×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
rmacurak
Explorer
Member since: ‎10-01-2010
‎05-09-2024
Community Statistics
Posts 8
Solutions 0
Karma Given 12
Karma Received 1
Member Since ‎10-01-2010
Activity Feed
View All

Re: How do I configure the retention period for us...

by in Splunk Search
‎04-13-2016 09:57 AM
‎04-13-2016 09:57 AM
Indeed. It seems only the most recent 1000 searches are stored. I'm interested in increasing the retention. Any ideas what controls that retention limit? ... View more

How do I configure the retention period for users'...

by in Splunk Search
‎04-13-2016 08:42 AM
‎04-13-2016 08:42 AM
How do I configure the retention period for users' search history? ... View more

Is it possible to populate a specific summary inde...

by in Knowledge Management
‎09-09-2013 01:32 PM
‎09-09-2013 01:32 PM
I've created a new summary index that I'd like to populate with historical data. I cannot seem to find any documentation that indicates how to specify the name of a summary index when populating the summary index using sitimechart. ... View more

Re: Alert if no log messages

by in Alerting
‎10-04-2010 05:17 PM
‎10-04-2010 05:17 PM
Perhaps not. Ideally I'd be able to identify 5-10 second gaps in the logs, which indicates the "hanging" condition. I'll investigate your hypothesis, thanks. ... View more

Re: Alert if no log messages

by in Alerting
‎10-04-2010 03:59 PM
‎10-04-2010 03:59 PM
Unfortunately I was too quick to mark this as solved. It seems that the "age" always grows to 30s and resets to 0s, indicating that the remote Splunk servers that feed this index are only sending data every 30 seconds, even though the logs are constantly written -- does that sound plausible? If so, how do I instruct the Splunk forwarders to stream data in realtime rather than batching every 30 seconds? ... View more

Re: Alert if no log messages

by in Alerting
‎10-01-2010 05:47 PM
‎10-01-2010 05:47 PM
This was my initial idea as well, but I figured there was a better way. This is a good way to look back at historical data, though, which also comes in handy ... View more

Re: Alert if no log messages

by in Alerting
‎10-01-2010 05:40 PM
‎10-01-2010 05:40 PM
Elegant. Thank you very much. ... View more

Alert if no log messages

by in Alerting
‎10-01-2010 02:20 PM
1 Karma
‎10-01-2010 02:20 PM
1 Karma
I'm indexing logfiles from a custom web application that receives nonstop traffic, resulting in virtually nonstop log messages. Occasionally (unfortunately) the application will hang, resulting in a gap in the logging. I'd like to be alerted if this condition occurs. Any ideas on how to search/alert in realtime for "gaps" in the log file, or an absence of data? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎05-09-2024 07:58 PM
Karma from
View All
Karma given to