All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Need help with Configurations Analytics App for Splunk for configurations management.

sayantabasak
Explorer
‎03-05-2019 09:40 PM

Hello Andrew @landen99

First of all a big thanks for coming up with this great app concept. I would love to leverage it to do some splunk internal configuration monitoring and management.

I have got started with the app and gone thought the readme file. Once I downloaded the main app I found it has multiple sub directories. I have understood their functions but unable to kick start them to do their job.

ca_idx --> has been copied to indexer which created the required indexes --> working fine
ca_win/default --> has been configured to onboard logs windows/linux --> works fine

But ca_sh,ca_btool,ca_tool is where I am stuck. Are they supposed to reside within the parent app config_analytics in the search head or should i put them independently under etc/apps folder in the search head ? Even though the data is correctly coming in , I am unable to leverage any of the dashboard functionality since these 3 sub apps seems to be broken. Any help would be highly appreciated.

Finally thank you Gregg @woodcock for highlighting this app in .conf18.

0 Karma
Reply

dillardo_2
Path Finder
‎08-29-2019 02:33 PM

We got most of them working by placing each folder under /etc/apps.
Still working on Windows and SH monitoring.

0 Karma
Reply

landen99
Motivator
‎03-09-2019 09:36 AM

ca_sh, ca_btool, ca_tool are all separate apps for the search head.

ca_sh has the dashboards and searches
ca_tools has extra admin related tools
ca_btool has btool related tools

I haven't had much time yet to work on the app to develop means for connecting and tracking knowledge object dependency changes, but that is a goal. I have been working on my udemy courses: 1) regex in Splunk and 2) fast Splunk searches.

Reply

woodcock
Esteemed Legend
‎03-06-2019 09:12 PM

The ca_btool goes on every node and ca_sh goes on the Search Heads. I have never had occasion to poke into the ca_tool app so I don't know.

Reply

landen99
Motivator
‎08-31-2019 12:10 PM

Gregg, You are going to love my next app and talk at .conf19! Improving searches to run 500k times faster against raw data and correlated searches (multiple data sources).

0 Karma
Reply

woodcock
Esteemed Legend
‎08-31-2019 03:42 PM

You got a talk slot? GOOD FOR YOU! I will not miss it.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Index This | What travels the world but is also stuck in place?

April 2026 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Realizing the full potential of your Splunk investment requires more than just understanding current usage; it ...

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

As data volumes continue to grow and environments become more distributed, managing and optimizing data ...