Solved: What is this Backfilling script??

keshab · ‎11-03-2011

What's the difference between daily, fivemin, and all backfilling python script?

What does this script actually do for Web Intelligence app?

Logs get indexed in Splunk - shouldn't the Web Intelligence app show traffic in real time??

joshd · ‎11-03-2011

The backfill_all.py script executes a number of searches to populate the summary indexes with data you have already indexed and not just the new stuff that the web intelligence app will see going forward after installation. The scheduled searches that come with the web intelligence app will only execute against new data and not data thats say a year old.

View solution in original post

ChrisG · ‎11-03-2011

For more info, see the docs: http://docs.splunk.com/Documentation/WebIntel/1.0Beta/User/Backfillingdata. "Once setting up the app is complete, you might need to backfill your historical data to view events older than the last five minutes. The Web Intelligence app include data summarizations for 5 minute, hourly, and daily time ranges."

joshd · ‎11-03-2011

The backfill_all.py script executes a number of searches to populate the summary indexes with data you have already indexed and not just the new stuff that the web intelligence app will see going forward after installation. The scheduled searches that come with the web intelligence app will only execute against new data and not data thats say a year old.

What is this Backfilling script??

New Case Study: How LSU’s Student-Powered SOCs and Splunk Are Shaping the Future of ...

Splunk and Fraud

Build Your First SPL2 App!