By Splunk March 12, 2015
Hey there and welcome to the 14th installment of Smart AnSwerS.
Here at Splunk, we’re not only building a community of users through user groups as highlighted in last week’s Smart AnSwerS blog, but we also participate in some cool projects for various communities at large through our corporate social responsibility program Splunk4Good. What better way to make a difference than through using our very own products to analyze and visualize big data for positive social impact? You can check out live projects at www.splunk4good.com to see the potential and possibilities. Aside from just using Splunk to do good, we ourselves engage with local (and not so local) communities too. Just this past Tuesday, piebob and I volunteered as Career Day speakers at Roosevelt Middle School in San Francisco to get kids motivated and excited to think about future their goals. Splunkers of all walks of life put energy into giving back to populations and causes that align with our values and the Splunk>4Good blogs are a great place to keep up with what we’re all up to 
– Check out this week’s featured Splunk Answers posts:
What is the order of precedence when there are conflicting configs (such as timezone) at the sourcetype, host and source level?
anandhim wanted to know the priority of attributes processed for events by host, source, and sourcetype in the case of conflicting configuration files. MuS shared a portion of the Admin Manual containing a link to the page on this exact topic which is always great practice on Answers to show users the abundance of knowledge already present in our Splunk documentation. jchampagne_splunk joined in on the fun with an awesome answer using sample props.conf configuration files to demonstrate the precedence of processing stanzas.
http://answers.splunk.com/answers/219817/what-is-the-order-of-precedence-when-there-are-con.html
How to pass multiple values from a drilldown in a table to a separate dashboard?
Users on are always looking on Answers for examples of implementing Simple XML drilldown elements in their dashboards, so why not have a nice post meant just for this purpose? Wiggy presents a very clean case and sample code to show the community how to set up a drilldown from one dashboard view to another that can easily be adapted for different purposes and behaviors. This is just one of the many ways to customize your dashboards and UI to fit your data visualization needs. If you’re looking to expand your Simple XML knowledge, check out the Splunk 6.x Dashboard Examples app to grab some new ideas.
http://answers.splunk.com/answers/169192/how-to-pass-multiple-values-from-a-drilldown-in-a-1.html
How best to use two servers to scale Splunk from a single instance?
Bdruth was planning on scaling his Splunk deployment from a single instance and wanted to gather some recommendations. He got just the insight and expertise he needed from ssievert_splunk who is no stranger to the topic of scalability. There are a number of factors to take into account when planning all different types of deployments and this post makes for a good read into those considerations.
http://answers.splunk.com/answers/219689/how-best-to-use-two-servers-to-scale-splunk-from-a.html
Thanks for reading folks and cheers!
Missed out on the first thirteen Smart AnSwerS blog posts? Check em out here!
http://blogs.splunk.com/author/ppablo
----------------------------------------------------
Thanks!
Patrick Pablo