Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Splunk Search
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Community
- :
- Splunk Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Are there any restrictions for the transaction com...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
danielbb
Motivator
05-15-2020
04:56 PM
Our transaction period can cover five to six days covering sessions by users connected to the company's network. Are there any configurations set-up in limits.conf that we need to be aware of, when we use the transaction command?
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
to4kawa
Ultra Champion
05-16-2020
02:51 PM
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
to4kawa
Ultra Champion
05-16-2020
02:51 PM
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
danielbb
Motivator
05-16-2020
03:10 PM
That's nice - the limit.conf documentation refers to two parameters for the transaction command - maxopentxn and maxopenevents. maxopentxn might be applicable to us. In case transactions are being evicted from the pool, will we see references to them via the UI or/and in the log files?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
to4kawa
Ultra Champion
05-16-2020
03:25 PM
search.log:
05-17-2020 07:22:25.942 INFO NewTransam - evicted=0, closed=1000, event_count=1000000, candidate_events=999000, comparison_count=999998
sample:
| makeresults count=1000000
| streamstats count as A
| eval A=A % 2
| streamstats count as B
| transaction A
There is no display on job.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
danielbb
Motivator
05-16-2020
03:29 PM
Very nice @to4kawa !
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
to4kawa
Ultra Champion
05-15-2020
05:42 PM
Do you have to use transaction ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
danielbb
Motivator
05-16-2020
08:52 AM
It can be stats, but we would like to understand transaction and its limits.
Get Updates on the Splunk Community!
Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)
Greetings, Splunk Cloud Admins and Splunk enthusiasts! The Admin Configuration Service (ACS) team is excited ...
Tech Talk | One Log to Rule Them All
One log to rule them all: how you can centralize your troubleshooting with Splunk logs
We know how important ...
Splunk Security Content for Threat Detection & Response, Q1 Roundup
Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...
