SA-cim_vladiator
SA-cim_vladiator copied to clipboard
hire-vladimir
Data validator agains Splunk Common Information Model (CIM)
Vladimir, I'm finally getting around to a PR! Here's a collection of enhancements that I've been working with locally that would be nice to see in the upstream version, if...
I run a Splunk User Group and the SA-cim-vladiator / SA-cim_validator was requested for a topic of a meeting by a user. Would you be interested in speaking at one...
So I wanted to see if you can help me make these updates by suggestions etc. I would need to fix the items below in order to use your app...
a summary view of all the eventtypes that make up a tag would be useful such that it could be tackled by individual ETs
While using the app, came across the following: **Domain Analysis** - [not official data model](http://docs.splunk.com/Documentation/CIM/4.11.0/User/Overview) **Compute Inventory** - that's the name of the .json file, can it be named "Inventory"...
When valid IPv6 addresses are present in the dest_ip, dest, src_ip, or src fields, the CIM Validator flags all of the IPv6 addresses as "unexpected values" and marks that field...
The DM search seems to now call fields as DM.* type format, causing no values to be returned. Need to enhance the logic to perform `| rename .* AS *`...
I would love to be able to be notified if my data has changed. The app is great, and it would be great to be able to specify a list...
Presently, logic is controlled by a case() statement, meaning only one "outcome" can be shown. This is fine, however, should the validatator show multiple outcomes? present: `< 90% coverage` possible:...
Can we please update the sharing context? This wonderful app uses the knowledge objects, I find myself updating the sharing permissions regularly. https://splunkbase.splunk.com/app/6286
Metadata
Owner
Metadata
Data validator agains Splunk Common Information Model (CIM)