Splunk Answers is now migrated!
Splunk Answers has just been migrated to a new platform! Read more about the process and goals.
What to expect
You won’t see much in the way of UI changes, but the site underneath will be more stable and more flexible. You should experience faster loading times, more responsive controls, and very importantly, an improved search experience. We will now also have access to new and improved spam blocking features, a much-needed improvement.
The goal of the initial migration is to maintain feature parity with the existing Splunk Answers site. This will help us make sure we don’t break anything you’ve come to rely on. Over time, we will be able to launch new features and improved functionality.
Splunk Answers migration coming up on Sept 12th!
9/13 12:30pm Pacific: Still working out final issues with userID mappings. Sorry for the delay!
Home to more than 35,000 questions and more than 43,000 answers as well as a thriving community of your fellow Splunk users, Splunk Answers will be getting an update soon! Here’s what to expect:
What will happen during the migration?
During the migration process, we will put the existing production site into a read-only mode so we can get the most up-to-date copy of the Answers database to use on the new site. This will start at around 8pm Pacific, which our own Splunk instance tells us is when usage of the site begins to taper off significantly for the weekend. During this time, you will be able to …
Splunk and the latest OpenSSL vulnerabilities
Hi Splunk users,
Last Monday, we became aware of a new set of vulnerabilities announced in OpenSSL. We have reviewed the issues, and have determined that we must update the version of OpenSSL we currently ship to address these issues.
Note: Not all the listed issues are of concern for Splunk. For example, we do not use DTLS. However, “SSL/TLS MITM vulnerability (CVE-2014-0224)” is relevant to Splunk and should be addressed.
We have now posted the following releases containing the fixed version of OpenSSL:
That happened: episode 41
This week in “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel: how to hire a ninja, the usual assortment of bad jokes, blame-based dashboarding:
I will find you, and I will splunk you
Must have a very particular set of skills…
<Baconesq> We are trying to write a job req for a “splunk person”
<Baconesq> Why is this so hard?
<cerby> Baconesq: because there aren’t enough of us.
<xoff> “Must be rockstar, like Pie.”
<xoff> (and Bacon)
<snowmizer> baconesq: can I work from iowa
<xoff> Baconesq: seriously, I wouldn’t mind a copy of what you …
That happened: episode 40
This week in “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel: Ducky drops some wisdom, the #splunk buddy system in action, some things never get old, sharing the Splunk clue:
Interested in Splunk performance as it relates to kernel filesystem caching?
Check out this awesome blog post from resident #splunk genius duckfez: http://duanewaddle.com/effect-of-kernel-filesystem-caching-on-splunk-performance/
The family that upgrades together…
…might also need a tetanus shot:
<Degann> catalan you upgrade to 6.0.3?
<Degann> we can be upgrade buddies, I just finished
* catalan cuts her thumb and holds out the knife
Is there nothing regex can’t do?…
Final status: Splunk and the Heartbleed vulnerability
Dear Splunk users,
We’re expecting this to be our final blog post about how we’re handling the Heartbleed OpenSSL vulnerability (CVE-2014-0160). For background, here are the previous installments from us:
What’s been done, products and services
We’ve updated and secured our products and services as follows:·
- Splunk Enterprise: We delivered a fixed version of our Splunk Enterprise software, as well as patches for the currently shipping versions. Refer to http://blogs.splunk.com/2014/04/10/fix-now-available-splunk-and-the-heartbleed-vulnerability/ this post for the links.
- Splunk Cloud offerings: As stated in http://blogs.splunk.com/2014/04/09/splunk-and-the-heartbleed-ssl-vulnerability/, our Splunk Storm and Splunk Cloud services were both secured last week.
- Bugsense (a Splunk company): We have secured the Bugsense service as described in this blog post: http://blog.bugsense.com/post/82717545967/bugsenses-actions-to-address-the-heartbleed-issue
- Cloudmeter (a Splunk company): The
Fix now available: Splunk and the Heartbleed vulnerability
Dear Splunk users,
This is an update to yesterday’s post on our handling of the OpenSSL Heartbleed vulnerability. Thank you again for your patience and understanding as we spent the necessary time to prepare and test our fix for this important issue. As I mentioned yesterday, we are working hard to balance getting the fix out to you as quickly as possible while still spending sufficient time testing it to ensure a high quality delivery.
Take me to the fix!
As of now, Splunk Enterprise 6.0.3 is now available for download. This includes universal forwarder builds.
This release contains two fixes for vulnerabilities in OpenSSL:
- CVE-2014-0160 – OpenSSL 1.0.1 TLS Heartbeat leaks sensitive information (also known as the “Heartbleed”
Splunk and the Heartbleed SSL vulnerability
(Update: we’ve posted a fix for this issue, see http://blogs.splunk.com/2014/04/10/fix-now-available-splunk-and-the-heartbleed-vulnerability/.)
Dear Splunk users,
As you’re likely aware, a significant vulnerability in OpenSSL, which the security community is calling the “Heartbleed” vulnerability, was discovered and publicized earlier this week. This is not a bug in code that Splunk produced, but rather in a component of a package that is in common use throughout the software industry.
The purpose of this blog post is to inform you about what Splunk is doing to address this issue. For more detailed information about the vulnerability itself, refer to http://heartbleed.com.
Here’s what you need to know:
What versions of Splunk are affected?
- Splunk Enterprise versions 6.0, 6.0.1, and 6.0.2 are affected. This includes
That happened: episode 39
This week in “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel: Splunk results on your iPad–or anywhere, bromance is in the air, you may want to go back to college, gems from the tip jar:
Do you use statusboard on your iPad?
Starcher wrote a cool thing!
This makes me think of another “get your Splunk on anywhere your iDevice is” project, the Splunk Everywhere utility written by David Carasso. Check out his blog post about it here: http://blogs.splunk.com/2014/01/29/splunk-alerts-and-charts-on-your-iphone/
Jeffums (aka DaGryph) makes …
That happened: episode 38
HAPPY NEW YEAR from “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel. This week: Who are these weirdos and what do they want you to know, externally bloggy hotness, Splunk and your family, highlighting a rockstar in our midst.
I wish I’d known that when….
Denizens of the #splunk IRC channel have begun keeping a page of tips and gotchas for the benefit of those who follow in their (epic) footsteps:
Want to know who these folks are? Check our IRC page: http://wiki.splunk.com/Community:IRC
More excellent Splunk nerdery can be found here at #splunk inhabitant George Starcher’s blog:
I LOVE children…I just can’t eat a whole one
Several #splunk denizens have sprogged …