Hello All !
I ask myself what is the best approach to extract all fields of logs with regex in general.
I speak here of Search Time Extraction.
Is it better for performance to write 1 BIG reg...
Hello Everyone, I have an environment which has an index cluster and three search heads that are currently looking for data in this cluster. I want to create a SH cluster with this three sear...
...aaS offerings (Databricks, Azure Data Factory, Cognitive Search...etc) - An EH namespace for networking events (NAT Gateways, Firewalls, Public IPs, APIM, Frontdoor, WAF...etc) so on and so f...
Hello Splunkies and Splunklemen ,
Does Splunk Automatically take into consideration Daylight Savings Time (DST) ? Or should this parameter be defined somewhere ?
If so can anyone tell me h...
I'm trying to show the relative time for the last time data was refreshed successfully. I search for all success text strings in the log file and then I need to get that time and do a reltime. I t...
Are search-time fields slow? Can I rely on them to efficiently sort through my data?
Are there significant differences in searching on automatically created fields from the text of my events, vs f...
Hello!
I have a small distributed deployment consisting of 2 search heads (16 cores each) and 2 indexers (24 cores each). There are about 900 saved searches to govern critical alerting with the a...