List of Indexes

This simple Splunk query will return results for indexes that the current user (typically you) have access to:

*NOTE* depending on settings this may or may not return internal indexes.

host=* | dedup index |table index

1	host=* \| dedup index \|table index

Share This:

Tagged: indexes

Comments

masdeeper March 8, 2018 at 11:53 pm

This is resource consumming. REST or tstats would be a better choice.

Reply
Brian April 20, 2020 at 3:02 pm

| tstats values(sourcetype) where index=* by index

Reply

Leave A Comment? Click here to cancel reply.

Newest | Active

manderso

active 1 day, 12 hours ago
miriella

active 1 day, 13 hours ago
Арам

active 1 day, 13 hours ago
slamh0und

active 1 day, 14 hours ago
SplunkNinja

active 1 day, 17 hours ago