Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Federated search performance

smeil123
New Member
‎10-10-2022 09:31 PM

동일한 데이터를 로컬 및 원격 검색(연합 검색)을 통해 검색 속도와 비교합니다.

그러나 자동 조회를 사용하는 검색의 경우 검색 속도가 100배 이상 다릅니다.

원격 검색이 훨씬 빠릅니다.(로컬 검색은 10분, 원격 검색은 30초)

왜 이런 속도 차이가 나는지 궁금합니다.

예시)

색인=방화벽 작업=허용

* ACTION은 자동 조회 설정입니다.

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Don't wait! Accept the Mission Possible: Splunk Adoption Challenge Now and Win ...

Attention everyone! We have exciting news to share! We are recruiting new members for the Mission Possible: ...

Unify Your SecOps with Splunk Mission Control

In today’s post, I'm excited to share some recent Splunk Mission Control innovations. With Splunk Mission ...

Data Preparation Made Easy: SPL2 for Edge Processor

By now, you may have heard the exciting news that Edge Processor, the easy-to-use Splunk data preparation tool ...