hacksport.blogg.se - Splunk enterprise documentation

#SPLUNK ENTERPRISE DOCUMENTATION HOW TO#

The field labels in a report might not indicate the type of information they contain.You can have as many fields as required in your report and name these fields as per your requirements. Title: Indicates the event’s title snippet.For example, you can concatenate this identifier with issue, and differentiate events that differ only by status. Event ID: An identifier that can be concatenated with other fields in the report to get a unique identifier.The report must have fields that contain the following type of information: To display meaningful data in BMC Helix Operations Management from a Splunk report containing events from a third-party product, the report should meet the following criteria:

This report contains events from a third-party product. For details, see the Search app in the Splunk documentation.įor example, the following figure shows the Splunk_II_Events report, which is part of the Search app.

Ensure that the Splunk report from which you want to collect data is part of the Search & Reporting application (Search app).

Ensure that the Splunk user account that you plan to use when configuring the Splunk connector has access to the required Splunk report. A Splunk report contains events and metrics information.

This connector collects data from Splunk reports.

This connector supports the following versions of Splunk Enterprise for data collection:īefore you configure a connection with Splunk, ensure that the following prerequisites are met. & amp lt p& amp gt & amp lt br/& amp gt & amp lt /p& amp gt

#SPLUNK ENTERPRISE DOCUMENTATION HOW TO#

Watch the following video (10:25) to learn how to collect events and metrics data from Splunk Enterprise and view the collected data in BMC Helix Operations Management.

As a tenant administrator, perform the following steps to configure a connection with Splunk, verify the connection, and view the collected event and metric data in various BMC Helix applications.