Announcing the Splunk Developer Guidance
Greetings, Splunk Developer Community!
This week we are announcing the new Splunk Developer Guidance program at the Splunk Partner Summit Americas 2015. The main objective is to provide our developer community with tools and guidance to build amazing apps on the Splunk platform and enrich users’ experience in gaining insights from their machine data – where ever it might come from and whatever domain they might be specializing in! We are fully aware that the first thing most devs are looking for is code that they can take apart, learn from, and reuse. That’s why we built reference apps for you. The reference apps are complete, end-to-end, real-world apps built with our partners that are meant to showcase various underlying …
git commit -a -m “Splunking Github Blog”
I <3 Github. Splunk <3’s Github (check out our repos here). I am told it is just a coincidence our HQ is opposite theirs.
One of the neat things about Github I am just starting to explore is their API. You can use it to do loads of things, from interrogating user activity to searching for keywords within code. I recently saw this analysis of the most popular programming languages hosted on Github and I was inspired to recreate it within Splunk.
Indexing Github data into Splunk makes it super-simple to start exploring it. In this post I wanted to show you some of my first experiments connecting Splunk into the Github API.…
Splunk App for Salesforce
Do you manage a Salesforce environment and would like to analyze who is accessing what? Would you like to find out who is exporting sensitive data? Would you like to detect any Salesforce related suspicious activities or any slow running reports, dashboards, SOQL queries?
If the answer to the above is yes, you should check out the Splunk App for Salesforce which has been recently released as a service on Splunk Cloud. This App relies on the Salesforce Event Log File that exposes Salesforce access logs. In addition to that, you can also leverage this app to collect and index any data from the standard Salesforce objects. In other words, you can use this app to index structured and unstructured salesforce data.
Notes on Splunk CIM
So you want to work with the Splunk Common Information Model, and you’re not sure where to start… developers first working with the CIM and Add-ons are sometimes confused by its minimalist design, particularly if they’re familiar with the broadly used Desktop Management Task Force CIM. Here’s some notes on the CIM’s design that hopefully will help clear things up. First, we’ll look at how it’s used, and then we’ll talk about why the Splunk CIM is designed the way that it is.
The Splunk CIM describes concepts via tags rather than entities via database columns, and the first thing to understand when you’re trying to work with it is the event type. Events are the raw material …
A custom search command for Yelp
A while ago we posted on search commands and how to build a basic generating command which creates dummy “Hello World” events. Generating commands can be used for much more including talking to external APIs. For example, a fun command to think about would be allowing you to search for restaurants, theaters, etc using Yelp’s API. We’ve posted a sample Yelp search command that does just that. You can find it on github here.
Using the command you can do things like search for Sushi and Italian restaurants in SF:
| yelp location="San Franciso" term=sushi,italian
Or if you are an adventurer, you can find out where to make that next skydive when you visit New Zealand
| yelp …
SMail: Splunking Your Inbox
Google sent me a nice message to start the year – “Your inbox is reaching its limit”.
Looking at my GMail inbox I have well over 70k emails, taking up just under 15GB of space. I’m interested in how this number is made up – who emails me the most, who I email, what time I’m most productive, etc.
I decided to download my GMail archive using Google Takeout to analyse the data. Here’s how I did it.…
SSSL (Splunk Secure Sockets Layer)
The primary reason why SSL is used is to keep sensitive information sent across the internet encrypted so that only the intended recipient can understand it.
This is important because the information you send on the internet is passed from computer to computer to get to the destination server. Any computer in between you and the server can see your credit card numbers, usernames, passwords, Splunk searches and other sensitive information if it is not encrypted.
When an SSL certificate is used, the information should become unreadable to everyone except for the server you are sending the information to. This protects it from possible prying eyes.
It is often important to make sure the connection from Splunk Web to the …
Make it flash! Make it flash!
Splunk ships with some really neat visualisation options. From bar charts to gauges. Though sometimes they just don’t fit your requirements.
Wether that be something as simple as an custom icon or a super-slick D3 visualisation, Splunk’s framework makes it really easy to display your data in many number of ways.
One of the things I get asked a lot is: “Can we have a traffic light?”. The answer – yes! Let me show you how to light Splunk up in this post.…
Popular Cisco Networks App Recognized with Splunk “Revolution Award”
The first inkling I had of the usefulness of the Cisco Networks App for Splunk Enterprise (formerly Cisco IOS) came from a Cisco field team who helped their customer get the app working and immediately identified multiple issues with flapping ports. In the months that followed I’ve had the pleasure of getting to know Datametrix senior consultant, Splunk app developer and general rock star Mikael Bjerkeland.
At .conf2014 Mikael was recognized with a much-deserved Splunk 2014 Revolution Award. ComputerWorld Norway profiled the award and the Cisco networking app in a fantastic article (“Norsk programvaresuksess”) that …
Making Sense: Manufacturing, Splunk and Industrial Data
Recently, in the online publication Manufacturers Monthly, Denise Carson published a piece called “Harnessing Operational Intelligence”, and really made the case for using big-data and platforms like Splunk to deal with “rising costs and the tyranny of distance”. Denise explained that operational intelligence has the potential to help manufacturers do things smarter and remain competitive in the face of massive volumes, velocity, and variety of data.
In the same week, in the “Smart Business” section of the Chinese language ITHome.com, Yu Zhihao wrote about how a Korean semiconductor company was using Splunk and big data to perform real-time analysis of the semiconductor production line, and was quickly getting to the bottom of production issues through advanced analytics …