Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- About bearlmax
bearlmax
New Member
Member since:
07-23-2012
06-05-2020
Community Statistics
| Posts | 7 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 07-23-2012 |
Activity Feed
- Posted I'm a new customer — can you help me with an Index best practices question for Splunk Cloud? on Getting Data In. 01-28-2019 06:52 AM
- Tagged I'm a new customer — can you help me with an Index best practices question for Splunk Cloud? on Getting Data In. 01-28-2019 06:52 AM
- Tagged I'm a new customer — can you help me with an Index best practices question for Splunk Cloud? on Getting Data In. 01-28-2019 06:52 AM
- Tagged I'm a new customer — can you help me with an Index best practices question for Splunk Cloud? on Getting Data In. 01-28-2019 06:52 AM
- Tagged I'm a new customer — can you help me with an Index best practices question for Splunk Cloud? on Getting Data In. 01-28-2019 06:52 AM
- Posted Re: When trying to upgrade from Free Enterprise to using a trial license provided by an account rep, why am I getting the following "litsearch" error? on Installation. 11-01-2018 07:09 AM
- Posted When trying to upgrade from Free Enterprise to using a trial license provided by an account rep, why am I getting the following "litsearch" error? on Installation. 10-31-2018 04:16 AM
- Tagged When trying to upgrade from Free Enterprise to using a trial license provided by an account rep, why am I getting the following "litsearch" error? on Installation. 10-31-2018 04:16 AM
- Tagged When trying to upgrade from Free Enterprise to using a trial license provided by an account rep, why am I getting the following "litsearch" error? on Installation. 10-31-2018 04:16 AM
- Posted Re: How do you sum a field for requests that fail to meet a threshold? on Splunk Search. 10-30-2018 11:00 AM
- Posted How do you sum a field for requests that fail to meet a threshold? on Splunk Search. 10-30-2018 04:19 AM
- Tagged How do you sum a field for requests that fail to meet a threshold? on Splunk Search. 10-30-2018 04:19 AM
- Tagged How do you sum a field for requests that fail to meet a threshold? on Splunk Search. 10-30-2018 04:19 AM
- Posted Re: rex fields from *nix netstat output on Splunk Search. 12-02-2013 12:48 PM
- Posted rex fields from *nix netstat output on Splunk Search. 12-02-2013 11:10 AM
- Tagged rex fields from *nix netstat output on Splunk Search. 12-02-2013 11:10 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
01-28-2019
09:41 AM
There are 3 things to consider when laying out index values:
1: In/Visibility (RBA) : who should/not see what data? Map out the roles that need to see the data and the roles that should not be able to see the data. Access to data is only reliably enforced at the index level.
2: Retention : how long do you need to keep each kind of data? Bucket rolling/deletion is implemented at the index level.
3: Value/Risk : how important is the retention goal for this data? If you have very important data and not-so-important data in the same index and you must keep it for a year and you have enough space to hold about 15 months, but somebody makes a mistake and turns on debug on the not-so-important data stream and it accidentally sends in 1 year's worth of data in a day, before it is discovered, you now have prematurely aged out most, if not all, of your important data, and it is GONE.
If you get these 3 right, everything else will be just fine.
... View more
11-12-2018
03:35 PM
Kindly help me know from where or how can I get the reset key?,Please help me with the steps to get the reset key.. I mean how or from whom or from where do I get it?
... View more
10-30-2018
11:00 AM
Thanks! Works like a charm!
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:04 AM
|
