All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to Set Varying Limit of Events Generated per Hour in SA-Eventgen to Emulate a Pattern from 1 Line of Sample?

Amusthofa
Explorer
‎02-11-2020 12:40 AM

Hi, Folks.

Say, I have a file with 1 line of sample text. My goal is to emulate patterns like this:

1 AM = 10 events
2 AM = 10 events
3 AM = 15 events
4 AM = 20 events
...
1 PM = 1000 events
2 PM = 1200 events
3 PM = 700 events
4 PM = 300 events
...

and so forth.

I understand that I can use the likes of minuteOfHourRate, hourOfDayRate, etc to have this kind of pattern IF I have sample files with multiple lines of sample event in it.

Is it possible to do the same if I only have 1 line in my sample file? Please advise.

Thank you.

Tags (1)
0 Karma
Reply

lwu_splunk
Splunk Employee
Splunk Employee
‎02-12-2020 04:17 AM

It should be fine to get it work though I have not tested it. But why do you provide only one line sample file, it is not hard to provide a multiple lines sample file.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Register for .conf25!
Get Updates on the Splunk Community!

Introduction to Splunk AI

How are you using AI in Splunk? Whether you see AI as a threat or opportunity, AI is here to stay. Lucky for ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Maximizing the Value of Splunk ES 8.x

Splunk Enterprise Security (ES) continues to be a leader in the Gartner Magic Quadrant, reflecting its pivotal ...