Transparent Huge Pages (THP) is a Linux kernel feature designed to optimize memory management, but it can significantly impact the performance of certain applications. This article explores the benefits and challenges of THP, with a particular focus on its effects on Splunk performance and how to configure it appropriately for optimal system operation.
What do you do when you want to reindex logs that have already been indexed by Splunk? This article shows you how to use the ‘fishbucket’ method to reindex your data, whether you indexed it into the wrong index or forgot to create an index before applying your inputs.conf.
Don’t just give it root access! Process of onbaording Linux logs into Splunk using ACLs.
Splunk Admin Config Service (ACS) API is a super powerful tool that allows you to manage your Splunk Cloud instance programmatically. In this post, I’ll showcase some use cases for Splunk Cloud’s ACS API as well as provide some real-world examples.
Let’s take a look at how to automatically delete old logs when using Syslog-NG. This doesn’t just apply to Syslog-NG, but it’s a common use case.