Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Are there maintenance steps or best practices around managing the size of the defaultdb folder?

jrubio1
New Member
‎01-13-2016 03:03 PM

Hello everyone,

I'm fairly new to Splunk and currently have the issue where the Splunk server is above 93% disk utilization due to the splunk defaultdb folder. My question is: Is there some maintenance steps or best practice items for managing the size?

alt text

Preview file
1 KB
0 Karma
Reply

lguinn2
Legend
‎01-13-2016 03:54 PM

Yes, there are best practices, but that is a pretty general question. You should start by understanding how Splunk stores indexes and how to configure them in general.

But since you may be in a disk space crisis, I would first examine the maximum size of the main index (that is what is stored in defaultdb). I would make sure that maximum size is not going to allow the index to grow any larger. All of this can be done from the Splunk GUI under Settings.

Take a look at the documentation here: Manage Index Storage

You have many choices in configuring indexes, including both size and location of the various components. If this post doesn't answer your question, then please refine the question. What do you want to do? Make the index smaller, move it to a different disk drive, split it between drives, set a retention policy to remove older data, etc. Then the community can give you better advice.

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Your Guide to SPL2 at .conf24!

So, you’re headed to .conf24? You’re in for a good time. Las Vegas weather is just *chef’s kiss* beautiful in ...