Hi Everyone,
I am a newbie to Splunk and I am trying to implement the use case as below. All the data is generated in real time and needs to be processed in real time.
I have multiple WorkFlows running in Jenkins and there are multiple Sessions running inside each Workflow. We have nearly 190 WorkFlows and 1400 Sessions which run once a day (80% of Workflows) or multiple times a day. We have a Table in MySQL which records the WorkflowName, SessionName, StartTime, EndTime. We are trying to achieve the below two things.
1. Data Visualization: We want to set up a Dashboard, which will display the average Runtime for each workflow for each day i.e. if WorkFlow is running once/day, we will have Average Runtime for that WorkFlow = Runtime for WorkFlow. Also, if the WorkFlow is running thrice/day, we will have Average Runtime = Summation of All Runtimes for that day/ number of times Workflow runs.
Questions:
Which is the best way to add data to splunk? Should I use Jenkins App for Splunk, DBConnect App for Splunk or use a log file which will be monitored by Splunk for Real Time Data.
2. Alerting System: Here, I want to trigger an email if the Session or WorkFlow is running beyond its Expected Finish Time. The Expected Finish time is the Average of the Runtime for that Session/Workflow over Past 12 months (or any other Duration).
Example:Say, we have a Session- 'Temp1' which starts at 11am. The expected finish time for 'Temp1' is 30 mins i.e. 11.30am. Now, if the 'Temp1' does not finish till 11.30 am, I need to send an alert to indicate that 'Temp1' is still running.
Questions:
Should I use log file, DBConnect or Jenkins for Splunk to achieve this?
Is it possible for Splunk to Calculate the Expected Finish Time on its own based on the previous history and generate alert accordingly?
Requesting for help with this case.
Thanks,
Sneha Salvi
... View more