I can't for the life of me figure out how to purge old syslog entries in Splunk.
My 1st time using Splunk
Using Splunk on Windows Server 2012
Listening over UDP on 514 from Meraki devices.
Is there a way I can set a max number of entries and anything over the max falls off, or at least only keep the last 7-14 days of entries?
I'm currently at about 13,000,000 entries.
... View more