...xample, if I have 100 GB data ingested by day, final size on disk will be 50 GB . Well, I have to calculate total GB BEFORE compression is applied. So, in my above example, search/method I need s...
New to this so probably a very basic question.... A user has a query that comes out with a nicely formatted statistics tab when he runs it. When another user runs the same query the statistics a...
Could you please tell me about the following? If I want to limit memory usage for a search, is it correct to think that I should set the following? ===== [search] enable_memory_tracker=true search...
...anel in the form of a statistics table based on the `baseSearch` query: <search base="baseSearch">
<query>search
| stats first(timestamp) as timestamp, first(a...
...ave the DC, file server, and 3 workstations deployed. I keep getting license usage warnings. Upon investigation, the CentOS server where the Splunk server is installed is by far the largest license u...
Hello Team,
I have a search which is returning statistics (not events).
I would like to generate alert and call custome bash script only in case where i have at least 1 statistic result like t...
Because we are unable to use the monitoring console in Splunk Mobile, I would like to create our own monitoring console dashboard of sorts. Beginning with these searches, status, cpu usage, and m...
What's a good way to find user who logon to RDP with one user account then user another like privilege user account. I know the event code/id that need to be monitored.
Here are the eve...