×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
pradeepchhetri
Engager
Member since: ‎06-20-2014
‎06-05-2020
Community Statistics
Posts 4
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎06-20-2014
View All

Re: Different search performance for two sourcetyp...

by in Getting Data In
‎06-22-2014 11:48 PM
‎06-22-2014 11:48 PM
@Mus: @martin_mueller: Just realized that the difference was due to fast-mode and smart-mode search types, although both has same number of events. Thank you for the help. ... View more

Re: Different search performance for two sourcetyp...

by in Getting Data In
‎06-20-2014 05:01 AM
‎06-20-2014 05:01 AM
@Mus: Thank you for the reply. I will do the troubleshooting accordingly and let you know the outcome. ... View more

Re: Different search performance for two sourcetyp...

by in Getting Data In
‎06-20-2014 02:59 AM
‎06-20-2014 02:59 AM
my search query just includes: sourcetype="production" and sourcetype="staging" ... View more

Different search performance for two sourcetype

by in Getting Data In
‎06-20-2014 02:21 AM
‎06-20-2014 02:21 AM
Hi, We have a splunk machine running with all the events going to one index. I noticed that for two different sourcetype, I got different search performance. For one of the sourcetype, searching happened very quickly but it was very slow for the other. Can someone explain me why i am getting such a difference. Regards. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to
View All