The Splunk Apptitude App Contest to give out $150,000 in prizes

Screen Shot 2015-04-20 at 3.35.48 PM

The RSA Conference 2015 is in full swing here in San Francisco, and Splunk is out in force. With so much news coming out of the conference, it’s easy for things to get lost in the shuffle so I wanted to let you all know the what, why, when and how about the new Splunk Apptitude App Contest that we announced this morning.

WHAT?
The Splunk Apptitude App Contest is an online competition designed to find the next big app using Splunk software. Whether it’s the next cutting edge visualization, or a highly technical security app – we want your big ideas. And we’ll give you more than just bragging rights, we’ll give you cash.

The Splunk Apptitude contest serves …

» Continue reading

Splunk supporting the .NET Fringe conference

 

Image2fringe

Next week, we’re heading down to Portland to attend .NET Fringe. This is an event focused on a lot of cool stuff happening in the .NET Community around OSS. As an active member of the .NET OSS community, maintainer of several OSS projects and one of the organizers of the event, I am obviously really excited to see this happen. I am equally excited to see that Splunk has stepped up to the plate as a Platinum sponsor to help make this a reality. Events like this take a lot of funds to do them right and Splunk is there!

Having a strong .NET ecosystem around open source is valuable to us and Splunk cares greatly about where …

» Continue reading

Troubleshooting connectivity issues to Splunk’s API from the SDK

A common problem we see customers struggle with is how to diagnose connectivity issues with any of our SDKs. In this post, I’ll show you a few tried and true practices that can help you figure out what might be going wrong.

There are two main families of errors folks see. One has to do with general connectivity / connection info, and the other has to do with security config on the client.

General connectivity issues 

This means that you are unable to succesfully connect to the API. The best way I find to diagnose is to drop to a terminal and use curl to login to the Splunk API and see the results. The command to use is:

curl …
» Continue reading

The Splunk SDK for JavaScript gets support for Node.js v0.12 and io.js!

We’ve just released an update the Splunk SDK for JavaScript, v1.7, with some great new features! Most importantly support for Node.js v0.12.x and io.js.

You can get it on npm or GitHub, and docs are available at dev.splunk.com

New features and APIs

  • Added Service.getJob() method for getting a Job by its sid.
  • Added Service.ConfigurationFile.getDefaultStanza() method for getting the [default] stanza of a conf file.
  • Can now stream JavaScript objects with modular inputs by passing an object as the data parameter to the Event constructor; that object will then be passed to JSON.stringify().
    • Updated the GitHub commits example to show this functionality.

New Examples

  • The node/helloworld/get_job.js example shows how to get a Job by its sid.
  • The node/helloworld/endpoint_instantiation.js example
» Continue reading

Announcing the Splunk Developer Guidance

Greetings, Splunk Developer Community!

This week we are announcing the new Splunk Developer Guidance program at the Splunk Partner Summit Americas 2015. The main objective is to provide our developer community with tools and guidance to build amazing apps on the Splunk platform and enrich users’ experience in gaining insights from their machine data – where ever it might come from and whatever domain they might be specializing in! We are fully aware that the first thing most devs are looking for is code that they can take apart, learn from, and reuse. That’s why we built reference apps for you. The reference apps are complete, end-to-end, real-world apps built with our partners that are meant to showcase various underlying …

» Continue reading

git commit -a -m “Splunking Github Blog”

Github Splunk Analysis

I <3 Github. Splunk <3’s Github (check out our repos here). I am told it is just a coincidence our HQ is opposite theirs.

One of the neat things about Github I am just starting to explore is their API. You can use it to do loads of things, from interrogating user activity to searching for keywords within code. I recently saw this analysis of the most popular programming languages hosted on Github and I was inspired to recreate it within Splunk.

Indexing Github data into Splunk makes it super-simple to start exploring it. In this post I wanted to show you some of my first experiments connecting Splunk into the Github API.…

» Continue reading

Splunk App for Salesforce

Do you manage a Salesforce environment and would like to analyze who is accessing what? Would you like to find out who is exporting sensitive data? Would you like to detect any Salesforce related suspicious activities or any slow running reports, dashboards, SOQL queries?

If the answer to the above is yes, you should check out the Splunk App for Salesforce which has been recently released as a service on Splunk Cloud. This App relies on the Salesforce Event Log File that exposes Salesforce access logs. In addition to that, you can also leverage this app to collect and index any data from the standard Salesforce objects. In other words, you can use this app to index structured and unstructured salesforce data.
For …

» Continue reading

Notes on Splunk CIM

So you want to work with the Splunk Common Information Model, and you’re not sure where to start… developers first working with the CIM and Add-ons are sometimes confused by its minimalist design, particularly if they’re familiar with the broadly used Desktop Management Task Force CIM. Here’s some notes on the CIM’s design that hopefully will help clear things up. First, we’ll look at how it’s used, and then we’ll talk about why the Splunk CIM is designed the way that it is.

The Splunk CIM describes concepts via tags rather than entities via database columns, and the first thing to understand when you’re trying to work with it is the event type. Events are the raw material …

» Continue reading

A custom search command for Yelp

A while ago we posted on search commands and how to build a basic generating command which creates dummy “Hello World” events. Generating commands can be used for much more including talking to external APIs. For example, a fun command to think about would be allowing you to search for restaurants, theaters, etc using Yelp’s API. We’ve posted a sample Yelp search command that does just that. You can find it on github here.

Using the command you can do things like search for Sushi and Italian restaurants in SF:

| yelp location="San Franciso" term=sushi,italian

Or if you are an adventurer, you can find out where to make that next skydive when you visit New Zealand :-)

| yelp

» Continue reading

SMail: Splunking Your Inbox

Splunk GMail

Google sent me a nice message to start the year – “Your inbox is reaching its limit”.

Looking at my GMail inbox I have well over 70k emails, taking up just under 15GB of space. I’m interested in how this number is made up – who emails me the most, who I email, what time I’m most productive, etc.

I decided to download my GMail archive using Google Takeout to analyse the data. Here’s how I did it.…

» Continue reading