Since GL has no native reporting…the docs mention that you can do it through scripts or the REST API.
Does anyone have a real world example of how this is working that they would share?
A sample might get me moving in the right direction…but right now…no dice
All insight is appreciated as Reporting from GL would be fantastic
Thanks
TP
What exactly should your reports include?
Well…let’s start with something easy.
Let’s say I’d like to generate a report of Failed Logons over the past 24 hours, broken out by Users and the number of times they screwed up their logon, and what machines they failed to log into correctly
I already have the stream setup that pulls this info in the GL dashboards and Console.
Would this be easiest with a local script on the GL box, or an outside Powwrshell type script calling against the REST API?
Thanks
TP
You could achieve everything except the “and what machines they failed to log into correctly” with a quick values widget on the user name field.
If you want the full reporting as described, you should indeed use the REST API. I recommend opening the REST API Browser (from System → Nodes) and taking a look at the search and analysis APIs. You should be able to accomplish this by running sequential quick values (called terms in the API) calls.
Yup…I see those. What I was hoping is to see a simple working model that I could get a grasp about how it works and the syntax and such. Seeing a working model makes all the lights go on over here.
GROK extractors are the same way. Once you see one work, it all clicks.
All insight is appreciated
TP
I’m afraid there is no real model for this, because the use-case is always so different. I’d approach it this way:
