Solved: Re: What is this Backfilling script??

keshab · ‎11-03-2011

What's the difference between daily, fivemin, and all backfilling python script?

What does this script actually do for Web Intelligence app?

Logs get indexed in Splunk - shouldn't the Web Intelligence app show traffic in real time??

joshd · ‎11-03-2011

The backfill_all.py script executes a number of searches to populate the summary indexes with data you have already indexed and not just the new stuff that the web intelligence app will see going forward after installation. The scheduled searches that come with the web intelligence app will only execute against new data and not data thats say a year old.

View solution in original post

ChrisG · ‎11-03-2011

For more info, see the docs: http://docs.splunk.com/Documentation/WebIntel/1.0Beta/User/Backfillingdata. "Once setting up the app is complete, you might need to backfill your historical data to view events older than the last five minutes. The Web Intelligence app include data summarizations for 5 minute, hourly, and daily time ranges."

joshd · ‎11-03-2011

The backfill_all.py script executes a number of searches to populate the summary indexes with data you have already indexed and not just the new stuff that the web intelligence app will see going forward after installation. The scheduled searches that come with the web intelligence app will only execute against new data and not data thats say a year old.

What is this Backfilling script??

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...