Splunk IT Service Intelligence

ITSI Bug ? storeentities commands service_fields option does not work

vantasy1208
New Member

Dear ITSI dev dept,

these days i work with splunk ITSI v2.0.0 to monitor our network environment
i want to setup a scheduled search with storeentites command to update my entities periodlcally

my search string is looked like:
... | storeentities identifier_fields="xxx" informational_fields="yyy" service_fields="zzz" insertion_mode=replace

after execute the search , i can see the entities are created with alias and informational fields
but they do not bind to any service.

could u help me to confirm is it a BUG ?
thank u very much

0 Karma

mglauser_splunk
Splunk Employee
Splunk Employee

Hello vantasy1208,

Can you try adding semicolon delimiters to your search and see if it produces more favorable results?

Additionally, please take a look at this documentation page:

http://docs.splunk.com/Documentation/ITSI/latest/Configure/Aboutthestoreentitiescommand

It lists some guidelines that might help you out.

0 Karma

vantasy1208
New Member

i have updated ITSI to version v2.1.0
the service_fields option seemed to works correctly , even though it is not stable.

but i meet another issue,
after execute storeentities commands,
i go to the configure>entitites pages , i can see title , alias , services column with context.
then i go to the configure>services pages , the entity rules column of each service is null.
so it means that no entities had bind to any services ?

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...