Developing Modular Inputs in C#: Part 2
I’m annoyed at our engineering team, but I’ll get over it. You see, just hours after I posted my first blog post on writing modular inputs in C#, the team up in Seattle released the latest edition of the C# SDK. Within that SDK is a bunch of class libraries that do a much better job than my work on the scaffolding needed to produce a modular input. I highly recommend you go over to their site and dig in to this.
Within this blog post, I’m going to adjust my code to use the new scaffolding and take a look at actually running the code.
The Splunk SDKs for C#, PHP and Ruby have arrived
Developers can use the Splunk SDKs to:
- Access Splunk data from line of business systems like customer service apps
- Integrate data from Splunk with other BI and reporting tools
- Build mobile reporting apps
- Power customer-facing dashboards and reports with Splunk data
- Log directly to Splunk from any application
The Splunk SDKs include documentation, code samples, resources, and tools to make it quick…
Quick n’ Dirty: Splunk Form Cheat Sheet
Have you ever made a terrific dashboard in Splunk and then thought…”Hmm, this is such a great dashboard, but I wish I could filter it for a subset of this data” or “hmmm….this dashboard should win an Academy Award, and now I’d like to exactly recreate it but for a different set of data”. Yes? Then you’re a great candidate for Splunk’s Simple XML forms.
There’s some great documentation on that topic here, but no documentation is so great that it can’t be improved with a cheat sheet. I’ve made one and it lives here. Enjoy and please email me (email@example.com) with praise, concerns, suggestions, and knock knock jokes.
SplunkLive! DC: Helping Government Make Sense of Machine Data
There are a select number of U.S. cities dominated by certain industries that ultimately help to define those cities. Detroit for cars, Nashville for country music, Pittsburgh for the Steelers and Primanti Brothers – and Washington, DC for government.
Considering there isn’t a single organization or entity in the world with more data than the U.S. government, Washington, DC has been home to annual SplunkLive! events for the past five years. Yesterday, we hosted our largest yet with nearly 750 attendees.
Our Chairman and CEO Godfrey Sullivan kicked off the event with an overview of Splunk’s capabilities in private and public sectors, touching on key points like the importance of machine data for verifying accuracy and how continuous monitoring is…
That happened: episode 33
This week in “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel: docs are better with lens flare, some of the best jokes don’t need linebreaking, the .secret of anonymous bind and puppet:
Splunk Docs> Into Dorkness
Our docs site got a little design rework recently:
<cerby> getting used to the new look.
<jspears> I thought I noticed something different yesterday
<@cgales> some slight adjustments to the doc site styles are coming soon, and repairs to a couple of things that broke (like indented lists, which really messed up the search reference)
<duckfez> cgales: can you add just a little more metallic lens flare? :D
Splunk Named a Leader in Gartner Magic Quadrant for SIEM
Last week, Splunk was named a leader in Gartner’s Magic Quadrant for Security Information and Event Management (SIEM). For the MQ, Gartner evaluated Splunk® Enterprise and the Splunk App for Enterprise Security and also spoke to multiple Splunk customers as part of the process. To read the Gartner report, please register here
We are very proud of this award, as it reflects the success that you, the security and compliance customers of Splunk, have had with our product. We are now up to over 2000 global security and compliance customers using for a wide range of use cases including, incident investigations, forensics, reporting and dashboarding, real-time correlations and alerting, advanced threat detection, compliance reporting, fraud detection, and…
Last year, I created an app template to detect whether your users went to a phishing web site where you would supply the app the sourcetype name of your proxy logs and the URL destination field where they went. You can still download this Phishing app template from Splunkbase. In the same manner, I have created an app template called SQL Injection Search that you can download from Splunkbase.
Install the app and provide either of the two form search dashboards the name of your sourcetype representing your web logs (e.g., access_combined) and the name of the field in the sourcetype that represents the URI query string (e.g., uri_query). One form search uses patterns to detect if possible…
Microsoft Patch Tuesday! Are your servers patched?
It’s my most favorite time of the month – Patch Tuesday! Ok, I might be slightly exaggerating there. Let’s face it. It’s a pain in the neck. I have to go around to every server in my development environment and ensure that all the critical patches have been taken care of. Usually, this means a trip to Windows Update, or checking the logs of the Windows Server Update Services (WSUS) server. Today, I woke up and decided Splunk was going to assist with this.
Letters from a Splunk Admin
No one writes letters anymore. It’s been such a long time since I’ve written a letter, it got me thinking what I would even write about… which then got me thinking what would a Splunk Admin write a letter about? If your awesome Splunk Admin were to write a letter, I might go something like this…
Learn More about PowerShell and Modular Inputs
For over five years, I have been working with co-host Jonathan Walz on the PowerScripting Podcast, a weekly Internet radio show. The primary topic of the show is the Windows PowerShell scripting language. We like to talk about news, tips, and resources related to the PowerShell community, but the biggest part of most shows is the interview. We’ve had a wide variety of guests on the show, ranging from prolific scripters who enjoy sharing their work, to PM’s, architects, and engineers from largest software and hardware vendors in the world, including Microsoft, IBM, Intel, NetApp, and more.
Recently, we caught up with Joel Bennett, a Windows PowerShell MVP awardee, who also happens to be my teammate on…