TrackMe sourcetypes & metrics
#############################

TrackMe generates various events and metrics for the purposes of its activity.

The destination indexes for both events and metrics are entirely configurable, and potentially on a per Virtual Tenant basis.

TrackMe events & sourcetypes
============================

All events are JSON based events, appart from the various logging which are key value based events.

**The following event sourcetypes are generated in TrackMe:**

+----------------------+------------------------------------------------------------------------------+
| Sourcetype           | Purpose                                                                      |
+======================+==============================================================================+
| trackme:state        |   TrackMe State events, produced by Entities tracker                         |
+----------------------+------------------------------------------------------------------------------+
| trackme:health       |   TrackMe Health events, produced by Health trackers                         |
+----------------------+------------------------------------------------------------------------------+
| trackme:audit        |   TrackMe audit events                                                       |
+----------------------+------------------------------------------------------------------------------+
| trackme:flip         |   TrackMe flipping state events                                              |
+----------------------+------------------------------------------------------------------------------+
| trackme:notable      |   TrackMe notable events produced by the TrackMe notable alert action        |
+----------------------+------------------------------------------------------------------------------+
| trackme:smart_status |   TrackMe SmartStatus events produced by the TrackMe SmartStatus alert action|
+----------------------+------------------------------------------------------------------------------+
| trackme:notable      |   TrackMe notable events produced by the TrackMe notable alert action        |
+----------------------+------------------------------------------------------------------------------+

TrackMe metrics
===============

**TrackMe generates various metric per component, using the following strict convention:**

+----------------------+------------------------------------------------------------------------------+
| metric_name          | Purpose                                                                      |
+======================+==============================================================================+
| trackme.splk.feeds.* |   Metrics generated by the splk-feeds components (splk-dsm/splk-dhm/splk-mhm)|
+----------------------+------------------------------------------------------------------------------+
| trackme.splk.flx.*   |   Metrics generated by the splk-flx component                                |
+----------------------+------------------------------------------------------------------------------+
| trackme.splk.cim.*   |   Metrics generated by the splk-cim component                                |
+----------------------+------------------------------------------------------------------------------+