cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
mosmond
Engager
Member since: ‎05-10-2019
‎06-10-2021
Community Statistics
Posts 3
Solutions 0
Karma Given 8
Karma Received 1
Member Since ‎05-10-2019
Activity Feed
View All

Re: List of possible reasons for hot buckets rolli...

by in Deployment Architecture
‎01-04-2021 07:51 AM
‎01-04-2021 07:51 AM
@scelikokThat is just what I needed, thanks! ... View more

List of possible reasons for hot buckets rolling t...

by in Deployment Architecture
‎12-30-2020 11:14 AM
1 Karma
‎12-30-2020 11:14 AM
1 Karma
We have been getting messages about high percentage of small buckets.  I set logging to DEBUG on one of our indexers (Windows, Splunk 7.3.4, index cluster).  Using this SPL:  index=_internal sourcetype=splunkd component=HotBucketRoller "finished moving" to try and see why buckets are rolling. Looking at Interesting Fields, "caller" seems to indicate the reason for the bucket roll; however, only 2 of the 4 reasons make sense to me, and I can't find them documented anywhere.  The values I return are: size_exceeded, bucket_replication_failed  lru, marked  The first 2 are self-evident, but what are the last 2? I'm mostly interested in LRU, as that makes up 30-40% of our buckets rolls. Any insight on this? My Google-fu has failed.     ... View more
Labels

Splunk OVA for VMware - when updating to CentOS 7?

by in All Apps and Add-ons
‎05-10-2019 02:13 PM
‎05-10-2019 02:13 PM
Does anyone have information on when the OVA's will be built on CentOS 7? CentOS 6 is EOL 11/30/2020... our UNIX team strongly prefers CentOS 7 at this point. I am aware we can build our own DCNs on CentOS 7, which we may opt to do. Just figured I'd ask if this is on the radar. Matt ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-10-2021 05:58 PM
Karma from
View All
Karma given to