Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Is there a way to increase the results limit of saved searches per app?

ddrillic
Ultra Champion
‎10-02-2017 12:13 PM

We reached the limit of 500K results per saved search. We wonder if we can increase to, let's say 10 million, for one specific app.

We see Is there a setting for the maximum number of results that can be written to a summary index from a s...

But it doesn't refer to one specific app.

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

abhishekreddy
Explorer
‎10-02-2017 01:27 PM

Change the dispatch.max_count in savedsearches.conf and place it in $SPLUNK_HOME/etc/apps/appName/local

View solution in original post

Reply
Solved! Jump to solution
Solution

abhishekreddy
Explorer
‎10-02-2017 01:27 PM

Change the dispatch.max_count in savedsearches.conf and place it in $SPLUNK_HOME/etc/apps/appName/local

Reply
Solved! Jump to solution

ddrillic
Ultra Champion
‎10-03-2017 10:05 AM

Great! on the search heads, right? sanity check ; -)

0 Karma
Reply
Solved! Jump to solution

abhishekreddy
Explorer
‎10-03-2017 02:20 PM

Obviously 😛

0 Karma
Reply
Solved! Jump to solution

ddrillic
Ultra Champion
‎10-03-2017 03:08 PM

; - ) interestingly, the following Why are only 10,000 events making it into the summary index?

says -

-- ALSO, in etc/system/local/limits.conf (create it if it doesn't exist), under the [scheduler] stanza, set max_action_results=100000 (or a limit of your choosing).

Not sure if it's applicable ...

0 Karma
Reply
Solved! Jump to solution

ddrillic
Ultra Champion
‎10-10-2017 07:29 AM

Not much luck so far -

alt text

![alt text][2]

Preview file
84 KB
Preview file
18 KB
0 Karma
Reply
Get Updates on the Splunk Community!

Data Management Digest – November 2025

  Welcome to the inaugural edition of Data Management Digest! As your trusted partner in data innovation, the ...

Splunk Mobile: Your Brand-New Home Screen

Meet Your New Mobile Hub  Hello Splunk Community!  Staying connected to your data—no matter where you are—is ...

Introducing Value Insights (Beta): Understand the Business Impact your organization ...

Real progress on your strategic priorities starts with knowing the business outcomes your teams are delivering ...