Splunk ITSI

Finding the fields in itsi_event_management_group_index

keesling
Engager

I'm a newby to both splunk and itsi.  I think I can figure out how to find the fields in a lookup table and in an index, however, despite the name of this thing (itsi_event_management_group_index), it seems not to be an index as preceding it with "index=" yields no results, thus I can't figure out how to determine the names of the fields contained within it.  I've been provided with a query which references some of the fields via the 'stats' command, but... 1) How do I identify all such fields, and 2) what is this thing if not an index or lookup table?

Labels (2)
0 Karma
Get Updates on the Splunk Community!

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...

Splunk and Fraud

Watch Now!Watch an insightful webinar where we delve into the innovative approaches to solving fraud using the ...