Feature request - Status flipping due to parsing issues

guilhemmarchand / trackme

TrackMe - Data tracking system for Splunk admins

Apache License 2.0

49 stars 11 forks source link

Feature request - Status flipping due to parsing issues #334

Open sebwurl opened 3 years ago

sebwurl commented 3 years ago

Currently data sources are in a green state even if there are parsing issues detected. It would be great to have a status indicating these issues.

guilhemmarchand commented 3 years ago

@TonyY17

This is still being considered, there is a complexity which is that Splunk does record in the internal where the data is located, thus it renders on a per sourcetype basis.

So for example, a given sourcetype that is indexed in multiple indexes, would affect mutliple entities while perhaps only 1 data source is really impacted.

This is why originally I did not include this is part of the indicators that can influence the data source status.

Let me know your thinking

guilhemmarchand commented 2 years ago

This enhancement request is still under consideration.