Hello, I was trying to find out the correlation among Indexed Fields, Indexed Time Field Extraction, HF/UF, Deployment Server, and Performance. Do we need to have Indexed Time Field Extraction to c...
...Ms
We are concentrating only on performance for phase 1. In phase 2 we will be providing indexer replication.
My hardware recommendation for phase 1 is:
Deployment Server:
Count - 1
H...
How to perform lookup from index search with dbxquery? | index=vulnerability_index | table ip_address, vulnerability, score ip_address vulnerability score 192.168.1.1 SQL Injection 9...
Hi, Splunkers:
About a week ago, a customer asked me that is there a reference for deployment server which has 1200+ client?
They have the high speed LAN but not sure about CPU and Memory s...
Hello, How to perform lookup on inconsistent IPv6 format in CSV file from index? For example: Index has collapsed format of IPv6: 2001:db8:3333:4444:5555:6666::2101 CSV has expanded f...
Hello, I have created a few indexes, each containing data only from one source with one sourcetype. From a search performance point of view - Is it necessary to include the sourcetype in each s...
How to perform lookup in CSV file from index without combining data in one row (and without mvexpand)? | index=vulnerability_index | table ip, vulnerability, score ip vulnerability s...
...opulating with the new server name. For example the Monitoring Console-> Indexing-> IndexingPerformance: instance "Instance" Drop-down input box has the Old Server Name (only) and does not t...
Can the deployment server be used to deploy apps/configuration to a search head and also transforms/props/configuration/apps to indexers? To date I'm only using it to delivery apps to universal f...
Hello all,
I am new to Splunk and need a little help.
I have the following configuration:
Splunk Indexer Server. Splunk Deployment Server.
I have installed Universal Forwarder on my c...