Share a Tip

How to create Analytics Metrics using API

Morelz
Motivator

Creating large amounts of Analytics Metrics takes some time, and there is no official API to support this function currently.

If you wish to automate this in the interim , to reduce the time taken to create them you can do the following.

You would run the Authentication URL to get the JSESSIONID & X-CSRF-TOKEN values by running the following command

curl -i --user @sername@account:password https://<controller url>/controller/auth?action=login

Then using the following URL, you can create the Metric 

https://<controller url>/controller/restui/analyticsMetric/create

Set the Header values with the responses from the Auth Query(I used Postman for this example)

image.png

Provide the Metric query you wish to create, example below

{"adqlQueryString":"SELECT avg(responseTime) FROM transactions WHERE application = \"TEST\"","eventType":"BIZ_TXN","enabled":true,"queryType":"ADQL_QUERY","queryName":"TEST"}
 
You should then get a status 204 if it was successful.
 
Depending on how complex your queries are it might fail as certain strings need to be escaped. What I would suggest initially is to manually create the queries, and use developer options in your browser to view the API call being made to ensure you provide the queries in the correct format and then automate it.
Tags (2)
Get Updates on the Splunk Community!

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

What are Community Office Hours?Community Office Hours is an interactive 60-minute Zoom series where ...

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

A Prelude to .conf25: Your Guide to Splunk University

Heading to Boston this September for .conf25? Get a jumpstart by arriving a few days early for Splunk ...