Splunk ITSI

Who created Services in ITSI

Reddi694325
Path Finder

In my ITSI environment already some Services and KPIs are configured. Wanted to know by whom created those Services and KPIs.

Thanks in Advance

0 Karma

PowerPacked
Builder

Hi Reddi694325

ITSI default installation comes with modules like Application server module, database module, operating system module, etc.

These modules have the services, entities, KPIS created for generic use so that you can use or duplicate them according to your use case.

You can always delete these Services, entities, kpis, from Configure section in ITSI UI app, or completely removing these modules from service side.

Thanks

0 Karma

Reddi694325
Path Finder

Thanks for the reply. I don't have access to _internal index. Is there any other way to find it?

0 Karma

Azeemering
Builder

Good question...hard to answer as they aren't exactly like knowledge objects.
What I did find is that when I create a service and then check in Splunk own's internal logging I see a match:

index = _internal sourcetype=itsi_internal_log component="itsi.services" objecttype=service method=create

0 Karma

Reddi694325
Path Finder

Thanks for your answer. But I don't have access to _internal index. Is there any other way?

0 Karma

Azeemering
Builder

The only other thing you can look at is the kvstore / lookups that might give you and indication who created them. But I cannot see a 1 to 1 relation between those and a created service.

0 Karma
Get Updates on the Splunk Community!

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Hey, Splunk Community! Ready to take your data management skills to the next level? Join us for a 3-part ...

Spotting Financial Fraud in the Haystack: A Guide to Behavioral Analytics with Splunk

In today's digital financial ecosystem, security teams face an unprecedented challenge. The sheer volume of ...

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability As businesses scale ...