Building add-ons just got 2.0 times easier

Are you trying to build ES Adaptive Response actions or alert actions and need some help? Are you trying to validate your add-on to see if it is ready to submit for certification? Are you grappling with your add-on setup page and building credential encryptions? If you are, check out Splunk Add-on Builder 2.0.

Below is a brief overview of what’s new in Add-on Builder 2.0:

  • You can now leverage the easy-to-use, step-by-step workflow in Add-on Builder to create alert actions and ES adaptive response actions. No need to deal with .conf files and Python, let the tool do the work for you.

ModAlert1

modalert2

  • The validation process has been enhanced to include App Certification readiness. This validation process can also be performed on apps and add-ons
» Continue reading

Encrypt a Modular Input Field without using Setup.XML

Modular Inputs are a great addition to Splunk Enterprise.  One of the things I really like about Modular Inputs is that they allow you to create inputs that “look and feel” as if they were part of the Splunk installation by providing a nice user interface for parameter input.

But, what if you need to encrypt a Modular Input value?  This could be a password, OAuth secret key, or some other confidential piece of information.  Traditional Splunk applications use setup.xml and the storage/passwords endpoint to accomplish this.  If you just need to encrypt an input value specific to the input (as opposed to the entire application), it may be cumbersome to the end user to first run through a setup.xml …

» Continue reading

Introducing Splunkbase Curated Experience

There are about 1,200 apps in Splunkbase today. Up until now, the typical ways to look for an app on Splunkbase have been to either search for the app, or filter through multiple apps based on several filter criteria. We have not recommended apps to our user community in the past. With the launch of curated experience at Splunk .conf2016 we are changing this by bringing the notion of “curation” to Splunkbase.

We believe this will improve the app browsing and discovery experience for our users by highlighting apps that provide the most value. The main emphasis here is on “curation of content” by a team at Splunk – sifting through all the apps on Splunkbase, and highlighting these …

» Continue reading

Introducing AppInspect

Yesterday at .conf2016 we announced the general availability of Splunk AppInspect, the first static and dynamic analysis tool for Splunk apps.  Built and used by the team that administers the Splunk App Certification program to speed the certification process, we’re now able to share it with developers who want the same insights into their apps, whether they plan to release them to Splunkbase or not.

“AppInspect has been invaluable in bringing Splunk certification testing into our automated build environment, helping us to create Splunk Apps that are ready for App Certification on the first upload to SplunkBase.” – Kyle Smith, Aplura, LLC

All developers want to get their work done faster, with fewer errors and less debugging.  Splunk AppInspect makes that possible …

» Continue reading

Splunk your Google Analytics

Gain more insight into site performance and user activity by correlating Google Analytics data within Splunk.

A customer of mine recently wanted to understand more about the journey that retail consumers take when they arrive at its website. They recognized that consumers who have previously bought from the site will have more familiarity with the design and layout than those visiting the site for the first time. In addition, consumers who went directly to the site would have a greater brand engagement than those who were referred from an affiliate site.

If only we could implement a method to back up the data that gets submitted to  Google Analytics, also sending it back to the local Apache web server logs …

» Continue reading

I can’t make my time range picker pick my time field.

When you are working with Hadoop using Hunk or when you are working with Splunk and the time field you want to work with is not _time, you may want to use the time picker in a dashboard with some other time field. You may have the same problem when the current _time field is not the time field you want to use for the current search.

Here is a solution you might use to make time selections work in every case including in panels.

| inputlookup SampleData.csv
| eval _time=strptime(claim_filing_date,"%Y-%m-%d")
| sort - _time
| addinfo
| where _time>=info_min_time AND (_time<=info_max_time OR info_max_time="+Infinity")

Let’s Break this search down into its parts.

| inputlookup SampleData.csv

This is an example of …

» Continue reading

Talk to Splunk with Amazon Alexa

What do you think the future experience of interacting with your data is going to be like ? Is it going to be logging in by way of a user interface and then using your mouse/keyboard/gestures to view and interact with something on a display panel , or is it going to be more like simply talking with another person ?

Introducing the “Talk to Splunk with Amazon Alexa” App

This is a Splunk App that enables your Splunk instance for interfacing with Amazon Alexa by way of a custom Alexa skill, thereby provisioning a Natural Language interface for Splunk.

You can then use an Alexa device such as Amazon’s Echo,Tap or Dot or another 3rd party hardware device to tell …

» Continue reading

Splunk at ThingMonk 2016

ThingmonkHi everyone

I’m Duncan Turnbull and I am the technical lead for the Analytics and IoT practice team here at Splunk in Europe. This means I get to spend my time listening, explaining, showing and talking to organizations across EMEA about how to use their machine data to solve business problems and find the value from it by using Splunk’s software.

I’m delighted to be at Redmonk’s ThingMonk event this year at the Hack Day on day 0. I’ll be there to see what we can build on the day, build some cool things myself and showcase how to use all the data from these sensors. Last year we had Matt Davies and James Hodge from Splunk present and …

» Continue reading

#splunkconf16 preview: IT Operations Track – Choose your own adventure!

Does anyone else remember the ‘choose your own adventure books’ from the 90s? I do, and this year’s #splunkconf16 has me almost as excited as getting a brand spankin’ new pile of books. Just kidding, 2016 user conference is going to be much, much better!

2016-05-09-1462761733-5966723-chooseyourown

caveoftime

(No, this is not an ITSI Glass Table)

 

Splunk .conf2016 is coming up fast, and everyone on the Splunk team is excited to head down to the happiest place on earth for this year’s user conference. Check out some key details below about the great sessions that will be featured in the Splunk IT Operations track this year at .conf 2016. This year, we’ve made it easy for you by parsing the sessions into …

» Continue reading

iOS Memory Warnings

Memory on mobile devices is a shared resource, and apps that manage memory improperly run out of memory and crash. iOS manages the memory footprint of an application by controlling the lifetime of all objects using object ownership, which is part of the compiler and runtime feature called Automatic Reference Counting (ARC). When you start interacting with an object, you’re said to own that object, which means that it’s guaranteed to exist as long as you’re using it. When you’re done with the object, you relinquish ownership and if the object has no other owners, the OS destroys the object and frees up the memory. Not relinquishing ownership of an object causes memory to leak and the app to crash. …

» Continue reading