All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

SiLK Add-On using instrumentation app

splunklearner12
Path Finder
‎06-03-2019 02:13 AM

I have to use the SiLK Technology Add-On for a dataset for some testing on a single instance.
I have configured it and I can see under Data Inputs that the number of files and sourcetype (silk) get reocgnised correctly and the add-on is enabled, but 0 events appear in search. The sourcetype silk that was auto-configured by the SiLK add-on has a destination app of "Instrumentation" which cannot be changed. Even when selecting the Instrumentation app in settings and then doing a basic search, 0 events come up, as shown below:
alt text

I don't really understand what the Instrumentation app is. Does anyone have experience with it or with the SiLK Add-On and how to use it?

Tags (1)
Preview file
1 KB
0 Karma
Reply

chris200712
New Member
‎02-02-2020 10:33 PM

Convert the data to ascii. SILK provides a tool for doing that. Also Analysis-Pipeline should do it for you

0 Karma
Reply

chris200712
New Member
‎02-02-2020 10:31 PM

Think you may have to convert the files to ascii. Just a guess. SiLK provides a tool enabling Wireshark and such to read flow captures.

0 Karma
Reply

splunklearner12
Path Finder
‎06-03-2019 02:21 AM

Using sourcetype="silk" index=*, I can now see events coming up but all content shows jibberish characters (binary files) and incorrect timestamps...

0 Karma
Reply
Get Updates on the Splunk Community!

Get the T-shirt to Prove You Survived Splunk University Bootcamp

As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...