Splunk IT Service Intelligence
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Multiple Service Analyzers / Duplicate Service Name problem

ewan000
Path Finder
‎02-12-2019 07:03 AM

Is it possible to have multiple service analyzers?

I was under the impression that "Create Service Analyzer" would create a new blank dependency diagram, to which i would add services etc. But now I have actually had an occasion to use it, I see that it merely saves search options on the default tree.

The problem I am facing is that we have a product with separate infrastructure per tennant. Each tenant will have a separate (almost)identical deployment of ServiceX which depends on ServiceY etc

I am prevented from making two services called 'ServiceX' as duplicate service titles are not allowed

  • I could have a single ServiceX and use entities to split the data but this would turn red if the other tenants ServiceY failed. Which would not be an accurate representation of the reality
  • I could prefix each service with the tenant name "TenantA.ServiceX" but this would lead to everything in the tree having very long Environment1.MarketAlpha.TennantA.SubProductQ.ServiceX names
  • I could presumably, have a seperate ITSI installation per tenant. But this will only reduce the problem and maybe introduce new problems where we have shared components

I was hoping to make a service analyser template and have a seperate dependency map for each tenant based on it. Does anyone have any good solutions?

0 Karma
Reply

chrisyounger
SplunkTrust
SplunkTrust
‎02-12-2019 11:21 AM

Hi @ewan000

Yes this is a restriction (and something I have found annoying too). You should prefix or suffix the tenant name to the service name. At least you can use the service templates to make it easier to define multiple services that are very similar.

All the best,

Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...