Dashboard to monitor both Cribl and Splunk license consumption
Presenting the License Metrics Dashboard!
- Sending Cribl Logs/Metrics to Splunk
- Creating a Cribl Metrics Index in Splunk
- Installing and using the Splunk Dashboard
- Your Cribl LogStream instance
- Your Splunk deployment
- Ability to Create Indexes and Dashboards
- Splunk
Dashboard. - Original Cribl LogStream Metrics app
on Splunkbase.
- Create a Splunk Index for logstream_metrics (Index Data Type = Metrics)
- Create a NEW "Classic" Dashboard
- Click Edit > Source > Paste in the Dashboard
- Set up your Sources in Cribl (Data > Sources > Cribl Internal)
- Activate your Metrics Source
- Set up you Splunk Destination in LogStream (Data > Destinations > Splunk)
- Edit the PreProcessing Route. ( Routes > cribl_metrics_rollup)
- Add the required fields below using the supplied Eval function
- __inputId==‘cribl:CriblMetrics’
- criblMetrics[0].dims : […criblMetrics[0].dims,'index']
- index : ‘logstream_metrics’
- sourcetype : ‘cribl_metrics’
- Enable a Route for Cribl Metrics
- Route Name: CriblMetrics
- Filter: __inputId=='cribl:CriblMetrics'
- Pipeline: passthru
- Output: “your splunk output”