Announcing availability of the latest version of the Splunk ODBC driver!

We are happy to announce general availability of the latest version of the Splunk ODBC driver. With the latest release we have added exciting new capabilities:

  • Microstrategy Analytics Desktop users can now directly connect to and access data in Splunk Enterprise
  • Business users can directly access Data Models and Saved Searches defined in Splunk Enterprise
  • Users benefit from performance optimizations that deliver a faster, iterative and interactive analytics experience

Since its launch earlier this year, the Splunk ODBC driver has seen rapid adoption across our customer base. With Splunk’s growing success with our customers beyond traditional IT, Operations and Security use cases, business users are increasingly requesting access to machine data in Splunk Enterprise for new business insights. The Splunk …

» Continue reading

My .conf2014 Data Adventure Part I – What Happens in Vegas Doesn’t Stay in Vegas


(Note – no monkeys, tigers, Mike Tyson or Mr Chow were harmed in the writing of this blog or at .conf2014).

They say what happens in Vegas, stays in Vegas.

That clearly didn’t happen with Splunk’s .conf 2014 where the theme was “Your Data Adventure”.

The news from the event, customer stories, press coverage, analyst commentary, social media buzz and the GA of new products have spread globally and certainly haven’t stayed in Vegas.

If there was one thing that summarised what I saw during the week, it was the growth of operational intelligence inside companies – across new use cases and deeper within existing uses of Splunk, but most interestingly combining different use cases together. There were customers presenting …

» Continue reading

Splunk and Synthetic Monitoring

Monitoring your Web Application is not always an easy task. The challenge is even bigger when you want to be proactive about monitoring your application. How can you detect application performance problems before your users actually detect it? How about monitoring the availability of your Saas application knowing these environments are typically locked down: you can’t install an agent and you rarely have access to the instance log files thus limiting your visibility into the application.

A good solution for the above challenges would be to use synthetic monitoring. In a few words, synthetic monitoring is nothing more than a simulation of user interactions to your web application, which then allows you to measure the performance and availability of your application:

» Continue reading

BugSense is now Splunk MINT Express—why the change?

The news

At .conf a couple weeks ago, we announced Splunk MINT —two offerings focused on mobile app developers and operations teams. Our web service offering, Splunk MINT Express is based on BugSense, but is also a massive upgrade.

BugSense was acquired by Splunk last year, and has continued to build a large customer base. In fact, the highly secure and scalable BugSense infrastructure receives over 25,000 data points per second from over 200 million monthly active users. Here’s a great blog from Leena Joshi that talks about BugSense.


So, why did you rename BugSense to Splunk MINT Express?

Ah, good question. First, some background: Splunk MINT was named with an eye on disrupting the role of mobile operational …

» Continue reading

Congratulations, Splunk Revolution Award Winners!

Every year at .conf, Splunk’s annual worldwide users’ conference, we shine a big spotlight on the Revolution Awards. These awards, and their associated categories, distinguish the achievements of individual customers and recognize the many adventurous and cool things they are doing with Splunk software at their organization.

We announced this year’s Revolution Award winners during the Partner Soiree at .conf2014 at a ceremony that was followed by a fun game of Splunk Family Feud where the winners split up into two “families” and were subsequently joined by Splunkers. Winners were again recognized during our keynote sessions opened by Splunk Chairman and CEO Godfrey Sullivan. We also celebrated with award winners at a customer appreciation dinner later in the week at …

» Continue reading

.conf 2014: The Community Report

Whew! Welcome back from .conf, everyone. I know it’s been two weeks since we all hung out together in the Community Lounge, but it still feels like we only just left the MGM yesterday…

All for you: the Community Lounge

This year at .conf, we created an intentional space for our amazing user community: you. You folks are the reason we’re here, and we wanted you to have a cool place to meet other Splunk users, talk about the stuff that matters to you, and get a little fun in at the same time.

The Answers Desk

The Splunk Answers Desk was, as always, hugely popular. Our staff of lab-coated (and sometimes be-fezzed) Support and Sustaining Engineering specialists were kept busy helping …

» Continue reading

Shining a Light on Industrial Data

Enabling Insights from Industrial Data and the Internet of Things

This week we announced that our technology partner, Kepware Technologies, released the Industrial Data Forwarder (IDF) for Splunk as part of their most recent KEPServerEX update. This application enables a new and much easier way to connect to, index and analyze industrial data at scale in Splunk Enterprise and Splunk Cloud.

Industrial Data

Industrial data is a broad term for the machine data that is generated in industrial environments by industrial equipment, as well as by embedded computing platforms affiliated with SCADA and other automation and control systems. It typically represents physical sensor readings (temperature, vibration, pressures, valve position, etc.), or variables in the control algorithms that manage …

» Continue reading

Mitigating the POODLE Attack in Splunk

By now you are probably tired of seeing poodle memes. Fear not! Instead, I will share mitigation techniques on how to protect Splunk against this attack and leave out the memes.

Let me preface the different techniques by adding some context to the exploitability of POODLE: This attack requires that an attacker have MITM (Man In The Middle) access to your communication between the client and Splunk. This is a important point to keep in mind when considering different mitigation techniques and their aggressiveness. I mention this because many of you do not have your Splunk deployment exposed to the internet architecturally, or require VPN access to your corporate network before a client can access Splunk. This reduces the risk …

» Continue reading

Using Alerts to Send Data to Amazon S3

A customer recently asked me to prove a concept where Splunk could see a certain type of incoming event and then pass information from that event into their Amazon S3 storage. I knew that Splunk could create alerts for event conditions and then fire off a script when the alert triggers, but I had never made it work with Amazon S3.

I decided to implement this using Amazon’s Boto library for Python. There’s lots of good documentation on this library here, but the short of it is that it enables you to send data to a bucket on Amazon S3 programmatically through a Python script. As you may know, Splunk comes with its own Python implementation can easily run …

» Continue reading

Now Time For the Splunk Weather Forecast

Raspberry Pi, Air Pi, and Splunk

If you were at .conf last week you would have likely seen some of the exciting Internet of Things projects people are using Splunk for. I think Ed Hunsinger put it best:

So far I’ve heard about @splunk being used for planes (Royal Flying Doctor), trains (New York Air Brake), and automobiles (VW). #splunkconf


Watching .conf 2014 from a far in the UK, I got excited about some of my own IOT projects. Then I remembered Brian Gillmore’s call for cool projects using Splunk with the RaspberryPi. At the same moment, by pure chance, I got an email telling me AirPi circuit boards (a RaspberryPi connected weather station) were back in-stock.

And it was settled. I would build a RaspberryPi …

» Continue reading