All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Non-Repoonding hosts lists non F5

mmacdonald70
Explorer
‎02-07-2017 08:04 AM

I have recently installed the F5 Analytics app and it works well with one exception.

For some reason that I am unable to figure out, on the Dashboard, the non-responding hosts section lists every device that is monitored in Splunk (we also monitor Syslog from several hundred network devices).

Any idea how to fix this?

0 Karma
Reply

kbocchino
Explorer
‎02-08-2017 08:59 AM

Ideally you should be sending data from the HTTP Event Collector for F5 Devices to a specific index example: f5-default. If you have all of the BIG-IPs going to F5 only indexes you would then update the f5_index macro to index name and that will prevent all hosts from being listed.

Reply

mmacdonald70
Explorer
‎02-08-2017 09:03 AM

I can't believe that I missed that index=* line. Index updated and it works as expected. Thank you

0 Karma
Reply

prakash007
Builder
‎04-21-2017 08:45 AM

we did define specific index name in f5_index macro, still we see different hosts in non-responding hosts...did you get this resolved...??

0 Karma
Reply

j0shrice
Path Finder
‎10-18-2017 04:05 PM

Also interested in if this was resolved?

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...