Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

is it possible to know which is the index that has less use?

efaundez
Path Finder
‎03-26-2020 02:52 PM

good afternoon

  I would like to know which is the index that has had less access at the data query level.

regards

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎03-26-2020 05:34 PM

Please explain more about the data you are looking for. What problem are you trying to solve?
Have you looked at the Monitoring Console?

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

efaundez
Path Finder
‎03-31-2020 01:05 PM

Hello, sorry for the delay, with respect to what I mention the idea is to be able to know which are the least consulted indexes, by users. I know that internally, all the queries made by users to the cluster indexes could be searched, but in an estimate of 30 days, there should be indexes that do not have a lot of load, that is, the user does not use it frequently.

This search will allow us to know if this information is really important or useful, since if not, we plan to eliminate this index.

Cheers

0 Karma
Reply
Get Updates on the Splunk Community!

What the End of Support for Splunk Add-on Builder Means for You

Hello Splunk Community! We want to share an important update regarding the future of the Splunk Add-on Builder ...

Solve, Learn, Repeat: New Puzzle Channel Now Live

Welcome to the Splunk Puzzle PlaygroundIf you are anything like me, you love to solve problems, and what ...

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...