- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What's the difference between daily, fivemin, and all backfilling python script?
What does this script actually do for Web Intelligence app?
Logs get indexed in Splunk - shouldn't the Web Intelligence app show traffic in real time??
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The backfill_all.py script executes a number of searches to populate the summary indexes with data you have already indexed and not just the new stuff that the web intelligence app will see going forward after installation. The scheduled searches that come with the web intelligence app will only execute against new data and not data thats say a year old.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For more info, see the docs: http://docs.splunk.com/Documentation/WebIntel/1.0Beta/User/Backfillingdata. "Once setting up the app is complete, you might need to backfill your historical data to view events older than the last five minutes. The Web Intelligence app include data summarizations for 5 minute, hourly, and daily time ranges."
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The backfill_all.py script executes a number of searches to populate the summary indexes with data you have already indexed and not just the new stuff that the web intelligence app will see going forward after installation. The scheduled searches that come with the web intelligence app will only execute against new data and not data thats say a year old.
