Luxe Prestige Journal

Daily star updates with premium identity.

Integrating with Splunk Enterprise - Documentation for BMC Helix Intelligent Integrations 23.4

Author Emma Powell
news
Parameter name and descriptionData Type

Splunk Events

Splunk Metrics

Collection Schedule

Specify the data collection frequency by using one of the following methods:

  • Constantly by specifying the schedule in minutes, hours, or day using the Duration option
    Default: 5 minutes

    Example:
    Collection Schedule     is set to 5 mins. 
    Current time is 00:30.

    If you run the collector just after 00:30, data is collected every 5 mins, first at 00:30 and next at 00:35, and so on.  

  • Periodically by specifying the schedule through a cron expression using the Cron schedule option 

    A cron expression is a string consisting of five subexpressions (fields) that describe individual details of the schedule.  These fields, separated by blank spaces, can contain any of the allowed values with various combinations of the allowed characters for that field.
    Default: */5 * * * * (evaluates to 5 minutes)

    Format:
    MinutesHours (24-hour format) Day of Month Month Day of Week

    Example:
    If you specify10 15 3 7 *, data is collected at 15:10 hours every third day in the month of July.

For more information about how this parameter affects data collection, see Data collection schedule.

(tick)

(error) 

Data Collection Window

Specify the historical time period (in minutes) from the current time for which the data should be collected from Splunk Enterprise

Default: 5 minutes

Example:

Collection Schedule is set to 5 mins.
 Data Collection Window is set to 5 mins.
 Current time is 00:30.

If you run the collector just after 00:30, data is collected first at 00:30 for the interval, 00:25 - 00:30, and next at 00:35 for the interval, 00:30 - 00:35, and so on.

For more information about this parameter, see Data collection window .

(tick)

(tick)

Data Latency

Specify the time (in minutes) by which the data time window should be shifted back on the timeline.
This parameter is useful in delayed data availability situations.

Default: 0 minutes

Example:

Collection Schedule is set to 5 mins.
 Data Collection Window is set to 10 mins.
 Data Latency is set to 2 mins.
 Current time is 00:30.

If you run the collector just after 00:30, data is collected first at 00:30 for the interval, 00:18 to 00:28 and next at 00:35 for the interval, 0:23 to 00:33, and so on.

For more information about this parameter, see Data latency.

(tick)

(tick)

Saved Search Name

Select the name with which you have saved the report in Splunk Enterprise .

This list of reports is updated automatically from Splunk Enterprise .

(tick) (tick)

Splunk Fields to exclude 

View the list of fields for which data will not be collected.

(tick) (error)

Severity Field Name

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Severity field in BMC Helix Intelligent Integrations.

Important:

  • The Severity Field Name list shows only those fields that are present in the Selected Fields list of the report.
  • The report field that you want to map to the Severity field might not be named Severity in your report. If the name differs, select a field that contains the severity values.
  • Ensure that the report field that you want to map to the Severity field has one of the following severity values:
    • Ok
    • Critical
    • Minor 
    • Major
    • Warning
    • Unknown
(tick) (error)

Status Field Name

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Status field in BMC Helix Intelligent Integrations.

Important:

  • The Status Field Name list shows only those fields that are present in the Selected Fields list of the report.
  • The report field that you want to map to the Status field might not be named Status in your report. If the name differs, select a field that contains the status values. For example, in the sample report, this field is named as Type . So, you need to select Type from this list.  
  • Ensure that the report field that you want to map to the Status field has one of the following status values:
    • Created
    • Closed
(tick) (error)

Event ID Field Name

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Event ID field in BMC Helix Intelligent Integrations.

Important:

  • The Event ID Field Name list shows only those fields that are present in the Selected Fields list of the report.
  • The report field that you want to map to the Event ID field might not be named Event ID in your report. If the name differs, select a field that contains the event ID values.
(tick) (error)

Title Field Name

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Title field in BMC Helix Intelligent Integrations.

Important:

  • The Title Field Name list shows only those fields that are present in the Selected Fields  list of the report.
  • The report field that you want to map to the Title field might not be named Title in your report. If the name differs, select a field that contains the title value. For example, in the sample report, this field is named as Summary. So, you need to select Summary from this list.  
(tick) (error)

Description Field Name

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Description field in BMC Helix Intelligent Integrations.

Important:

  • The Description Field Name list shows only those fields that are present in the Selected Fields list of the report.
  • The report field that you want to map to the Description field might not be named Description in your Splunk  Enterprise report. If the name differs, select a field that contains the description value.
(tick) (error)

Category Field Name

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Category field in BMC Helix Intelligent Integrations.

Important:

  • The Category Field Name list shows only those fields that are present in the Selected Fields list of the report.
  • The report field that you want to map to the Category field might not be named Category in the Splunk Enterprise  report. If the name differs, select a field that has the category value.
(tick) (error)

Subcategory Field Name

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Subcategory field in BMC Helix Intelligent Integrations.

Important:

  • The Subcategory Field Name list shows only those fields that are present in the Selected Fields  list of the report.
  • The report field that you want to map to the Subcategory field might not be named Subcategory in your report. If the name differs, select a field that has the subcategory value.
(tick) (error)

Origin URI Field Name

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Origin URI field in BMC Helix Intelligent Integrations.

Important:

  • The Origin URI Field Name list shows only those fields that are present in the Selected Fields   list of the report.
  • The report field that you want to map to the Origin URI field might not be named Origin URI in your report. If the name differs, select a field that has the origin URI value.
(tick) (error)

Configuration ID

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Configuration ID field in BMC Helix Intelligent Integrations.

Important:

  • The Configuration ID  list shows only those fields that are present in the Selected Fields list of the report.
  • The report field that you want to map to the Configuration ID field might not be named Configuration ID in your report. If the name differs, select a field that has the configuration ID value.
(tick) (error)

Configuration Item Type

Select a field available in the Splunk Enterprise report from which you want to collect data and map to the Configuration Item Type field in BMC Helix Intelligent Integrations.

Important:

  • The Configuration Item Type  list shows only those fields that are present in the Selected Fields list of the report.
  • The report field that you want to map to the Configuration Item Type field might not be named Configuration Item Type in your report. If the name differs, select a field that has the configuration item type value.
(tick) (error)

Maximum results per page (Advanced parameter)

Specify the maximum number of results that should be displayed per page. 

Default: 10000

(tick)

(error)

Results Timeout (Advanced parameter)

Specify the time, in minutes, after which no result should be displayed. 

Default: 1 minute

(tick) (error)

Field Name

Select a field available in the Splunk Enterprise report containing metrics that you want to collect. 

For example, you can select /opt/splunk/var/log/introspection/resource_usage.log if you want to collect metrics data from this column in the sample report.

Click the Add Field icon to add more fields for metrics collection.

Important:

The report fields containing metrics must have a numeric datatype.

(error) (tick)

Metric Name

This field is reserved for future use. Do not enter any value in this field. 

(error) (error)

More in news

Inside 'Sister, Sister' Actresses, Tia and Tamera Mowry's Lives Decades after the Show

Apr 09, 2026

No Other Love by Red Rocks Worship

Apr 09, 2026

What Is Happening In Maui, Hawaii? How Did Maui Fire Start?

Apr 09, 2026

Review of Calilo & Andronis Arcadia Resorts In Greece| Well+Good

Apr 09, 2026

Craving Salty Foods? Here's What Your Body Is Telling You

Apr 09, 2026

Nakshatra Gana: What is Rakshasa Gana and its Compatibility?

Apr 09, 2026