...68 Qtr 3 798 287 Qtr 4 777 220 I would like to calculate the percentage reduction per quarter, for example, Qtr 4 Total Escalations of 220 is a 13.5% reduction on the 287 e...
Hi all. I recently came in a discussion with my fellow colleages about disk usage. Assuming we have 100GB/day on a cluster with RF 15 and SF 11, the amount of disk (total per day) would be: Raw da...
Hello community,
I am having an issue creating appropriate SEDCMD to reduce the size of specific Win events.
I am trying to extract only one random bit (could be anything) and through all the res...
Hello All, Recently, I observed error messages on my search head like "Unable to distribute to peer named XXX at URI https://xx:8089 because replication was unsuccessful. replicationStatus Failed fa...
Good morning.
We have been tracking a recent reduction in our log ingest rate. After a myriad of searching, it appears that the reduction in xml Win Event Logs occurred the same week that windows p...
...fter tsidx reduction has been performed. Checking the latest warm buckets shows that the *.tsdx files have been replaced by *.mini.tsdx files.
I have tsidx reduction enabled, but it should only be r...
Hello All,
We are having some storage capacity issues and trying some different things to make some space for the ingestion. So we did TSIDX reduction on one index as a test to see how much p...
...tats count by Time | fields - count
I get these results......
I'd like to now create a graph of these results showing a graduation or reduction of the response times.
Can someone h...
I am having trouble finding documentation that explicitly states Splunk's ability to perform audit reduction. I am also having difficulty finding out if Splunk meets the AU-8 requirement for a c...
I am new to Splunk and need guidance on writing a generic search that will give me the percent increase over a two month period. For example, let's say my event data has the following fields:
page...