Buckets also contain compressed, raw data. Buckets contain data structures that enable Splunk to determine if the data contains terms or words. In Splunk, you store data in indexes made up of buckets of files. Or, you can read on to understand the Slunk storage mechanism in more detail. You can see full instructions for estimating Splunk storage requirements below. For example, if you’re running Linux, you can see the total storage your Splunk index is using with du -ch hot_v*. ![]() All you need is an understanding of Splunk data and storage tiers and the ability to use CLI commands.
0 Comments
Leave a Reply. |