Turning your Splunk log data into a timeseries database – InfluxDB
Let say you have a load balancer with few thousand sites, the load balancer keeps track the response time from the backend server. Your log is saved in Splunk. Now, the application team comes to you and ask the site performance in the last 30 days. You think it’s easy, yes, when you start with last hour , the results come out within a minute. But when you do last 30 days, it’s a such a pain because the data is too large. Since last one hour seems to be OK, why don’t we dump that result data into some other faster database? Since it’sRead More →