Many companies produce RSS (Really Simple Syndication) feeds for their employees, partners, and customers. Moreover, these same companies consume RSS feeds from their suppliers whether it be personal news information or more timely business data. RSS is a great way to digest this information, but after a certain period, it may not be possible to [...]

Sometimes users of Splunk like to have Splunk tell them what is happening with their infrastructure without doing an ad-hoc search. The most obvious way to accomplish this is to use Splunk Alerts. An alert gets generated for a saved search that is executed over a configured period and matches user defined conditions.
Now suppose you [...]

I was talking to some Splunk Users and mentioned scripted alerts as a very powerful way to invoke any program to get an alert. My thoughts then came to audible alerts. Since a scripted alert can call anything, it is possible that the script can call a program that can remotely send an alert that [...]

In a previous blog entry, I had mentioned that Splunk can participate as a Services Oriented Architecture (SOA) consumer and provided an example on using web services as a scripted input. In today’s entry, I’ll discuss a more administrative task, which is quite native to Splunk, change management. As you may well know, Splunk can [...]

Welcome to my first blog entry. Hopefully, this will be a productive experience for all of us.
For my first topic, I’ve decided to talk about customizing Email Alerts in Splunk. Currently, in the 3.x version of Splunk, you can easily specify an alert to send an email, which can even include search results. Some people [...]