Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Federated Search - Metrics index, no data found?

Stan816
Explorer
‎06-17-2021 02:58 AM

Hello Splunkers!

I am very exited about the new federated search feature starting the Splunk 8.2 version!
I got it to run with a onPrem development machine and a regular index - works as desired and described.

However, if I try the same procedure with a metrics index as a remote data set, my search
either
index=federated:my_metrix_index
or
|mpreview index=federated:my_metrix_index
do not return any result and there is no error returned.

Is this currently the intended behaviour? I would assume, that the REST endpoint is not yet completely adjusted.

Looking forward to hear fro

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

mljdivemaster
Explorer
‎06-29-2021 09:33 AM

https://docs.splunk.com/Documentation/Splunk/8.2.0/Search/Defineafederatedindex

 

It seem like metrics indexes are not supported

Reply
Solved! Jump to solution

Stan816
Explorer
‎07-01-2021 01:57 AM

@mljdivemaster  Thanks - Reading the docs properly helps!

Hopefully this will be added in the future.

Best

Stan

0 Karma
Reply
Register for .conf25!
Get Updates on the Splunk Community!

Why You Can't Miss .conf25: Unleashing the Power of Agentic AI with Splunk & Cisco

The Defining Technology Movement of Our Lifetime The advent of agentic AI is arguably the defining technology ...

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

In today’s complex digital landscape, security teams face increasing pressure to protect sprawling data across ...

Your summer travels continue with new course releases

Summer in the Northern hemisphere is in full swing, and is often a time to travel and explore. If your summer ...
Top