Monitoring console Search-->SchedulerActivity -->SchedulerActivity : Instance not producing any data. I am in search of Skipped searches & reports. Please tell me what am I missing to m...
Hi All, At Monitoring Console (MC) --> SearchActivity : Instance, there is "top 20 Memory-consuming searches", which is searching from index=_introspection. As I run the search, it is not r...
Hi I have to create correlation searches in Splunk ES My cron schedule will be */60**** Is it better to use a real-time schedule or a continuous schedule? Is it necessary to fill the time r...
Hi all, I am trying to put together a search and stats table for users in our environment who have uploaded data to a domain where there has been not been any other upload activity to that domain i...
...ike:
User ActivitySearch
- Last RUN | scheduled every 5 Minutes | STATUS=Completed
- Last RUN - 5 minutes | STATUS=Completed
- Last RUN -10 Minutes | STATUS=Completed
- Last R...
How to schedule search between 7pm to 7am and alert if and only if there is an event recorded between 7pm to 7am? my cron expression is */15 19-23,0-6 * * *. What should be the earliest and latest value?
Hello, How to modify _time when running summary index on a scheduled search? Please suggest. I appreciate your help. Thank you When running summary index on a scheduled search, by default, _...