Smart AnSwerS #3

Hello Splunketeers and welcome to the 3rd installment of Smart AnSwerS!

We’ve been in quite a drought here in California and we’ve all been waiting and hoping for some rain to come on by…aaaand we got it, flooding our HQ basement floor! Good thing that hasn’t dampened our spirits or stopped us from the daily grind ;) – Check out this week’s featured Splunk Answers posts:

Why searching for a string with comparison operator “!=” returns the same source file name as “=”?

Have you ever asked yourself this question? jBoynton and I certainly have (no shame). This topic has come up several times and has left many to scratch their heads..and further scratching. The Search Processing Language struggle is …

» Continue reading

Splunk and Microsoft Azure – Intro and Resource Roundup

We are often asked by customers about how Splunk can integrate with, or run in Microsoft’s Azure cloud platform. There’s actually a fair bit of information about this broad topic on splunk.com and elsewhere, but it can be a bit hard to find. This post will serve as an introduction to a few Azure terms, and a round-up of available resources. Subsequent posts will cover some of these concepts in more detail–just look for the posts tagged “Azure”! You might also want to check out the Microsoft tag for other resources related to Splunk and overall Microsoft ecosystem.

First, let’s be clear: this is a HUGE topic. Cloud platforms are very complex these days, and Azure is no exception. If you walk up to a Splunker and ask, “can Splunk run …

» Continue reading

Christmas 2020. Will big data and IOT change things for Father Christmas? Part II

ChristmasTreeBinary3

 

 

 

In part 1 we discussed how Father Christmas is planning to use sensor data for the Internet of Toys.

 

In part 2 we’re going to discuss how he is going to use very large data sets to build out his Christmas 2020 technology strategy.

 

 

 

 

 

Big Data & Analytics

There’s a lot of information that goes into making Christmas a success. This data includes:

  • Social media sentiment about good or naughty children
  • Christmas present lists from children (both digitized scanned letters and increasingly electronic present lists)
  • Data from toys and manufacturing equipment to spot patterns in quality control
  • 500 years of Christmas Eve delivery data to help optimize sleigh route planning
  • Reindeer biometric information to ensure optimum
» Continue reading

SSSL (Splunk Secure Sockets Layer)

Splunk SSL

The primary reason why SSL is used is to keep sensitive information sent across the internet encrypted so that only the intended recipient can understand it.

This is important because the information you send on the internet is passed from computer to computer to get to the destination server. Any computer in between you and the server can see your credit card numbers, usernames, passwords, Splunk searches and other sensitive information if it is not encrypted.

When an SSL certificate is used, the information should become unreadable to everyone except for the server you are sending the information to. This protects it from possible prying eyes.

It is often important to make sure the connection from Splunk Web to the …

» Continue reading

Christmas 2020. Will big data and IOT change things for Father Christmas? Part I

Data TreeAfter last year’s case study on Santa Claus International, I recently had the opportunity to spend some more time with Father Christmas discussing his long term plans and business strategy for the next 5-10 years called “2020 Vision – Noel Limits”. We covered how the “advent” (geddit?) of technology over the last couple of years has changed the way Father Christmas has to prepare and deliver “positive festive outcomes” throughout the year. We talked about everything from The Internet Of Toys, use of big data and Ho-ho-hodoop, the unfortunately named Christmas Retail Analytics Platform and Augmented Sleigh Service. In part 1 we’ll review Father Christmas’ plans for The Internet Of Toys and in part 2 (tomorrow) we will cover …

» Continue reading

EHLO, Is it ME You’re Looking For? New Splunk App Simplifies Microsoft Exchange Monitoring

The Splunk App for Microsoft Exchange is consistently one of the most popular apps on Splunk Apps. We just released a new version of the app with some exciting new features. Version 3.1 is available now on Splunk Apps with a free 60-day license.

So what’s new? Microsoft Exchange is one of those multi-system business-critical systems so it’s not good enough to just glance at it every now and then. Organizations need clear, up-to-date information on whether it’s working and how bad it is when it’s not. To this end, we’ve created the Exchange Service Analyzer – a new workflow experience explicitly designed for Microsoft Exchange. It gives you insight into the health of your entire Exchange environment including ActiveSync, …

» Continue reading

The best Christmas presents are surprises. Splunk wins “Best Business Application” at UK’s V3 awards.

SurpriseI hope everyone is getting ready for Christmas and nobody got injured in the madness that was black Friday. I’ve just got back from San Francisco where the festive season was in full effect. My Christmas shopping is nearly complete and the adoption of secret service level espionage tactics to hide presents from my children is underway. I’m fairly useless at keeping gifts a secret – I’ve nearly told my 8 year old son that he’s going to get an army of Star Wars Clonetroopers a number of times. I think it is important to try and keep presents a surprise to recapture some of the magic of the festive period when I was growing up and to try and …

» Continue reading

That happened: episode 42 (#splunk, the universe, and everything)

This week in “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel:

There are really only 300 people on the internet

…and #splunk is 200 of them:

<RichardRa> Is it possible to timechart multiple fields per other field? More specifically, I am wanting to show a timechart of freespace by device by host. Using one of the Linux-TAs, my pseudo-search would look like: index=os_nix sourcetype=df | timechart span=5m max(UsePct) BY MountedOn BY host
<duckfez> RichardRa: by device by host or by the (device,host) tuple?
<Ayn> RichardRa: trying to think about what that would look like
<RichardRa> So, my goal would be a line for each device …

» Continue reading

Make it flash! Make it flash!

Splunk Traffic Lights

Splunk ships with some really neat visualisation options. From bar charts to gauges. Though sometimes they just don’t fit your requirements.

Wether that be something as simple as an custom icon or a super-slick D3 visualisation, Splunk’s framework makes it really easy to display your data in many number of ways.

One of the things I get asked a lot is: “Can we have a traffic light?”. The answer – yes! Let me show you how to light Splunk up in this post.…

» Continue reading

Accelerate troubleshooting in Application-Centric Infrastructures with Cisco & Splunk

Cisco Application Centric Infrastructure (ACI) delivers a holistic architecture that closely links the provisioning of data center networks with the applications running over those networks. The Cisco ACI for Splunk Enterprise App, created in collaboration between Splunk, Cisco, and our joint partner Crest Data Systems, enables users to centrally view operational health of their entire ACI environment, and the underlying entities in real-time. Operators can quickly correlate data from Cisco ACI with data from storage resources, operating systems, applications, and more for enterprise-wide visibility. Anomaly and error detection has never been easier.

helpdesk

Tracks key metrics such as health scores of all ACI entities including the APIC, fabric, tenants, end-point groups. The add-on also includes VMware correlation for deeper visibility into …

» Continue reading