What do you mean by
[main]
and where would I type that command in?
I'm new to Splunk and have just set it up with 1 cisco firewall inputting syslog data. I've just barely messed with this web GUI interface.
If I want to set an auto delete policy for my data because the disk size I am using is a small 25GB drive, how do you navigate to the area to type in the command above:
frozenTimePeriodInSecs = 7776000
... View more