Setting a queue for dashboards when maximum of con...

N-W · ‎08-09-2021

I have a dashboard with several different base searches that is transformative searches. However I get the error of maximum amount of concurrent historical searches.

Unfortunately we can't upgrade the cpu count or change the role. I was thinking is there a way of making it so that there is a queue set for them so for example when the first 3 are finished the next 3 searches starts. Or set the order of when the searches start and finish?

richgalloway · ‎08-09-2021

Have each search contain a token that is set by the previous search. The token could be a result or it can be defined in a <done> element.

<search>
  <query>index=_internal </query>
  <earliest>-24h@h</earliest>
  <latest>now</latest>
  <done>
    <set token="start_search2"></set>
  </done>
</search>
<search>
  <query>index=foo $start_search2$</query>
  <done>
    <set token="start_search3"></set>
  </done>
</search>
...

---
If this reply helps you, Karma would be appreciated.

Setting a queue for dashboards when maximum of concurrent historical searches has been reached

other

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor