Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Federated search performance

smeil123
New Member
‎10-10-2022 09:31 PM

동일한 데이터를 로컬 및 원격 검색(연합 검색)을 통해 검색 속도와 비교합니다.

그러나 자동 조회를 사용하는 검색의 경우 검색 속도가 100배 이상 다릅니다.

원격 검색이 훨씬 빠릅니다.(로컬 검색은 10분, 원격 검색은 30초)

왜 이런 속도 차이가 나는지 궁금합니다.

예시)

색인=방화벽 작업=허용

* ACTION은 자동 조회 설정입니다.

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...