Saved Bookmarks
| 1. |
What do you mean by Summary Index in Splunk? |
|
Answer» Summary indexes store analyses, reports, and summaries computed by Splunk. This is an INEXPENSIVE and fast WAY to run a query for a long PERIOD of time. Essentially, it is the default index that Splunk Enterprise uses if there isn't another one specified by the user. Among the KEY features of the Summary Index is that you can retain the analytics and reports even after the data has gotten OLDER. |
|