Splunk® Supported Add-ons

Splunk Add-ons

Access knowledge objects for an add-on

Many add-ons contain Splunk knowledge objects that enable you to extract knowledge from your raw IT data as you need it, such as events, fields, timestamps, and so on. The Splunk platform extracts some of this information as it indexes your IT data, but it creates most of this information at search time.

Event types

To see the event types in an add-on, in Splunk Web, go to Settings > Event Types. Make sure that you have the App context set to the add-on that you are using. The Event types page displays showing a list of all event types defined in this app context.

Click on the name to access the details page for the event type, where you can edit the Search string, Tags, and Priority for the event type, if you have the permissions to do so.

Tags

To see the Tags defined in an add-on, in Splunk Web, go to Settings > Tags > List by field-value pair. Make sure that you have the App context set to the add-on that you are using. The List by field-value pair page displays a list of all Tags defined in the add-on associated with each field-value pair. The Field extractions page displays showing the Field extractions defined within the app context.

Field extractions

To see the Field extractions defined in an add-on, in Splunk Web, go to Settings > Fields > Field Extractions. Make sure that you have the App context set to the add-on that you are using. The Splunk platform automatically extracts fields from your IT data to help you better understand your data and how you can use it.

Last modified on 21 July, 2021
Install an add-on in Splunk Light (Legacy)   Access prebuilt panels included with add-ons

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters