Does anybody know if there are pre-defined or common data models that are documented somewhere that could be used as a guide to assist with building data models for those of us who are less familiar with that process?
For example, I would think there are numerous common data sources where a basic guide could be created to walk users who are new to Splunk 6 through the process of building a usable data model.
These common data sources could include things such as:
- Cisco ASA logs
- Microsoft domain controller security event logs
- Web filter logs, such as from a Cisco Ironport or Barracuda web filter
- Network infrastructure devices, such as Cisco switch and router logs
These are just a few, but it could be useful as a starting point to get users familiar with the process of creating and using data models in Splunk 6.
Thank you,
Rick