Create the Anvilogic indexes

Create the required custom indexes on the Splunk platform.

The Anvilogic App for Splunk requires custom Splunk indexes used by the HTTP Event Collector (HEC) collector command for auditing, metrics and reporting:

Create an index named <your-org-name>_anvilogic for storing Anvilogic rule output and auditing the app. See Create events indexes in the Splunk Enterprise Managing Indexers and Clusters of Indexers manual.
Create a metrics index named <your-org-name>_anvilogic_metrics for storing the output of baselining rules. See Create metrics indexes in the Splunk Enterprise Managing Indexers and Clusters of Indexers manual.

Next step

Assign the avl_admin role.

Last updated 1 month ago