Event type finder and builder

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Event type finder and builder

The event type finder capability allows Splunk to intelligently discover common patterns across events suggesting potential event types to the users. Additionally, users can now use Splunk's event type builder to manually construct event types via the user interface by selecting from common fields and field values that appear in results.

For more information, see Define and maintain event types in Splunk Web.

Retrieved from "http://docs.splunk.com/Documentation/Splunk/4.1.4/ReleaseNotes/Eventtypefinderandbuilder"

« Single sign-on (SSO) Search monitoring and prioritization »

This documentation applies to the following versions of Splunk: 4.1 , 4.1.1 , 4.1.2 , 4.1.3 , 4.1.4 , 4.1.5 , 4.1.6 , 4.1.7 , 4.1.8 View the Article History for its revisions.

Was this topic useful?
Post a comment

You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!

Release Notes

Event type finder and builder

Event type finder and builder

Comments