How-To is the tag for how-to articles.
What do you do if you have a large number of Deployment Servers (DS) and want to separate business units into different serverclasses? In this article, we will discuss steps you can take to adapt your (DS) to your growing organization.
To say a lot has change in 2020 is an understatement. The world we live in and work in has dramatically changed these past few months and some changes might last even longer. But even in this unpredictable world, we still look at data to help us solve our problems.
Did you know that all Splunk Knowledge Objects (KO) generated during a search are maintained in memory? Sure, any one KO in itself doesn’t take up a lot of memory, but run a search that returns 10 million events… You can do the math!
Splunk WLM (Workload Management) provides the ability to allocate compute and memory resource to search, indexing, and other processes such as scripted inputs. This allows you to allocate the right resources to your Splunk server depending on its role.
Making data CIM compliant can be a daunting and confusing exercise for new Splunkers and experienced ones alike. Often the biggest misconceptions have to do with the approach rather than the exercise itself. My biggest piece of advice – start with the end in mind.
As Splunk consultants, it’s common to come across customers who have a Splunk license and are ingesting data, but have yet to learn or have taken the time to develop their own Splunk dashboards.