That happened: episode 40

This week in “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel: Ducky drops some wisdom, the #splunk buddy system in action, some things never get old,  sharing the Splunk clue:

Interested in Splunk performance as it relates to kernel filesystem caching?

Check out this awesome blog post from resident #splunk genius duckfez

The family that upgrades together…

…might also need a tetanus shot:

<Degann> catalan you upgrade to 6.0.3?
<catalan> yep
<Degann> we can be upgrade buddies, I just finished
<Degann> :)
<catalan> awwww
* catalan cuts her thumb and holds out the knife

Is there nothing regex can’t do?…

» Continue reading

National Corndog Day 2014

This is the first annual blog post regarding Splunk HQ’s third consecutive year of celebrating National Corndog Day one day early.

NCD is a fake holiday, invented by children, sponsored by giant food and beverage corporations, devoted to the over-consumption of corndogs, tater tots, and exceedingly cheap light beer, and the viewing of the NCAA March Madness college basketball tournament.

The goal of NCD is to achieve the triple-double, i.e. to consume 10 corndogs, 100 tater tots (10 units of 10) and 10 beers between the opening whistle of the first and the ending buzzer of the last basketball game played. Have we done this? No. But we’ll keep trying, because they keep sending us free corndogs.

I would like …

» Continue reading

Splunk Welcomes Spring with Color!

There’s always something fun & unique happening in our not-so-corporate corporate headquarters. We just celebrated Holi – a global celebration of the spring season, best known as the festival of colors. Blessed by the weather gods, we enjoyed yummy chaat & pakoda, and played with colors in the courtyard. Brian, I hope you were able to get your glasses clean! Happy spring!


See more photos here.…

» Continue reading

Splunk wins “Cloud Management Product of the Year” and I meet a Dragon


I was lucky enough to spend last week in San Francisco for the Splunk Annual Sales Kickoff – always nice to spend some time “Sitting by the dock of the bay” (or at least the Union Square Westin Hotel). Having watched Pacific Rim on the plane I was expecting something to come out of the fog and take out the Golden Gate Bridge…

While I was there, we had the great news that Splunk had been nominated for “Cloud management product of the year” at the UK Cloud Awards. The basis for the award was the work we’d done at UCAS and Cognia and how they manage their AWS, Azure and cloud based applications in Splunk.


The great news was …

» Continue reading

It’s Valentine’s Day – love your date and your data

It’s Valentine’s day and I’ve just got back from Paris – the alleged “city of love”. I was there for SplunkLive! Paris so no romance but lots of alluring stories of how organisations are using their data.

It inspired me to think about the different stages of falling in love and how they relate to how we see people fall in love with their data using Splunk.


Think of that first meeting, a blend of nervousness, excitement, scope for unlimited embarrassment and imagination of where this is going to end. This could be a chance meeting, speed dating, mutual friend or downloading Splunk (bear with me on this!).

Hopefully the first meeting goes well. You click, you laugh at how …

» Continue reading

That happened: episode 39

This week in “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel: Splunk results on your iPad–or anywhere, bromance is in the air, you may want to go back to college, gems from the tip jar:

Do you use statusboard on your iPad?

Starcher wrote a cool thing!

See this blog post from #splunk denizen starcher explaining how to use Splunk alerting and Dropbox to update a dashboard in statusboard on your iPad:

This makes me think of another “get your Splunk on anywhere your iDevice is” project, the Splunk Everywhere utility written by David Carasso. Check out his blog post about it here:

Virtual bros

Jeffums (aka DaGryph) makes …

» Continue reading

Splunking the Signs of Labor

Time flies, and its time for a new financial year over here at Splunk. Not only that, it is also the Year of the Horse, according to the Chinese, or Pony like what some of my western colleagues like to call it. Whatever the case, things have always been exciting working in this company.

Today, I had the most interesting email from my fellow colleague.

“Tat Wee,
I need to take my wife to the hospital for the 3rd time. This time, it does not seem to be a false alarm.


I was dumbfounded when I saw a dashboard of Splunk running to monitor the contractions interval, the number of contractions per hour, as well as additional notes to call …

» Continue reading

That happened: episode 38

HAPPY NEW YEAR from “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel. This week: Who are these weirdos and what do they want you to know, externally bloggy hotness, Splunk and your family, highlighting a rockstar in our midst.

I wish I’d known that when….

Denizens of the #splunk IRC channel have begun keeping a page of tips and gotchas for the benefit of those who follow in their (epic) footsteps:

Want to know who these folks are? Check our IRC page:

More excellent Splunk nerdery can be found here at #splunk inhabitant George Starcher’s blog:

I LOVE children…I just can’t eat a whole one

Several #splunk denizens have sprogged

» Continue reading

Santa Claus International – a Splunk big data case study

Santa Claus International, and its other global brands such as Father Christmas, Kris Kringle, Saint Nicholas and Pere Noel are processing about 18 Elfabytes of data day in Splunk (An Elfabyte isn’t a vampire gnome but 1024 Zetabytes). They are using Splunk to improve CCE (Christmas Customer Experience), manage their gift operations and ensure timely deliveries of presents to over 2 billion children.


Whilst I was in the Nordics recently attending SplunkLive! Olso and Stockholm I had the opportunity to pop up to the North Pole and Lapland to interview Santa Claus International and talk to them about how they are using Splunk to get Operational Intelligence out of (very) big data.

Santa Claus International is facing a number of …

» Continue reading

Syracuse University’s iSchool IT Girls want to change the world with data

This past Veteran’s Day weekend, I was in Syracuse, NY with fellow Splunker Christy Wilson, attending the 3rd annual IT Girls overnight retreat at Syracuse University’s iSchool. One of the goals of the retreat is to introduce the 100 selected high school girls from around the US to technology concepts, and to inspire them to pursue careers either in, or related to technology–but we were the ones who came away inspired.

The girls travel to the event from all over the country. Most are from neighboring cities including New York, Philadelphia, and the DC area, but the event is expanding its reach–some attendees were from further afield, coming from Texas and Georgia. Some parents also traveled to Syracuse …

» Continue reading