Source Analytics Integration

Download and Install

The Source Analytics integration can be installed through the Integration Store.

Navigate to the Integration Store tab and search for "telemetry". You will want to install the "Telemetry - Splunk" integration:

Polarity Source Analytics Integration Options

Authentication

The Polarity Source Analytics integration works similar to the Splunk integration and you can generally use the same authentication mechanism if you already have the Splunk integration configured.

To authenticate to Splunk you must provide either a Splunk Cloud Username and Password or a Splunk Authentication Token. We generally recommend using an Authentication Token.

Splunk Analyst Telemetry Index

This is the name of the index that contains your telemetry logs. If you followed the Sending Source Analytics to Splunk guide the index will be called polarity.

Search Window

How far back to search telemetry data. Adjust this appropriately for the size of your Splunk instance. We recommend starting with a short time frame (e.g., 1 month) and increase the time range based on performance of the searches being run.

Ignored Integrations

Comma delimited list of integration IDs to ignore. Integration IDs match the directory name of the integration but with dashes converted to underscores. For example, if the integration directory is "generic-integration", the ID for the integration would be "generic_integration". This integration will never include itself in results.

Display Window Title

If checked, Window Title information will displayed as part of the returned data. This option should be set to "Only admins can view and edit".

View SPL Queries

If checked, Polarity admins will be able to see the SPL queries used to generate the charts in the Overlay Window. This mode is meant for debugging purposess.