Search

HeinzWaescher · ‎05-20-2014

Hi, I've got ~15.000 events where FieldA exists (in total there are 20.000.000 events). I want to filter out these events and I'm wondering about the performance of different approaches. Why i...

clincg · ‎08-20-2010

..." only returns about 300 results, but the subsearch is searching across millions of users accounts. If I removed the sub search, the outer search only takes a few seconds to complete. Does a...

fk319 · ‎10-20-2010

...isplay the dashboard. What constitutes a search: a data base search? or does the post search also count? 2) I did some rough counts, If I merge the 5 summary-indexes into one, there will be about 3...

Justin_Grant · ‎03-13-2010

I would like to use a lookup into an external database to add fields to my events, but need some advice about performance and caching of expensive lookups. For example, say I have a log of o...

guilmxm · ‎04-07-2013

...o keep clean with time and dashboards add, not satisfying. 2. Summary indexing Summary indexing as far as i understood the way Splunk works is one of logical way to achieve optimization. U...

HeinzWaescher · ‎10-21-2015

...sers BY server_id I'm thinking about how to optimize the performance of this dashboard. 1. Report Acceleration Accelerate this base search (the output will be at least >3.000.000 r...

yutaka1005 · ‎11-08-2018

...hink that it is issue. If someone know about it, please tell me.

Justinboucher0 · ‎05-24-2018

I'm looking for assistance in optimizing a dashboard where we use tstats as a base search. Our Splunk systems have more than enough resources and there hasn't been any signs of degraded performance o...

bshamsian · ‎06-16-2015

I have a dashboard that has over 30 panels - they all have the same basic search query so I decided to use the new search optimization of Splunk 6.2. Here is what I did - I defined a global search a...

JetteBra · ‎03-23-2017

...nown IPs from the logdata. However the searches seem to take a long time, and I'm not sure if its due to my non-optimized search or that its just too much logdata. My goal was to search through the l...

Search

Search the Community

Search Optimization

Subsearch Performance Optimization

Optimizing Dashboard Searches

How to optimize performance for scripted lookups?

Optimizing Dashboards performances, looking for th...

Should I use report acceleration or the loadjob co...

Why does the "transaction" command return differen...

Tstats query and dashboard optimization

How do I optimize the performance of my dashboard ...

How to optimize my lookup search with large amount...