Join us for the Splunk SFBA User Group next week!
Bay Area Splunkers, don’t forget to join us Apr 19th for this month’s meeting! We are changing it up this time and meeting in Sunnyvale at Yahoo HQ which will hopefully draw a great crowd. You can find the full details and RSVP at the new usergroups website. (Bonus: if you RSVP, then we will feed you!)
- Becky Burwell (Flickr/Yahoo) will talk about their Splunk Deployment Server rollout
- Chuck Gilbert (Comcast Innovation Center) will highlight some tips and tricks used in visualizing usage of the new Xfinity X1 platform
- Todd Untrecht (Splunk Enterprise) and Hal Rottenberg (Splunk developer evangelist) will speak about new features in 6.4 (and maybe a peek into the future), and show a demo of the HTTP Event
Using Splunk to Monitor Changes to PowerShell Scripts
I had a question this morning from a customer who was looking for ways to monitor changes made to PowerShell scripts in their environment. They wanted to know who made the changes, but also what changes were made. Well, I thought to myself–that’s a great excuse for a blog post!
Let’s break this down into two separate requirements:
- I want to know when a PowerShell script has been modified
- I want to know the changes between two versions of a file that has been modified
Who changed a file and when?
Requirement #1 is not hard to do using Splunk in combination with some native Windows file auditing features. In fact, it’s such a common use case that we’ve documented all the steps in …
Join Splunk at the Emirates Travel Hackathon next weekend!
Splunk is pleased to be sponsoring the Emirates Travel Hackathon next weekend, and we want to see you there! The event is taking place Nov 7th in San Francisco, and is open to all who want to participate in a great event with real prizes. Come out, learn something new, and solve challenging problems in the realm of travel! What should you build? Here’s what Emirates is looking for (from the FAQ page):
The hack should revolve around the experience of traveling. There are many websites and applications that focus on the logistics of travel – scheduling flights, reserving seats, booking hotels, etc. However, we’re looking for apps that help people experience the excitement of travel to the fullest extent, so get creative
Splunk admin & some basics around working with REST APIs
I saw an interesting thread today on an internal list that I would like to share with the world. After all, while each of us is a precious snowflake, our problems and challenges are not always unique. If one person has this question, there’s a good chance that someone else does as well!
Let’s the set the stage. You have a typical Splunk environment with a bunch of servers with forwarders installed on each one which grabs data and sends it to the indexers. Automation is important, so you want to ensure that the configuration on these forwarders is consistent. One way to do this is to use our Deployment Server feature, which uses a pull model to ensure that all forwarders check in periodically to a …
Splunkers in Atlanta, Meetup this Friday! Learn what’s new with Splunk App for Stream & more
Headline says it all, but to elaborate just a tiny bit, be sure to join us in Atlanta this Friday! The user group meeting will be held in the Cumberland / Windy Hill area. Show up for a great time of learning more about Splunk, and networking with your colleagues in the Metro Atlanta area. Food will be provided. For full details and to register, please RSVP at our event page so that we have an accurate count for food.
11:00 – Welcome & networking
11:30 – Lunch served
11:40 – Housekeeping, group introductions
12:40 – Lightning rounds, member presentations
13:30 – User Group planning / networking
14:00 – Event …
Integrating with Splunk: You Gotta Think Outside the Box
This morning, a question was asked about integrating with Splunk that started with something like, “but I can’t send syslog from my system, so how can I get that data in Splunk?” It really doesn’t matter what system or what data; before digging in, I already knew that the answer was out there.
“But wait a second, Hal, how could you know that?”, you might be thinking.
Well, it’s just a matter of knowing a bit about how computer systems work, and understanding that Splunk has many ways of ingesting data. You see, at a very high level, there are only two ways that Splunk can integrate with another system. I’ll call these integration types “intentional”, and “operational”. Let’s define them:…
Integrating Splunk with Docker, CoreOS, and JournalD
Hal here, your friendly Lorax and developer evangelist! I wanted to share with everyone a guest post from a Splunker whom I met and see regularly at the Metro Atlanta Splunk User Group, Robert Labrie. Robert is a DevOps Engineer at The Network Inc, a company which builds solutions that prevent, detect and remediate misconduct to help companies maintain ethical cultures.
This post is about how Robert approached building out a new architecture, and of course, how to index the data generated by all of the components. Without further ado, take it away, Robert!
The team at TNWDevLabs started a new effort to develop an internal SaaS product. It’s a greenfield project, and since everything is new, it let us …
Splunk and Microsoft Azure – Intro and Resource Roundup
Note: the below article was written back in Dec 2014, but still gets a ton of hits and questions. Be sure to check out the Azure tag here on Splunk Blogs for the latest news.
We are often asked by customers about how Splunk can integrate with, or run in Microsoft’s Azure cloud platform. There’s actually a fair bit of information about this broad topic on splunk.com and elsewhere, but it can be a bit hard to find. This post will serve as an introduction to a few Azure …
Don’t Forget to CIM! Or, How I Learned to Love Tags
Let me tell you a little story about something which I learned (or re-learned!) today. For the impatient, you can read Jack’s previous article on building technology add-ons, and go learn CIM (which stands for Common Information Model). I’ll put some other resources as the end as well.
The silly thing I have to admit first of all, is that I thought I knew this stuff. I’ve been involved in making data models for the CIM app, for cryin’ out loud! Anyway, to the story…
In my prior role in business development as a solution architect, and now as a developer evangelist, I frequently work with ISVs, IHVs, SIs and others who want to integrate their stuff with Splunk. …
Atlanta Splunk User Group this Friday!
Just a reminder to folks that the monthly user group meeting is this Friday! If you haven’t already, please RSVP to the Meetup page so that we have an accurate count for food and building security.
• 11:30 – 12:00 Networking, lunch
• 12:00 ( 5-10 min) – Welcome, introductions
• 12:10 – 1:20 Presentations:
Michael Conner, Coke CCR – Automating Splunk app deployment in AWS
Hutch, Splunk – Advanced Visualizations
Hal, Splunk – Techniques for analyzing Splunk performance
• 1:20 – 1:30 Open discussion, next meeting logistics, close…