Training + Certification Discussions
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

ABOUT OF NUMBER OF EVENTS INDEXED

ssv24
New Member
‎10-26-2019 10:50 AM

AFTER going through the fundamentals of splunk 1 course, I installed splunk and uploaded all the 3 data sets into splunk. But then i checked the the count of events indexed before logging out as it is instructruted in the pdf from the course. And later i logged out and logged in again. Then saw a different count of the events indexed. Why like that? Can anyone please explain....

Tags (1)
0 Karma
Reply

woodcock
Esteemed Legend
‎10-27-2019 06:59 PM

Probably you were using a Time picker value like Last 4 hours which gradually shifts events beyond the matching timeframe as time marches forward but then you logged in again and selected a different longer value like All time which covered all the events regardless of how old they are.

0 Karma
Reply

woodcock
Esteemed Legend
‎10-26-2019 02:48 PM

Events do not stay forever; depending on the settings in indexes.conf and the amount of disk space available, the events will be automatically deleted.

0 Karma
Reply

ssv24
New Member
‎10-27-2019 12:33 AM

yeah. Ok but the count increased after logging out and logging in again. Why?

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...