![]() The metadata command is a report-generating command. datatype-options Syntax: datatype= Description: Specifies whether to limit the search to the metrics index or the event index. You can specify a wildcard character in the string to indicate multiple server groups. If you are using Splunk Cloud, omit this parameter. Description: Limits the results to one or more server groups. Default: All configured search peers return information splunk_server_group Syntax: splunk_server_group=. For example, you can specify splunk_server=peer01 or splunk_server=peer*. ![]() However, you can use a wildcard when you specify the server name to indicate multiple servers. If you are using Splunk Enterprise, you can specify only one splunk_server argument. If you are using Splunk Cloud Platform, omit this parameter. splunk_server Syntax: splunk_server= Description: Specifies the distributed search peer from which to return results. Example: | metadata type=hosts index=cs* index=na* index=ap* index=eu* Default: The default index, which is usually the main index. To match non-internal indexes, use index=*. Optional arguments index-specifier Syntax: index= Description: Specifies the index from which to return results. This must be one of the three literal strings: hosts, sources, or sourcetypes. Required arguments type Syntax: type= hosts | sources | sourcetypes Description: The type of metadata to return. You can view a snapshot of an index over a specific timeframe, such as the last 7 days, by using the time range picker. The metadata command returns information accumulated over time. The metadata command returns a list of sources, sourcetypes, or hosts from a specified index or distributed search peer.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |