Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Federated Search - Metrics index, no data found?

Stan816
Explorer
‎06-17-2021 02:58 AM

Hello Splunkers!

I am very exited about the new federated search feature starting the Splunk 8.2 version!
I got it to run with a onPrem development machine and a regular index - works as desired and described.

However, if I try the same procedure with a metrics index as a remote data set, my search
either
index=federated:my_metrix_index
or
|mpreview index=federated:my_metrix_index
do not return any result and there is no error returned.

Is this currently the intended behaviour? I would assume, that the REST endpoint is not yet completely adjusted.

Looking forward to hear fro

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

mljdivemaster
Explorer
‎06-29-2021 09:33 AM

https://docs.splunk.com/Documentation/Splunk/8.2.0/Search/Defineafederatedindex

 

It seem like metrics indexes are not supported

Reply
Solved! Jump to solution

Stan816
Explorer
‎07-01-2021 01:57 AM

@mljdivemaster  Thanks - Reading the docs properly helps!

Hopefully this will be added in the future.

Best

Stan

0 Karma
Reply
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...