SSSL (Splunk Secure Sockets Layer)

Splunk SSL

The primary reason why SSL is used is to keep sensitive information sent across the internet encrypted so that only the intended recipient can understand it.

This is important because the information you send on the internet is passed from computer to computer to get to the destination server. Any computer in between you and the server can see your credit card numbers, usernames, passwords, Splunk searches and other sensitive information if it is not encrypted.

When an SSL certificate is used, the information should become unreadable to everyone except for the server you are sending the information to. This protects it from possible prying eyes.

It is often important to make sure the connection from Splunk Web to the …

» Continue reading

Make it flash! Make it flash!

Splunk Traffic Lights

Splunk ships with some really neat visualisation options. From bar charts to gauges. Though sometimes they just don’t fit your requirements.

Wether that be something as simple as an custom icon or a super-slick D3 visualisation, Splunk’s framework makes it really easy to display your data in many number of ways.

One of the things I get asked a lot is: “Can we have a traffic light?”. The answer – yes! Let me show you how to light Splunk up in this post.…

» Continue reading

Popular Cisco Networks App Recognized with Splunk “Revolution Award”

The first inkling I had of the usefulness of the Cisco Networks App for Splunk Enterprise (formerly Cisco IOS) came from a Cisco field team who helped their customer get the app working and immediately identified multiple issues with flapping ports. In the months that followed I’ve had the pleasure of getting to know Datametrix senior consultant, Splunk app developer and general rock star Mikael Bjerkeland.

At .conf2014 Mikael was recognized with a much-deserved Splunk 2014 Revolution Award. ComputerWorld Norway profiled the award and the Cisco networking app in a fantastic article (“Norsk programvaresuksess”) that anyone using Splunk and Cisco networking gear should read.

For folks who don’t speak Norwegian, here’s a quick recap …

Several years …

» Continue reading

Making Sense: Manufacturing, Splunk and Industrial Data

Recently, in the online publication Manufacturers Monthly, Denise Carson published a piece called “Harnessing Operational Intelligence”, and really made the case for using big-data and platforms like Splunk to deal with “rising costs and the tyranny of distance”. Denise explained that operational intelligence has the potential to help manufacturers do things smarter and remain competitive in the face of massive volumes, velocity, and variety of data.

In the same week, in the “Smart Business” section of the Chinese language ITHome.com, Yu Zhihao wrote about how a Korean semiconductor company was using Splunk and big data to perform real-time analysis of the semiconductor production line, and was quickly getting to the bottom of production issues through advanced analytics …

» Continue reading

Building a great Splunk App for Apptitude

How do I build an app that’s going to stand out as the best among an intensely competitive pool? That’s a question that’s on a lot of minds as Splunk Apptitude gets rolling.

Splunk has introduced a program that rewards the best Splunk App in two categories, with a big cash payout. Apptitude is getting the attention of a lot of users and partners, Splunkers who may have created apps for their own purposes, but who never considered submitting their work to the Splunk Apps site.

So, what it does it take to earn glory, karma, and the admiration of your peers? All you have to do is create and publish a solid winning Splunk app in one of …

» Continue reading

The Bank of Splunk

Spend by City

No, we’re not diversifying into a financial services company…

I recently received a letter from Her Majesty’s Revenue and Customs. If you’re reading from the US, they perform many of the same duties as the Internal Revenue Service. Thankfully it wasn’t a demand for unpaid taxes, but a breakdown of how my taxes had been spent over the previous year on things like education and welfare.

For a long time I’ve wanted to quantify my monthly financial accounts, similar to this letter, starting from when I first opened my bank account. Unfortunately in the UK we don’t have a product that works like MINT to do this just yet… but we do have Splunk.

Using Splunk I’ve now started to track …

» Continue reading

Protocol Data Inputs

It must have been about a year ago now that I was talking with a Data Scientist at a Splunk Live event about some of the quite advanced use cases he was trying to achieve with Splunk. That conversation seeded some ideas in my mind , they fermented for a while as I toyed with designs , and over the last couple of months I’ve chipped away at creating a new Splunk App , Protocol Data Inputs (PDI).

So what is this all about ? Well to put it quite simply , it is a Modular Input for receiving data via a number of different protocols, with some pretty cool bells and whistles.

pdi

 

So let’s break down some of …

» Continue reading

Delegated admin

The role hierarchy in splunk allows a user who has the ‘edit_user’  capability to create other splunk users and grant them any role including admin.  But what if you want to delegate user creation to a ‘mini-admin’ who should be able to create only users but not more admins.

Starting 6.2, we have the concept of a delegated admin, who can create users who can only belong to a pre-provided list of roles. This is a way of enforcing the principle that users can only create other users with privileges that are a subset of their own.

Let us see how this can be achieved.…

» Continue reading

Now Time For the Splunk Weather Forecast

Raspberry Pi, Air Pi, and Splunk

If you were at .conf last week you would have likely seen some of the exciting Internet of Things projects people are using Splunk for. I think Ed Hunsinger put it best:

So far I’ve heard about @splunk being used for planes (Royal Flying Doctor), trains (New York Air Brake), and automobiles (VW). #splunkconf

@edhunsinger

Watching .conf 2014 from a far in the UK, I got excited about some of my own IOT projects. Then I remembered Brian Gillmore’s call for cool projects using Splunk with the RaspberryPi. At the same moment, by pure chance, I got an email telling me AirPi circuit boards (a RaspberryPi connected weather station) were back in-stock.

And it was settled. I would build a RaspberryPi …

» Continue reading

Get your Community on at .conf2014!

Community is HUGE at Splunk, and we’re doing it up big at this year’s .conf with our own gigantic Community Lounge. Here’s a sampling of what’s in the works:

Masters of IRC panel discussion

Wednesday, Oct 8th 11am-12noon on the Community Stage

Join us for an informal panel discussion with 6-7 of our most knowledgeable, longtime customers from the #splunk IRC channel. They will be taking your questions and sharing best practices and stories from their long years of experience deploying and maintaining Splunk at scale. Bring your questions! Whisky optional, but recommended :).

Learn how to start your own Splunk User Group (and meet other people who do, too)

Wednesday, Oct 8th, 12:15pm – 12:45pm on the Community

» Continue reading