Getting Data In

How do I know the title of my system index

aohls
Contributor

I have read through the documentation and still feel that I am missing something with creating an index summary. I want to use sistats and have my data setup how I want it to generate the index summary. How would I know what the summary is named or how do I generate an index summary for where my data will get stored. I might have missed a key point but I done see how if I use sistats I know how to reference my data.

0 Karma
1 Solution

adonio
Ultra Champion

a summary index is just like any other index
for creating, setting, and all other purposes

View solution in original post

0 Karma

adonio
Ultra Champion

a summary index is just like any other index
for creating, setting, and all other purposes

0 Karma

aohls
Contributor

So at the end of the search if I have sistats. How would I then search that index? I might need to read up on indexing more but I am looking to speed searching the data. Using sistats seems that it would allow me to search just that data but I am not sure how I would then search it after. Is it more of a behind the scenes item where my search will simply be faste?

0 Karma

aohls
Contributor

@adonio thank you. I checked these before and it clicked better this time. Will this persist data also? We have about a 3 month limit. I am creating a manual dataset to persist for a longer timerange. Do indexes keep data longer also or only accelerate reporting?

0 Karma

adonio
Ultra Champion

you can set index to whatever retention period you want
retention is limited by either time or size, whatever comes first

0 Karma

aohls
Contributor

This makes a lot more sense thank you. I think half the confusion has come from me not having the access to create an index.

0 Karma
Get Updates on the Splunk Community!

Routing Data to Different Splunk Indexes in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...

Getting Started with AIOps: Event Correlation Basics and Alert Storm Detection in ...

Getting Started with AIOps:Event Correlation Basics and Alert Storm Detection in Splunk IT Service ...

Register to Attend BSides SPL 2022 - It's all Happening October 18!

Join like-minded individuals for technical sessions on everything Splunk!  This is a community-led and run ...