Merge in Splunk Add-On for Unix and Linux version 10.1.0

default/app.conf

@@ -7,7 +7,7 @@
 [install]
 is_configured = false
 state = enabled
-build = 1738793362
+build = 1748985697
 
 [ui]
 setup_view = ta_nix_configuration
@@ -17,7 +17,7 @@ docs_section_override = AddOns:released
 
 [launcher]
 author = Michael Erdely
-version = 10.0.0.1
+version = 10.1.0.0
 description = Technical Add-on for Unix and Linux
 
 #[package]
@@ -26,5 +26,5 @@ description = Technical Add-on for Unix and Linux
 
 [id]
 name = TA-unix
-version = 10.0.0.1
+version = 10.1.0.0
 

default/props.conf

@@ -97,7 +97,7 @@ LINE_BREAKER = ([\r\n]+)
 KV_MODE = json
 NO_BINARY_CHECK = true
 TRUNCATE=1000000
-TRANSFORMS-docker-metric-dimensions=eval_dimensions
+TRANSFORMS-docker-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_docker
 
 [vmstat_metric]
@@ -108,7 +108,7 @@ DATETIME_CONFIG = CURRENT
 KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
-TRANSFORMS-vmstat-metric-dimensions=eval_dimensions
+TRANSFORMS-vmstat-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_vmstat
 
 [cpu_metric]
@@ -121,7 +121,7 @@ TRUNCATE=1000000
 KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
-TRANSFORMS-cpu-metric-dimensions=eval_dimensions
+TRANSFORMS-cpu-metric-dimensions=splunk_ta_nix_eval_dimensions
 TRANSFORMS-cpu-metric-field=extract_cpu_metric_field
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_cpu
 
@@ -133,7 +133,7 @@ DATETIME_CONFIG = CURRENT
 KV_MODE = none
 INDEXED_EXTRACTIONS = TSV
 TRANSFORMS-df-metrics=extract_df_metrics
-TRANSFORMS-df-metric-dimensions=eval_dimensions
+TRANSFORMS-df-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_df
 
 [interfaces_metric]
@@ -145,7 +145,7 @@ KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
 EVAL-Duplex=case(Duplex==2,"Full", Duplex==1,"Half", Duplex==0, "Unknown", true(), Duplex)
-TRANSFORMS-interfaces-metric-dimensions=eval_dimensions
+TRANSFORMS-interfaces-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_interfaces
 
 [iostat_metric]
@@ -157,7 +157,7 @@ KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
 TRANSFORMS-iostat-metrics-field=extract_iostat_metrics_field
-TRANSFORMS-iostat-metric-dimensions=eval_dimensions
+TRANSFORMS-iostat-metric-dimensions=splunk_ta_nix_eval_dimensions
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_iostat
 
 [ps_metric]
@@ -168,7 +168,7 @@ DATETIME_CONFIG = CURRENT
 KV_MODE = none
 INDEXED_EXTRACTIONS = CSV
 FIELD_DELIMITER=whitespace
-TRANSFORMS-ps-metric-dimensions=eval_dimensions
+TRANSFORMS-ps-metric-dimensions=splunk_ta_nix_eval_dimensions
 TRANSFORMS-ps-metric-field=extract_ps_metric_field
 METRIC-SCHEMA-TRANSFORMS=metric-schema:extract_metrics_ps
 
@@ -221,9 +221,11 @@ TRUNCATE=1000000
 DATETIME_CONFIG = CURRENT
 KV_MODE = multi
 FIELDALIAS-dest_for_df = host as dest
-FIELDALIAS-filesystem_for_df = Filesystem AS filesystem
 FIELDALIAS-filesystem_type_for_df = Type as filesystem_type
-FIELDALIAS-mount_for_df = MountedOn AS mount
+EVAL-Filesystem = replace(Filesystem, " ", " ")
+EVAL-filesystem = replace(Filesystem, " ", " ")
+EVAL-MountedOn = replace(MountedOn, " ", " ")
+EVAL-mount = replace(MountedOn, " ", " ")
 EVAL-Type = coalesce('Type',"?")
 EVAL-filesystem_type = coalesce('Type',"?")
 EVAL-Size = coalesce('Size','1024_blocks')

default/transforms.conf

@@ -179,7 +179,7 @@ REGEX=[[dhcp_prefix_src]]reuse_lease:\s+lease\s+age.*under.*threshold,\s+reply\s
 
 ###### Scripted Metric Inputs ######
 
-[eval_dimensions]
+[splunk_ta_nix_eval_dimensions]
 # Support for omitting the IPv6 Address field when the script output doesn't include an IPv6 Address
 INGEST_EVAL = metric_name=sourcetype, entity_type="TA_Nix", OS_name=replace(OSName, "_", " "), IPv6_address = if(IPv6_Address=="?", null(), IPv6_Address)