as last where index=foo | fieldformat first=strftime(first,"%c") | fieldformat last=strftime(last,"%c")

the result shows
index="my-index" 
               first                                                       last 

Mon Jun 10 04:19:23 2024     Tue Aug 27 07:50:04 2024

Gaya3_devi_0-1724745391447.png

Labels (2)
Labels
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎08-27-2024 04:39 AM

It's natural that old data is getting rolled out of your index when you're either reaching retention limits or your index (or whole volume) hits size limits. So check your index and volume parameters and your index size usage.

0 Karma
Reply

Gaya3_devi
Explorer
‎08-27-2024 10:41 PM

how to check index and volume parameters and index size

0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎08-28-2024 04:21 AM

Depends on your environment. If you have an all-in-one installation, the easiest method would be to go to settings->indexes

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk App for Anomaly Detection End of Life Announcement

Q: What is happening to the Splunk App for Anomaly Detection?A: Splunk is officially announcing the ...

Aligning Observability Costs with Business Value: Practical Strategies

 Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...