...ueues, waiting for splunk-optimize to finish the job.
This usually happens when we stop the Indexer after a long time since last time.
Here below an example of the error message that appears on all t...
Hi
I am running a heavy forwarder with HEC and it is sending data to 3 indexers. I am starting to read about ways to optimise this configuration, but I am not sure if I have all the s...
Hello,
I have huge volume of data coming in under different source types (or indexes) for different applications/projects. Most of the cases ACCOUNTID and IPAddress are the unique fields for each o...
Hi, all.
I'm trying to fix some optimization issues I'm having with Splunk indexes and wanted some input on a proposed index adjustment.
On my indexers, I have two classes of systems. Class A...
Hi, I have a query that is giving me results in around 60-70 seconds I wanted to reduce the time, seems NOT is taking more time and my search is parsing for around 35-40 seconds. Please help me to optimize...
...ogs to metrics. As per the splunk docs, it states metric index is optimized for the storage and retrieval of metric data. While there is improvement in the search time, the storage size instead o...
We are currently using MapRFS and with our restrictions on directory structure, we are having a hard time getting optimized searches with Hunk.
Basically, the search will find all the events and t...
I have a dashboard that has 9 searches. I currently extract my graph from 6 Summary Indexes. 5 of the Summary Indexes come from the same data set and 3 of the searches is the exact same data e...
...or the splunk-optimizeindexing helper to catch up merging them. Ensure reasonable disk space is available, and that I/O write throughput is not compromised.
I then tried the manual splunk-optimize...