Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Federated Search - Metrics index, no data found?

Stan816
Explorer
‎06-17-2021 02:58 AM

Hello Splunkers!

I am very exited about the new federated search feature starting the Splunk 8.2 version!
I got it to run with a onPrem development machine and a regular index - works as desired and described.

However, if I try the same procedure with a metrics index as a remote data set, my search
either
index=federated:my_metrix_index
or
|mpreview index=federated:my_metrix_index
do not return any result and there is no error returned.

Is this currently the intended behaviour? I would assume, that the REST endpoint is not yet completely adjusted.

Looking forward to hear fro

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

mljdivemaster
Explorer
‎06-29-2021 09:33 AM

https://docs.splunk.com/Documentation/Splunk/8.2.0/Search/Defineafederatedindex

 

It seem like metrics indexes are not supported

Reply
Solved! Jump to solution

Stan816
Explorer
‎07-01-2021 01:57 AM

@mljdivemaster  Thanks - Reading the docs properly helps!

Hopefully this will be added in the future.

Best

Stan

0 Karma
Reply
Get Updates on the Splunk Community!

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...

Combine Multiline Logs into a Single Event with SOCK: a Step-by-Step Guide for ...

Combine multiline logs into a single event with SOCK - a step-by-step guide for newbies Olga Malita The ...