Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Virtual Index with Hunk

boulderdevdude
New Member
‎05-27-2014 01:50 PM

Platform: CDH5.0.0 + Splunk 6.1 and Hunk.
We have configured virtual indexes. We are successfully issuing queries against Splunk and getting data back from MR jobs.

When MR jobs run, should they produce splunk index files, so next time Splunk makes a query against this data it doesn't have to run an MR job again?

I see result files with names like 1401212205.1082/0/part-m-00043 (1 per MR task, I think). Each file contains what looks like a hash and a path to a different file. Example
81a76d523faab948b16fcd2eb6dd56a0 /user/splunk/scratch/dispatch/1401212205.1082/0/splunk-m-0000043

But the splunk-m-0000043 file (or any like them) do not exist at that directory location. Are they supposed to exist?

Tags (2)
0 Karma
Reply

Ledion_Bitincka
Splunk Employee
Splunk Employee
‎05-27-2014 01:56 PM

Hunk does not create any persistent artifacts or index after running a search, ie it does "index" the data after first search. However, for searches that you intend to run frequently in Hunk 6.1 you can enable report acceleration to cache the intermediate results so they are reused next time

Here's another related question - not sure if it's the same question from two co-workers 🙂

0 Karma
Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...