Getting Data In

How do I pull a log file directly in as a metric?

daniel333
Builder

All,

I am playing with metricbeat and I am happy camper with it. I was wondering if there was a way to pull the metricbeat logs in directly as a metric rather than as a log?

Example logs
2017-12-17T18:54:16.241-0500 INFO logp/core_test.go:13 unnamed global logger
2017-12-17T18:54:16.242-0500 INFO [example] logp/core_test.go:16 some message
2017-12-17T18:54:16.242-0500 INFO [example] logp/core_test.go:19 some message {"x": 1}

Tags (1)
0 Karma

iamarkaprabha
Contributor

You can try using uberagent app.
https://splunkbase.splunk.com/app/1448/

back2root
Path Finder

Maybe you wanna have a look at Splunk 7.2.0 newest feature "log-to-metrics conversion":
http://docs.splunk.com/Documentation/Splunk/7.2.0/Metrics/L2MOverview

Pre 7.2.0 you need to write props/transforms: http://docs.splunk.com/Documentation/Splunk/7.1.3/Metrics/GetMetricsInOther

0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...