Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

summary index not working

722624
Path Finder
‎03-09-2017 10:52 PM

I have created a query

index="xxx" source="xxxxxx"|dedup dn|sistats count

scheduled this hourly

I could not find any data with
index=summary search_name="my schedule report name"

could not understand what went wrong, can anybody please help

Thank you
AB

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

722624
Path Finder
‎03-13-2017 10:25 PM

changed the value of
action.summary_index to 1 in savedsearches.conf and then restared SPLUNK

it is working now

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

722624
Path Finder
‎03-13-2017 10:25 PM

changed the value of
action.summary_index to 1 in savedsearches.conf and then restared SPLUNK

it is working now

0 Karma
Reply
Solved! Jump to solution

rjthibod
Champion
‎03-10-2017 04:43 AM

Can you share the contents of savedsearches.conf that shows the full configuration for your summary indexing search?

0 Karma
Reply
Solved! Jump to solution

722624
Path Finder
‎03-13-2017 10:21 PM

Thank you... forgot completely about savedsearches.conf.... working now ...

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...