Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to use the new scheduler most efficently?

HeinzWaescher
Motivator
‎03-07-2016 05:47 AM

Hi,

I've got hundreds of searches that are scheduled ervry night from 00:00 to 6:00. It does not matter when they will be finished unless it is before 7:00.
What is the best approach to use the new scheduler in Splunk 6.3 for this usecase? As far as understand it, it could be a good option to schedule all searches at 00:00 and setup a window of 6 hours. So the scheduler would be able to run the searches most efficently. Is this a correct assumption or could it cause problems to schedule all search at once?

Thanks in advance
Heinz

0 Karma
Reply

muebel
SplunkTrust
SplunkTrust
‎03-07-2016 06:26 AM

Hi Heinz, that seems reasonable based on my reading of the documentation. More info can be found here: https://conf.splunk.com/session/2015/conf2015_PLucas_Splunk_SplunkEntWhatsNew_MakingTheMostOf.pdf

Please let me know if this helps!

Reply

HeinzWaescher
Motivator
‎03-08-2016 01:54 AM

Too me as well, but I'm not sure whether this is intended 😉
That's a great talk about the scheduler changes!

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

From Idea to Implementation: Why Splunk Built mTLS into Splunk Enterprise 10.0  mTLS wasn’t just a checkbox ...