Hi,
Has anyone worked with control-m logs in splunk. I want to understand what are the important attributes we need to consider for building dashboard for control-M logs.
Thanks
If splunk forwarder is installe on COntrol-m host then you can run the splunk queries. In our case we have implemented it and working.
Search query -
index="YOUR_INDEX_NAME" sourcetype="Control-M" "JOB * ENDED NOTOK" | rex "JOB\ \s*(?<JOB_NAME>.+)\s*\ \(ORDERID"