Splunk App for SharePoint goes Open Source
For about the last year, I’ve been working on an update to the Splunk App for SharePoint. But it isn’t the one you would expect. I’ve been working to open source the app. At the end of the day the best person to write an IT Operations app for Splunk is the person who is intimately involved in the running of the workload. Today, we are flicking the switch and opening up the project. We are allowing you to directly file bugs and feature requests; we are allowing you to submit code; and we are encouraging you to get involved in the project.
So, how can you do this. Firstly, you will want to have some sort of test environment. …
Building a great Splunk App for Apptitude
How do I build an app that’s going to stand out as the best among an intensely competitive pool? That’s a question that’s on a lot of minds as Splunk Apptitude gets rolling.
Splunk has introduced a program that rewards the best Splunk App in two categories, with a big cash payout. Apptitude is getting the attention of a lot of users and partners, Splunkers who may have created apps for their own purposes, but who never considered submitting their work to the Splunk Apps site.
So, what it does it take to earn glory, karma, and the admiration of your peers? All you have to do is create and publish a solid winning Splunk app in one of …
Share your Feedback!
Thank you for being a Splunk customer!
At Splunk, we are always seeking ways to improve our service. The best way for us to do that is to ask you, the experts!
On November 4th, we launched our fourth Net Promoter Survey. As part of this effort, a set of customers will receive an email from Splunk requesting your input via a survey.
This survey walks you through your journey as a customer, which includes the Pre-sales experience, Service implementation, Support Delivery, Documentation, and Products. The survey takes less than ten minutes to complete. Your responses will be anonymous and will remain confidential.
We encourage you to take the survey if you receive it, and provide your feedback. …
The Bank of Splunk
No, we’re not diversifying into a financial services company…
I recently received a letter from Her Majesty’s Revenue and Customs. If you’re reading from the US, they perform many of the same duties as the Internal Revenue Service. Thankfully it wasn’t a demand for unpaid taxes, but a breakdown of how my taxes had been spent over the previous year on things like education and welfare.
For a long time I’ve wanted to quantify my monthly financial accounts, similar to this letter, starting from when I first opened my bank account. Unfortunately in the UK we don’t have a product that works like MINT to do this just yet… but we do have Splunk.
Using Splunk I’ve now started to track …
Introducing the new Splunk App for AWS
Today we’re excited to announce the release of a fully re-written and much expanded Splunk App for AWS. Get it here and gain immediate operational assurance and visibility for your AWS-hosted infrastructure.
What’s new with the app?
- Works with Splunk Add-on for Amazon Web Services
- New dashboards and visualizations for AWS Cloudtrail
- New alerts for AWS CloudTrail
- New dashboards and visualizations for AWS Config
- Billing Reports provided by Splunk Add-on for Amazon Web Services
AWS CloudTrail records user API activity and related events for your AWS account. Using the <Splunk Add-on for Amazon Web Services> you can retrieve details about the actions made by the caller, including the caller’s identity, the time of the call, the request …
Machines, People, and Categories, Oh My!
Let’s say you’re working with Enterprise Security and you need to figure out how to put more devices into the asset and identity correlation framework. Here are some resources to get you started!
There are two useful types of data to integrate: lists of assets or identities, and attributes of assets or identities. In both cases, it may also be interesting to enable ad hoc, real-time queries of your data source for individual terms.
A list can be dumped from a directory, systems management tool, asset discovery system, or the like. These are typically accessed via DB Connect or Splunk Support for Active Directory. Other ways to get at this data include modular inputs to query web-based APIs. …
Protocol Data Inputs
It must have been about a year ago now that I was talking with a Data Scientist at a Splunk Live event about some of the quite advanced use cases he was trying to achieve with Splunk. That conversation seeded some ideas in my mind , they fermented for a while as I toyed with designs , and over the last couple of months I’ve chipped away at creating a new Splunk App , Protocol Data Inputs (PDI).
So what is this all about ? Well to put it quite simply , it is a Modular Input for receiving data via a number of different protocols, with some pretty cool bells and whistles.
So let’s break down some of …
Splunk 6.2 Feature Overview: Perfmon Delocalization
Last week, I covered the XML Event Logs – an awesome feature that will reduce your data ingest, increase the fidelity of the data that is stored and allow us to work with localized data. Today, I want to discuss another localization feature – or at least a delocalization feature – perfmon.
Prior to Splunk 6.2, Windows perfmon was always collected localized. If you wanted the % Processor Time counter, you had to specify the localized version of this. If you were running on a french version of Windows, you would have to specify object=Processeur and counter=”% Temps Processeur” in both your inputs.conf and searches. Given that there are over 30 different localized versions of Windows, this really meant that …
Splunk 6.2 Feature Overview: XML Event Logs
We’ve been (rightly) criticized for a couple of things in recent years. Firstly, when you configure a Windows Event Log, it’s too big. This is because we combine the event log object with the message from the locale-specific DLL and that includes a bunch of common explanatory text. I don’t really need to know what a login really means (to the tune of 1K of data ingest) every time someone logs in, especially when these events are happening hundreds of times a minute. Secondly, our event log extractions are for US/English only. Got German Windows? Sorry – our extractions don’t work for that. Finally, we discard the additional data that is provided in the event log object. A primary example …
Biking With Splunk>4Good for Early Cancer Detection!
To help make a difference in the lives of many family, friends, and colleagues who have been touched by cancer, each Splunker was tasked with training for a 50km, 75km, 75mile or 100mile bike ride through the beautiful scenery of the Peninsula and at least $400 worth of fundraising. Our team here at Splunk was able to use some creative fundraising campaigns to raise $7,986 as a team towards exceeding the overall Canary Challenge goal of $1M. In the end, the final fundraising tally of $1,094,322 will help the Canary Center …