Clicky

Jun 24th, 2016: Updated Layer8Insight Splunk Apps

OctoInsight Inc. is delighted to announce that updates to both Layer8Insight apps for Splunk are posted on Splunkbase.
 
If you already have Layer8Insight Apps for Splunk installed, neither of the following updates should require additional steps or changes before or after installation over existing deployments.
 
The Search-head/Dashboard app has the most significant changes. No new dashboards were added. The changes centered around bug fixes, optimizations, and cleanup.  The app has been tested up to the latest version of Splunk, 6.4.1, across the primary browsers.
 
The Indexer app's only change is to overwrite the 'host' metadata field with the ComputerName field in raw Layer8 data. This has no direct impact on the packaged dashboards; however, it should improve search performance with future changes and when looking for data across multiple indexes.
 
Layer8Insight App for Splunk, version 1.0.1
  •  Datamodel Changes:
    • Added new fields to App UX datamodel object to improve search performance
    • Changed Datamodel Acceleration period to 1 month 
    • Changed Datamodel Acceleration schedule to every 10 minutes across less common time intervals
  • Saved Searches:
    • Improved application UX alerts search performance
    • Removed 10 minute sliding window for app UX alert calculation
    • Running summary and alert searches less often
  • Dashboards:
    • Fixed bug that prevented Outlier detection from working on the Logon Delay Metric Analysis dashboard
    • Cleaned up drilldown section of Metric Analysis dashboards
    • Added improved drilldowns and host info to UX Summary Report dashboard
    • Added Instance/Process Drilldown to UX Drilldown dashboard
    • Added hosts selection/filtering to Activity Gantt Report dashboard
    • Simplified Active Users chart on License dashboard
    • Added processes filter to UX Gantt Drilldown dashboard
  • Misc:
    • Added simpler macro to remove tstats prefixes
    • Updated logo
    • Removed extraneous tokens
    • Added comments/documentation to all macros
 
Layer8Insight Indexer App for Splunk, version 1.1
  •  Added override of host metadata field based on ComputerName field in raw events
  • Updated logo
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk