Source Analytics Integration
Polarity Source Analytics for Splunk
Last updated
Polarity Source Analytics for Splunk
Last updated
The Source Analytics integration can be installed through the Integration Store.
Navigate to the Integration Store tab and search for "telemetry". You will want to install the "Telemetry - Splunk" integration:
Polarity Source Analytics Integration Options
The Polarity Source Analytics integration works similar to the Splunk integration and you can generally use the same authentication mechanism if you already have the Splunk integration configured.
To authenticate to Splunk you must provide either a Splunk Cloud Username and Password or a Splunk Authentication Token. We generally recommend using an Authentication Token.
How far back to search telemetry data. Adjust this appropriately for the size of your Splunk instance. We recommend starting with a short time frame (e.g., 1 month) and increase the time range based on performance of the searches being run.
Comma delimited list of integration IDs to ignore. Integration IDs match the directory name of the integration but with dashes converted to underscores. For example, if the integration directory is "generic-integration", the ID for the integration would be "generic_integration". This integration will never include itself in results.
If checked, Window Title information will displayed as part of the returned data. This option should be set to "Only admins can view and edit".
If checked, Polarity admins will be able to see the SPL queries used to generate the charts in the Overlay Window. This mode is meant for debugging purposess.
This is the name of the index that contains your telemetry logs. If you followed the guide the index will be called polarity.
