Take your Splunk Metadata to the Next Level with Meta Woot! from Discovered Intelligence

/in /by

Discovered Intelligence is pleased to announce an update to our highly rated Splunk Certified Meta Woot! app. The app that provides superior levels of insight and intelligence from your Splunk metadata.

We continue to build upon this popular application which provides accurate intelligence about the hosts, sourcetypes and indexes within your Splunk environment. Instantly report on host, sourcetype and/or index together. Gain insight into event count trending over time and understand whether sources have stopped sending data or are latent.

Download from the app store now

Existing Features:

  • Instantly correlate hosts with sourcetype and index
  • Quickly identify data sources that are logging behind / ahead of time
  • Identify hosts that might be sending one sourcetype but not another
  • Create metrics to measure whether data sources have stopped coming in
  • Accurately measure event count volumes (not license volume) – for example – you might have a host that goes crazy and starts logging tons of events
  • See all the hosts associated with each sourcetype and all the sourcetypes associated with each index

What’s New?

  • Splunk Certified and Splunk Cloud Certified!
  • Built in the ability to filter out indexes, sourcetypes and hosts that you don’t want meta_woot indexing or reporting on. All you need to do is edit the respective macros.
  • Added a new Meta Woot Compliance dashboard to report on data source latency that is beyond acceptable bounds. The dashboard also allows for reporting on hosts that are no longer sending data within a specified timeframe.

What’s Been Fixed?

  • Fixed issue with first_detected date not being updated if earlier timestamped data starts flowing into Splunk
  • Expanded the timeframe that the main search looks over to 10 days in order to pick up sources that are latent by days not hours.