Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Differences in splunk documentation

strive
Influencer
‎04-11-2014 05:10 AM

Hi,

We use splunk's scripted authentication mechanism in our product. Initially we set the cachetiming to 1s. Since its adding lot of load on the system, we wanted to increase the polling time intervals to 10 min. While going through the documentation i noticed that for setting time in minutes its given as

  1. min(s) in http://docs.splunk.com/Documentation/Splunk/6.0.3/Admin/Authenticationconf

  2. m in http://docs.splunk.com/Documentation/Splunk/6.1.2/Security/Editauthenticationconf

Which one is right?

Thanks

Strive

Reply
1 Solution
Solved! Jump to solution
Solution

martin_mueller
SplunkTrust
SplunkTrust
‎04-11-2014 05:34 AM

These searches are equivalent:

index=_internal earliest=-15m latest=now
index=_internal earliest=-15min latest=now
index=_internal earliest=-15mins latest=now
index=_internal earliest=-15minute latest=now
index=_internal earliest=-15minutes latest=now

So I assume the configuration might work the same in accepting all five ways of expression the minute unit.

View solution in original post

Reply
Solved! Jump to solution
Solution

martin_mueller
SplunkTrust
SplunkTrust
‎04-11-2014 05:34 AM

These searches are equivalent:

index=_internal earliest=-15m latest=now
index=_internal earliest=-15min latest=now
index=_internal earliest=-15mins latest=now
index=_internal earliest=-15minute latest=now
index=_internal earliest=-15minutes latest=now

So I assume the configuration might work the same in accepting all five ways of expression the minute unit.

Reply
Solved! Jump to solution

strive
Influencer
‎04-11-2014 03:27 PM

I tried with unit as 'm' and it seems to be working

0 Karma
Reply
Get Updates on the Splunk Community!

Harnessing Splunk’s Federated Search for Amazon S3

Managing your data effectively often means balancing performance, costs, and compliance. Splunk’s Federated ...

Infographic provides the TL;DR for the 2024 Splunk Career Impact Report

We’ve been buzzing with excitement about the recent validation of Splunk Education! The 2024 Splunk Career ...

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...