Activity Feed
- Karma Re: JSON is one huge single entry - Is there a way to break it apart in Splunk? for to4kawa. 06-05-2020 12:51 AM
- Posted Re: HTTP Response Code: 404 - Not Found from dyntrace to splunk HEC on Getting Data In. 03-23-2020 10:18 AM
- Posted Re: Example of how to use Dynatrace with the Splunk platform? on All Apps and Add-ons. 03-23-2020 10:11 AM
- Posted Re: Dynatrace "tags" response field on All Apps and Add-ons. 03-23-2020 10:08 AM
- Posted Re: multi-step or API ingestion question on All Apps and Add-ons. 03-23-2020 10:06 AM
Topics I've Started
No posts to display.
03-23-2020
10:18 AM
Good Day: There are a few things to consider here as I have set up the Custom Webhook from Dynatrace successfully to the Splunk HEC.
Your HTTP header...instead of the word "Basic", I found the word Splunk to be something that worked for me. Not sure if Basic will work or not.
There is an additional header you may need - Content-Type:application/json
Issues can still arise, with these settings above, based on the payload of the Webhook.
This has worked for me as the custom payload:
{
"sourcetype": "manual",
"event": {ProblemDetailsJSON}
}
... View more
03-23-2020
10:11 AM
Good day...as a current Dynatracer who spent a long time working in the Splunk world, I would suggest you look to move away from the Splunk App for Dynatrace based on a few factors:
The App is not available for Splunk 8
You deal with troubleshooting issues like these where you're asking questions of an app you need to understand but didn't write.
I recommend using the REST API Modular Input to pull data from the Dynatrace API. You can validate your API calls
and results using something like Postman and then move them over the Modular input rather easily. The REST API Modular input is a long-time and well tested app in the Splunk community which is actively maintained. The only caveat is if you use Splunk Cloud, you will need to use the REST API modular input on a Heavy Forwarder to execute the API calls, and then have it send the data to your proper index on Splunk cloud.
... View more
03-23-2020
10:08 AM
Good day...as a current Dynatracer who spent a long time working in the Splunk world, I would suggest you look to move away from the Splunk Add-on for Dynatrace based on a few factors:
The App is not available for Splunk 8
You deal with troubleshooting issues like these where you're asking questions of an app you need to understand but didn't write.
I recommend using the REST API Modular Input to pull data from the Dynatrace API. You can validate your API calls
and results using something like Postman and then move them over the Modular input rather easily. The REST API Modular input is a long-time and well tested app in the Splunk community which is actively maintained. The only caveat is if you use Splunk Cloud, you will need to use the REST API modular input on a Heavy Forwarder to execute the API calls, and then have it send the data to your proper index on Splunk cloud. This will also ensure you get the entire payload as you would expect from the Dynatrace API, including Tags.
... View more
03-23-2020
10:06 AM
Good day...as a current Dynatracer who spent a long time working in the Splunk world, I would suggest you look to move away from the Splunk App for Dynatrace based on a few factors:
The App is not available for Splunk 8
You deal with troubleshooting issues like these where you're asking questions of an app you need to understand but didn't write.
I recommend using the REST API Modular Input to pull data from the Dynatrace API. You can validate your API calls
and results using something like Postman and then move them over the Modular input rather easily. The REST API Modular input is a long-time and well tested app in the Splunk community which is actively maintained. The only caveat is if you use Splunk Cloud, you will need to use the REST API modular input on a Heavy Forwarder to execute the API calls, and then have it send the data to your proper index on Splunk cloud.
... View more