Splunk ITSI
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Unable to find kpi_value in itsi_summary index

krutika_ag
Path Finder
‎08-23-2024 07:35 AM

Hello,

 

I want to create a dataset for Machine Learning,

I want kpi name and Service Health Score as field name and their value as value for last 14 days,

how do i retrieve kpi_value and health_score value, is it stored somewhere in itsi index?

I cannot find kpi_value field in index=itsi_summary

#predictive analaytics #machine learning, splunk it


#predictive analytic 
Splunk Machine Learning Toolkit 
#Splunk ITSI

Also, if you have done Machine Learning / Predictive ANalytics in your environment, please suggest a approach 

Labels (1)
Labels
Tags (1)
0 Karma
Reply

proyleJDS
Path Finder
‎08-27-2024 09:15 PM

Are you looking for something like this?

 

index=itsi_summary 
| eval kpiid = mvappend(kpiid, itsi_kpi_id) 
| stats latest(alert_value) as alert_value latest(alert_severity) as health_score by kpiid kpi 
| join type=left kpiid 
    [| inputlookup service_kpi_lookup 
| stats latest(title) as title by kpis._key 
    | rename kpis._key as kpiid
        ] 
| search title IN ("<Service Names>") kpi!="ServiceHealthScore"

 

0 Karma
Reply
Get Updates on the Splunk Community!

Monitoring MariaDB and MySQL

In a previous post, we explored monitoring PostgreSQL and general best practices around which metrics to ...

Financial Services Industry Use Cases, ITSI Best Practices, and More New Articles ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Splunk Federated Analytics for Amazon Security Lake

Thursday, November 21, 2024  |  11AM PT / 2PM ET Register Now Join our session to see the technical ...