...m basing my analysis on the following topic: Getmetricsinfromothersources. I've managed to create a search that converts my event data into the format that is required by the metrics_csv sourc...
I am taking events from three source types (same index; two common fields present across all three) and creating a table with the results. The events are indexed using a "timestamps" field that is p...
I am able to push cloudwatch metrics by selecting streaming and selecting json as datatype of output. Additionally I used inbuilt lambda transformation for cloudwatch metrics. I selected source t...
...ighlighted in the source=*Pavilion’s new Success Zone.
The Success Zone will offer interactive experiences that highlight ‘learning’ moments for you at every stage of your Splunk journey. Y...
Customer Success Know Before You Go Guide to .conf23.pdf (1,998 KB)
...ome of the dimenstions from the source field.
According to the docs something like that is possible for nearly all other methods of importing metrics, but not for CSV files.
Is there any way I c...
...bove situation only with UFs internal logs, we simple cannot query for the source and check its earliest coz we dont have access to indexers containing actual logs. I checked with metrics.log but it w...
Hi, I am trying to collect metricsfrom various sources with the OTel Collector and send them to our Splunk Enterprise instance via a HEC. Collecting and sending the metrics via OTel seems to work q...
...Running aggregate metricsources (like my example above - total power consumed in an hour) become very challenging with current, duplicate metric logic
Clustered environments raise the risk of get...
Looking to measure heavy sources and track how much is getting indexed per day by source. the main problem is our Splunk admin team cannot give us access to the _internal index, so i cannot run t...
I have my inputs.conf setup like so:
[monitor:///var/log/java]
disabled = 0
index = myindex
sourcetype = metrics_csv
whitelist = metrics.*.csv
CRCSALT = <SOURCE>
But even though each f...