The Splunk App for Unix 5.0 is finally here!

| history | search app=”*nix”

Those of you who have been Splunk users for more than 4 years remember the glorious launch of the original Splunk App for Unix.  Back in those days, the app shipped with the core product alongside the Splunk App for Windows and had some pretty cutting edge features, including knowledge, dashboards, and saved searches with out-of-the-box email alerts (we’re still sorry, Paul S.).

Well, it took a while for us to follow up that triumphant release, but wait no longer: the new app is finally here!  And oh, what’s better, the app is FREE!!!  Read on for the technical details of the app.…

» Continue reading

Announcing the Splunk App for *Nix 4.6

I am pleased to announce that the Splunk App for *Nix version 4.6 is now available on Splunkbase!  Similarly, the Splunk Technology Add-on for *Nix version 1.1 is now available on Splunkbase as well.

» Continue reading

Splunk at the NCCDC 2012

Fellow Splunkers,

Thus begins my first blog post as an employee of a publicly traded company.  Given that, I would like to let you all know that [REDACTED – lstein].  Now that I have cleared the air, let’s move on.

It has never been more true: the more things change, the more they stay the same.  While Splunkers around the globe were partying like it was 1999, I was on the way to my second straight National Collegiate Cyber Defense Competition in San Antonio, Texas (aka the Alamo City).…

» Continue reading

Splunk 4.3: shiny new security features

“Security!  Security!  Security!”

Fellow Splunkers,

Yes, the old proverb is still true – there is perhaps nothing that gets the heart racing quite like… announcing new security features in enterprise software!  So fasten your seatbelt while I tell you about some of the exciting new features that made it in to Splunk 4.3.…

» Continue reading

Splunk for Unix and Linux – an update and an introduction

Fellow Splunkers,

Today brings two exciting new releases for the Splunk CoreApps team!…

» Continue reading

Splunk @ BDNT

I was fortunate to be given the opportunity to present to around 300 entrepreneurs, developers, and technologists at the June edition of the Boulder/Denver New Technology (@BDNT) meetup.  The event took place at the University of Colorado at Boulder Law School on Tuesday, June 7th.  It was really great to get to visit Boulder for the first time and speak to a room full of energetic technophiles.…

» Continue reading

Splunk at the NCCDC 2011

Fellow Splunkers,

I am happy to be representing Splunk here in the Alamo City (aka San Antonio, Texas) at the National Collegiate Cyber Defense Competition where Splunk is a Silver Sponsor.

While I won’t have time to visit the Alamo basement on this trip, I do have the opportunity to observe and interact with some of the nation’s most talented security neophytes.

Following this morning’s keynote address, the scenario for this year’s competition was revealed:

  • Each team has just been hired to run IT services for an online drug company
  • The previous IT team was just recently let go, and suffice it to say the breakup didn’t go so well
  • The current corporate infrastructure consists of a traditional data
» Continue reading

Maintaining State of the Union

Fellow Splunkers,

Well, it’s almost that time of year again already – the State of the Union address is scheduled for January 25th, 2011.

My predictions for the speech are as follows:

  • Things are getting better  :]
  • There are still many challenges to overcome  :[
  • Inspirational story 1, with subject of said story in attendance to the left of Mrs. President  ;_;
  • Inspirational story 2, with subject of said story in attendance to the right of Mrs. President  ;_;
  • Wrap it up, B(arack) [] :&

However, I would actually like to discuss a different kind of “state” – one that is more directly related to Splunk’s built-in capabilities (though I haven’t given up on my ‘Anti-unemployment’ or ‘Budget …

» Continue reading

Splunk 4.1.6 addresses recent OpenSSL TLS vulnerability

Splunk 4.1.6, which was released on November 29th, 2010, updates OpenSSL to version 0.9.8p in order to address the race condition vulnerabilities described in CVE-2010-3864 ( (

For more details, please check out our product security portal for details on this announcement.  You might also want to consider subscribing to our product security RSS feed to make sure that you stay up to date with all our security announcements.…

» Continue reading

Splunk for DST

Fellow Splunkers,

I hope everyone had a great International Caps Lock Day last Friday.  I KNOW I DID!!!1

As we approach that glorious time of the year when we all get an extra hour of sleep or drinking (I prefer to think of it as ‘time travel’), discussion around the topic of daylight savings time has centered on answering the following two questions:

  1. Are we (Splunk) testing for any DST-related bugs?
  2. Can we (Splunk) help detect machines that didn’t get the DST memo?
» Continue reading