All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Is APP for Windows Infrastructure able to work with WMI perfmon data collection?

mwant
Explorer
‎08-20-2014 06:54 AM

My perfmon data (example Perfmon:Windows_Memory) is being collected by WMI, I can see this data in the index but I can't see it in the Windows Inf APP (Am running the latest version 1.0.2 on SPLUNK 6.1.3).

I have added these setting to eventtypes in the local folder in the splunk_app_windows_infrastructure folder...

[windows_performance]
search = sourcetype="powershell" OR sourcetype="Perfmon:" OR sourcetype="WMI:Perfmon" OR sourcetype="WMI:FreeDiskSpace" OR sourcetype="WMI:CPUTime" OR sourcetype="WMI:UPtime" OR sourcetype="WMI:LocalPhysicalDisk" OR sourcetype="WMI:LocalNetwork" OR sourcetype="WMI:Memory"

This still doesn't make any difference.

I have been through the documentation and can't find anything on how to fix this.

Can anyone help?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

mwant
Explorer
‎10-27-2014 04:44 AM

The answer is NO, so don't try it.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

mwant
Explorer
‎10-27-2014 04:44 AM

The answer is NO, so don't try it.

0 Karma
Reply
Get Updates on the Splunk Community!

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...

.conf24 | Personalize your .conf experience with Learning Paths!

Personalize your .conf24 Experience Learning paths allow you to level up your skill sets and dive deeper ...

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...