Related Answers
Download topic as PDF
Best practices for improving performance in Splunk Mission Control
This guide includes best practices for reducing performance issues and improving the incident triage and investigation experience in Splunk Mission Control.
See the following table for best practices and related documentation on improving the performance of Splunk Mission Control:
| Best practice | Description | Documentation |
|---|---|---|
| Filter incidents in the Incident review table | Instead of running searches or lookups, filter incidents on the Incident review page to get results faster. You can filter incidents by fields such as owner, status, urgency, sensitivity, disposition, incident origin, incident ID, and incident type. | Apply filters and save filtered views for incidents |
| Triage incidents using the Preview side panel | Instead of opening new tabs to review incident details, triage the incident by selecting Preview in the incident review table. You can review incident details and configure fields from the preview side panel. | Triage incidents |
| Manage your search quota | Splunk Mission Control has a default search quota limit. Some background searches, such as those initiated when running dashboards, contribute to the search quota and might impact the performance of Splunk Mission Control. You can manage your search quota by contacting your account manager. | Splunk Support Portal |
Last modified on 22 April, 2024
|
PREVIOUS Example incident response workflow in Splunk Mission Control |
NEXT Triage incidents using incident review in Splunk Mission Control |
This documentation applies to the following versions of Splunk® Mission Control: Current
Feedback submitted, thanks!