Splunk tips and tricks Archives

SPL Optimization

October 21, 2020October 21, 2020Robert Tennyson

There are countless blogs, articles, and Splunk ‘answers’ regarding the optimization of Splunk queries (and here’s another one). In this article, we are going to share a few tips to improve the performance of your Splunk queries……Learn MoreSPL Optimization

Splunk Tips & Tricks: Save some memory from those pesky extra eventtypes

October 2, 2020October 7, 2020Joe Lyon

Did you know that all Splunk Knowledge Objects (KO) generated during a search are maintained in memory? Sure, any one KO in itself doesn’t take up a lot of memory, but run a search that returns 10 million events… You can do the math! …Learn MoreSplunk Tips & Tricks: Save some memory from those pesky extra eventtypes

Splunk API Data Ingestion

September 11, 2020September 16, 2020Cedric Milan

Did you know that Splunk has the capability to ingest non-log based data through multiple onboarding methods? In this blog, we will touch on API based data ingestion, as it is traditionally the most common method utilized.…Learn MoreSplunk API Data Ingestion

What is Summary Indexing???

August 25, 2020October 7, 2020Robert Tennyson

What is Summary Indexing? Summary indexes, as the name implies, allows for the storage of summarized data over time. This allows us to take these bite-size calculations of our data, and store those results in separate indexers.…Learn MoreWhat is Summary Indexing???

Your Guide to Disk Migration

July 23, 2020October 7, 2020Pankaj Varjani

Many Splunk customers start with a single disk for storing Indexes and then want to make changes. In this guide we will discuss the steps to move hot/warm buckets onto faster disks and move cooler buckets to cheaper storage.…Learn MoreYour Guide to Disk Migration