×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
TamasDubicz
Engager
Member since: ‎10-13-2020
‎05-05-2023
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎10-13-2020
View All

Re: Why is the ES Incident Review page still lists...

by in Splunk Enterprise Security
‎05-05-2023 05:10 AM
‎05-05-2023 05:10 AM
We have faced with the same issue. The solution was to change ESCU permission level to "App" from "Global". ... View more

Alert action for sending data to summary index

by in Alerting
‎03-01-2021 03:25 AM
‎03-01-2021 03:25 AM
Hey Everybody,   We started to work with multiple summary indexes. We are filling them up with scheduled searches and what are end with the "collect" command and this cause a lot of inconvenience. Now we are thinking about that we would like to use alert action for the send-to-the-summary-index step, like when we write out data to a lookup with the "Output results to lookup" alert action.   Do you know any plug and play solution / downloadable alert action what we can use to improve our Splunk infra?    Thank you in advance! ... View more
Labels

What will happen when I change an already existing...

by in Deployment Architecture
‎10-13-2020 08:23 AM
‎10-13-2020 08:23 AM
Hey Everybody, We just started a SmartStore migration project and we were warned to not migrate indexes with buckets with auto_high_volume.  So we would like to change the maxDataSize settings in case of several already existing index from auto_high_volume to auto in an IDX cluster. What will be the impact of this change?  Will it cause increased I/O or other resource usage right after the change, will it “cut” the already existing high_volume buckets into 750 MB pieces? Aka. Will it be applied retrospectively? What will happen a hot bucket what is more than 750 MB at the time when I apply the change?   Thank you in advance, Tamas ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎05-05-2023 08:30 AM