Splunk search for List of all ITSI KPI Thresholds by Service

Copy
| rest report_as=text splunk_server=local /servicesNS/nobody/SA-ITOA/itoa_interface/service | spath input=value output=services path={} | fields services | mvexpand services | spath input=services output=title path=title | spath input=services output=key path=_key | spath input=services output=kpis path=kpis{} | fields key title kpis | mvexpand kpis | spath input=kpis output=type path=type | search type!=service_health | spath input=kpis output=aggregate_thresholds path=aggregate_thresholds | mvexpand aggregate_thresholds | spath input=kpis output=kpi_title path=title | spath input=kpis output=kpi_key path=_key | spath input=kpis output=kpi_unit path=unit | fields key title kpi_key kpi_title kpi_unit *thresholds | spath input=aggregate_thresholds output=aggregate_baseSeverityValue path=baseSeverityValue | spath input=entity_thresholds output=entity_baseSeverityValue path=baseSeverityValue | spath input=aggregate_thresholds output=aggregate_thresholds path=thresholdLevels{} | mvexpand aggregate_thresholds | spath input=aggregate_thresholds output=aggregate_thresholdValue path=thresholdValue | spath input=aggregate_thresholds output=aggregate_severityLabel path=severityLabel | fields title kpi_title kpi_unit aggregate* | fields - aggregate_thresholds entity_thresholds | eval aggregate_severityLabel=if(isNull(aggregate_severityLabel),"Informational",aggregate_severityLabel), aggregate_thresholdValue=aggregate_thresholdValue." ".kpi_unit | dedup title kpi_title aggregate_thresholdValue | stats list(aggregate_thresholdValue) as "Threshold Level", list(aggregate_severityLabel) as "Threshold Severity" by title kpi_title
This Splunk search will list all KPIs and their thresholds that are currently configured within your Splunk ITSI environment. This search lists only the aggregate thresholds. This search is useful for auditing your ITSI environment to get an at a glance view of the KPIs currently configured.
1 comment

Category:

ITSI


Tags:

ITSI rest audit

Search Commands:

Sign in or Register to submit a comment

Comments

Krishna | November 2023

Can you please help on getting the Per-Entity Thresholds as well