A source is the name of the file, directory, data stream, or other input from which a particular event originates. It can be used to find all data originating from a specific device. Metric data points and events can be searched and correlated together, but are stored in separate types of indexes.Ī host is the name of the physical or virtual device where an event originates. kb=345ĭimensions: hq=us-west-1, group=queue, name=azd Dimensions provide additional information about the measurements. A measurement is a metric name and corresponding numeric value. MetricsĪ metric data point consists of a timestamp and one or more measurements. Transactions can represent a multistep business-related activity, such as all events related to a single customer session on a retail website. You can also define transactions to search for and group together events that are conceptually related but span a duration of time. This is an example of an event in a web activity log:ġ73.26.34.223 - “GET /trade/ app?action=logout HTTP/1.1” 200 2953 Text document, a configuration file, an entire stack trace, and so on. It is a single entry of data and can have one or multiple lines. Splunk Lantern (Customer Success Center)Īn event is a set of values associated with a timestamp.Splunk Tutorial: Getting Started Using Splunk.You might also want to review these related resources: This Splunk Quick Reference Guide describes key concepts and features, as well as commonly used commands and functions for Splunk Cloud and Splunk Enterprise.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |