How to Collect Data from Splunk

This article will show you how to create a Metric or Internal Report using Splunk as a data source. It assumes that you have already established connectivity to the Splunk data source desired.

1. Access New > Metric

Access New > Metric

Provide the basic information required for creating a new metric:

  1. Specify this Metric's Measure.  If you do not see the measure that you want to use, scroll down to the bottom of the drop-down list and create  a new one by clicking Add New Measure
  2. Select the Measurement Interval that applies to your element
  3. Give the element a unique Name
  4. Optionally, assign a Category
  5. Click Next: define details to proceed with data collection

2. Full Editor displays the Data Collection tab

  1. Select the Splunk connection profile serving as a Data Source for this Metric
  2. Set the Data Collection Trigger which is going to initiate updating information in this Metric
  3. Construct a Plugin command that should list the data you would like to include into the Metric (manually of via the Visual Editor). Please note that Metrics represent time series data, so one of the columns should contain dates.
  4. Validate your Plug-in Command. If your statement is valid, the statement box is green; if there are any errors, the box is colored in red and errors will be explained in the field below.
  5. Collect Data and Enable and Publish

Plugin commands

To get more information on Splunk plug-in syntax and full list of commands, refer to the Splunk command cheat sheet and search for commands by category.

3. Metric will be displayed in viewer

0 Comments

Add your comment

E-Mail me when someone replies to this comment