Lognalytics Technology
30. What is the function of Alert Manager?
The alert manager adds workflow to Splunk. The purpose of alert manager o provides a common app with dashboards to search for alerts or events.
31. Explain workflows action?
You can do a double click, which will perform a drill down into a particular list containing user names and their IP addresses and you can perform further search into that list
You can do a double click to retrieve a user name from a report and then pass that as a parameter to the next report
You can use the workflow actions to retrieve some data and also send some data to other fields. A use case of that is, you can pass latitude and longitude details to google maps and then you can find where an IP address or location exists.
32. What is the function of the Splunk Indexer?
The Splunk Indexer creates and manages indexes. It has two core functions – to index raw data into an index and to search and manage the indexed data.
The primary function of indexer is
- Indexing incoming data.
- Searching the indexed data.
Indexer also handles data input, search management function and parsing of the data as well.
GIPHY App Key not set. Please check settings