The Layer8Insight App for Splunk has been updated to version 2.0 and is posted on Splunkbase.
This update is a complete overhaul of the app. Most notably is the transition to only support version 6.4 or newer Splunk Enterprise. Any users on Splunk 6.2 or 6.3 must upgrade Splunk to use this new app.
The primary drivers for change are the improvements and features in the newer versions of Splunk while streamlining both internal development and data analysis.
Along with the internal changes and improvements, many new dashboards were added along with reworking existing dashboards. There are improved summary dashboards that indicate priority hosts and users, an App UX comparison dashboard, host and user-specific drilldown dashboards, and a more capable Gantt / Timeline visualization dashboard.
Some dashboards were replaced (e.g., the Drilldown Client UX dashboard is supplanted by combination of the Drilldown Host / User UX and the Drilldown Activity Timeline dashboards). Also, all perfmon and windows event log searches are consolidated in the Drilldown Host Perfmon and Event Log dashboard.
Also, the internal Splunk datamodel has been replaced by a new version that removed some fields and added new events to help improve searches, especially for deployment monitoring.
NOTE: upgrading to the official release of version 2.0, including 2.0 Beta installs, will require restarting Splunk after the upgrade. If you are upgrading from a 1.x release, following the upgrade you should flush your browser cache (CTRL+F5) while in the app, and you should expect Splunk to take a few minutes to rebuild the datamodel, i.e., searches may take a bit longer at first.
The Layer8Insight Indexer App for Splunk is still at version 1.3.1 and unchanged.
Layer8Insight App for Splunk, version 2.0
- Reworked all dashboards to use newer Splunk features and general optimizations
- New/Reworked Dashboards
- Host UX and User UX Drilldown Dashboards
- App UX Session Details Drilldown Dashboard
- App UX Comparison Metric Analysis Dashboard
- Worst App UX User Dashboard
- Worst App UX Host Dashboard
- App Activity Timeline/Gantt Dashboard
- Host Perfmon and Event Log Dashboard
- Removed Dashboards
- Client UX and Perfmon Drilldown Dashboard
- Client UX Gantt Dashboard
- Leaky Perfmon Counters Dashboard
- Updated user selection in dashboards to incorporate the domain name and user name
- Using newer Single Value visualizations with sparklines on Home Dashboard and extended search of Home dashboard to past 7 days
- Added toggle button to App UX Alerts dashboard to control enabling of expensive on-demand searches
- Replaced prior datamodel with a new one that adds optimizations and a new datamodel object for deployment-related fields. Some fields were removed, e.g., version, window_tile, and others.
- More improvements and cleanup in props.conf
- Cleaned up eventtype definitions to minimize use of wildcards
- Cleaned up macros
- Made non-submit buttons more consistent