Applicable for ENA v17.0 P07 upwards. Upon installing Patch P07, this integration will only become available if you merge the new default Event Management System (EMS) project with your own live event project.
The ENA Splunk integration allows you to forward events and incidents to Splunk, so that you can:
- use Splunk's capability to maintain longer-term history of events.
- search through large volumes of event data.
- search events over time to help you answer operational and business issues in real time.
Events and incidents are forwarded via the HttpEventCollector in Splunk, requiring either an Event Rule (for events) or an Event Trigger (for incidents). The information is then displayed in specific ENA dashboard in the Splunk UI that display the following:
- events raised vs time.
Please see this article for help and information on how to forward events and incidents from ENA to Splunk.