Re: Website Monitoring app - Why does the app have...

rpwawa · ‎02-20-2018

Why does the Website Monitoring app have both a request_time and total_time field in the output from web_ping.py?

The total_time field is hard-coded in web_ping.py to be exactly the same as request_time.

Please consider removing one of these fields from the output since having both of them is just a source of confusion.

LukeMurphey · ‎02-20-2018

These two fields are here for historical reasons. The app used to provide some details on the individual steps in the process (how much time was spent looking up the domain name, etc).

The difficulty in removing one of the fields now is that the app is widely used and I am fearful of removing one of the fields since it would break searches people created based on the current fields.

rpwawa · ‎02-20-2018

Yes, your answer makes sense. However, for new users of the app (like me) a good enhancement would be to add a configuration option to remove both the total_time and content_md5 fields from the output to reduce confusion and indexing volume.

Another unrelated suggestion - split the app into an add-on for performing pings and an app containing the dashboards and alerts. I am using only the web ping portion of your app and creating my own dashboards/alerts.

Website Monitoring app - Why does the app have duplicate request_time and total_time fields n the output from web_ping.py?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases