I've been assigned a project that involves using SWIS to pull performance metrics out of SW and into...Splunk. Not trying to start a religious debate, but if anyone has any experience, or could point me in the right direction to develop such a search, that would be great. CPU utilization was easy as it was stored by node with a time stamp. My current setup is to use Python and output the results to a JSON file for Splunk to read in. That part works thus far.
Again, anyone willing/able to help, I'd seriously appreciate it.
-Josh