Eventgen
Overview
Details
Eventgen allows an app developer to get events into Splunk to test their applications. It provides a somewhat ridiculous amount of configurability to allow users to simulate real data.
To join the development community, please go to https://github.com/splunk/eventgen.
For documentation, please go to the Eventgen Documentation(http://splunk.github.io/eventgen/).
The Splunk Event Generator
The Splunk Event Generator is a utility which allows its user to easily build real-time event generators.
The current maintainers of this project are Brian Bingham (bbingham@splunk.com), Tony Lee (tonyl@splunk.com), and Jack Meixensperger (jackm@splunk.com).
The goals of this project:
- Eliminate the need for hand coded event generators in Splunk apps
- Allow for portability of event generators between applications and allow templates to be quickly adapted between use cases
- Allow every type of event or transaction to be modeled inside Eventgen
Documentation
Documentation is hosted at Eventgen Documentation.
For more information, please go to Eventgen Github Repository.
Release Notes
Version 6.5.1
- Added metrics output mode
- Fixed regex token replacement issue
- Added test coverage information
- Increased functional test coverage
- Eventgen server complete revamp and standalone mode support
- Added contributor license
- Updated Dockerfile
- Added documentation
- Fixed bugs / stability / optimized speed
Version 6.4.0
- Fix exception log error
- Fix CircleCI status badage error
- Fix navigation error for app if installed with Splunk Stream
- Fix generatorWorkers not working error
- Fix interval error when end = 1
- Fix fileName in global stanza error
- Add 3rd party libs in SA-Eventgen App
- Add httpeventAllowFailureCount for httpevent
- Add 3rd party libs in license credit
- Disable logging queue in multiprocess mode
- Change implementation of extendIndex for better performance
Version 6.3.6
- Add functional tests for jinja template and modular input feature
- Fix default jinja template directory is not correctly resolved when sampleDir is set issue
- Fix verbose flag not working in splunk_eventgen command line issue
- Fix index, source, sourcetype are not correct when using splunkstream mode issue
- Fix ssh to container issue
- Fix perdayvolume without end setting error
- Update documentation for better reading and remove unrelated part
Version 6.3.4
- Cleaned up documentation
- Jinja template bugfix in SA-Eventgen app
- Implementation of 'timeMultiple’ option
- Templates for bugs/feature requests
- Fixed Jinja test configuration stanzas
- Fix for default behavior for 'count' edge cases
Version 6.3.3
- Added performance metrics compared to Eventgen 5.x
- New config option for generation-time metrics: outputCounter
- Jinja template fixes
- Timestamp parsing fix
- Output queueing fix for outputMode splunkstream
- Count rater fixes, now supports indefinite generation
Version 6.3.2
- Fixed verbosity bug from 6.3.1
- Added documentation
Version 6.3.1
- Fixed Eventgen Volume APIs
- Improved Eventgen Server Logging
- Corrected Eventgen Server and Controller conf syncing issue
- Adding verbosity options (ERROR, INFO, DEBUG) to Eventgen modinput
- Implemented future event generation support in replay mode
- Fixed Jinja template's missing default values
- Adjusted logging message levels for less verbosity
- Fixed event count off by 1 issue
- Fixed unnecessary empty data generators being created
- Updated dependency list
Version 6.3.0
- Bug fixes for the customer issues
- Documentation upgrade
- Code refactoring for version unification
- Logging improvements
Version 6.2.1
- Fixing SA-Eventgen Dashboard and log searching
- Improving internal logging and fixing splunkd logging issue
- Fixing timestamping in default generator
- Fixing custom plugin integration
- Fixing SA-Eventgen app settings
- Supporting Eventgen 5 backward compatibility with additional features
- Better modinput process management
- Minor Bugfixes with various customer cases