i am too beginning to explore the Splunk App for Windows Infrastructure, and found that there are caveat between indexes and sourcertype, preventing some dashboard in the app to not display the information. i guess either the devs bring a bugfix to the app, or we have to manually update the config files accordingly.
when dealing woth prebuilt app, i tend not to make too much custom change to it, because most of the time it breaks when we apply update to them...
... View more