Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Federated search performance

smeil123
New Member
‎10-10-2022 09:31 PM

동일한 데이터를 로컬 및 원격 검색(연합 검색)을 통해 검색 속도와 비교합니다.

그러나 자동 조회를 사용하는 검색의 경우 검색 속도가 100배 이상 다릅니다.

원격 검색이 훨씬 빠릅니다.(로컬 검색은 10분, 원격 검색은 30초)

왜 이런 속도 차이가 나는지 궁금합니다.

예시)

색인=방화벽 작업=허용

* ACTION은 자동 조회 설정입니다.

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...