There have been countless instances when I was on a client site and tasked with building custom dashboards on large data sets, with a requirement to search over the past 3 months or greater. Each minor tweak or adjustment to the search would require me to run the entire search again, which on development systems would be a huge time sink. My life would have been so much easier, and I would have saved loads of time, if there was a way to run my searches against a smaller data set. Obviously, I could achieve this by, for example, running my searches against a shorter time frame but I would...
Event Sampling - Splunk 6.4 Feature
Posted by Rupak Pandya
on Tuesday, August 2, 2016 - 10:07
Operational Intelligence Big data, Splunk 6.4, Cool Tools, Dashboards, Reports, Event Sampling, Events, sample, Operational Intelligence