splunk-indexes
Fetch index configurations from Splunk server.
splunk-indexes [profile=PROFILE]
- profile=PROFILE
- The identifier of Splunk connect profile
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect profile | The identifier of Splunk connect profile |
| name | String | Index name | |
| total_event_count | String | Total event count | |
| min_time | String | Min time | Min time of the index |
| max_time | String | Max time | Max time of the index |
| disabled | String | Disabled | |
| current_db_size | String | Database size | Megabytes |
| bloomfilter_total_size | String | Bloomfilter total size | Kilobytes |
| max_data_size | String | Max data size | Triggering a roll from hot to warm buckets |
| bloomfilter_count | String | Number of Bloom filters | |
| hot_bucket_count | String | Number of hot buckets | |
| warm_bucket_count | String | Number of warm buckets | |
| max_hot_span_secs | String | Max hot span secs | The upper bound of the target maximum timespan of hot and warm buckets |
| max_hot_idle_secs | String | Max hot idle secs | If a hot bucket exceeds this value, Splunk rolls it to warm |
| frozen_time_period | String | Frozen time period | The maximum age (seconds) for a bucket, after which the data in this index rolls to frozen |
| home_path | String | Home path | Absolute path to both hot and warm buckets |
| cold_path | String | Cold path | Absolute file path to the cold database |
| thawed_path | String | Thawed path | Absolute file path to the thawed index |
| updated | String | Updated |