Refine your search:

Performance optimization for real-time dashboards

0

We're thinking of building a monitoring console for the NOC team using Splunk. If I want to display three real-time charts on a dashboard, what is the best way to do so while minimizing the number of CPU cores in use? Is it better to do one search per chart? Or is it more efficient to run a search in the background and drive each chart with a subsearch of that data?

Thx.

Craig

asked 07 May '12, 22:52

ontai's gravatar image

ontai
413
accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

Log In to enable email subscriptions

RSS:

Answers

Answers + Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×490

Asked: 07 May '12, 22:52

Seen: 482 times

Last updated: 07 May '12, 22:52

Related questions

Dashboard performance with "large" data sets

Dynamic Dashboard

Real Time Dashboards & Post Process

Optimizing Dashboards performances, looking for the better design

speeding up splunk dashboard load time

Problems controlling time range in dashboards

Search Performance

Apply filters to a Google Map module (Advanced XML Dashboard)

Dashboards - concurrency

Copyright © 2005-2012 Splunk Inc. All rights reserved.