Clean or Delete Data in a given Source SplunkNinja 1 Comment Vote Up +2 Vote Down -3You already voted! The following Splunk query will wipe or clear a data source. Ensure you specify an index else it will wipe the given source for all indexes. source=path\to\sourcename | delete Share This: Tagged: CleanDelete SourceWipe
john117 July 9, 2018 at 5:33 pm It should be noted that this will not actually wipe the data, but simply hide it from view. Reply
It should be noted that this will not actually wipe the data, but simply hide it from view.