Great, thanks! I'll try it out. 🙂

Were you able to generate buttercup games data with gogen ?

Unfortunately I never got to testing gogen. Let me know how it works out if you do. 🙂

The showcases that are built into MLT includes some static lists, but no live data. I guess we could use these lists, or use internal data, but it would be more "real" if we where to use live data that's not internal. Examples could be traffic on web sites, sales, disk usage, performance, etc.

@hettervi, why dont you turn on CPU Collection (% Processor Time) on the Splunk Sandbox Server itself ( if it is Windows Server, or if you have Splunk License forward the same from a remote machine), as I have mentioned in scenario 2 above. That way you can show CPU Utilization. One of the hurdles that I see is that how would you get Historical Data to train?

You can also enable Event Viewer metrics collection on Windows Server and pass on System and/or Application logs and show prediction for Event Log Errors.

Also if you consider Splunk app itself it monitors Splunk's usage through _internal sourcetype.

So considering Splunk as a web app, there can be several usecases with (i) sourcetype=splunkd_access or (ii) sourcetype=splunkd AND source=*metrics.log

http://docs.splunk.com/Documentation/Splunk/latest/Troubleshooting/Metricslog

Thank you very much for the suggestions! I'll keep the question open some time loger. A Buttercup event generator would indeed be nice. 🙂

While you can try out these, do wait for others to respond though 😉 If an Event Generator for Buttercup game kind of data is available that would be great 🙂