Blogs

I am happy to announce a new feature on Splunkbase – direct installs from an app’s Splunkbase page into Splunk.  No more downloads and messing with files.  Just click “Install into Splunk” button and your Splunk instance will automatically pick up the App from Splunkbase and install it.

It’s pretty easy.  To enable this feature, go to Splunkbase, open your user’s profile, click on “Edit users settings” – “Edit profile“.  You will be able to see new input field there, “Splunk Instance“. Note that the Splunk instance  that you specify in this field  can reside in a closed network, and it does not need to have Internet access, but your local computer must be able to access it.  Also,…

There’s still time to celebrate Big Data Week by participating in the Data Science Hackathon–and you can do so in style at Splunk’s HQ office at 250 Brannan St, in the SOMA district of San Francisco or at The Butter Factory in Melbourne, Australia. Other venues include: Berlin, Canberra, Finland, London and New York City.

The aim of the hackathon is to show the world what is possible through Data Science-a mission near and dear to our heart. In addition, the event’s aim is also to promote the sense of community, team work, and free spirit competition for the sake of Data Science.

Snarky Splunk shirts, Splunk Search Reference Guides and gallons of  energy drinks…

This week in “That happened: notes from #splunk” a blog about the goings-on in the Splunk IRC channel: purveyors of virtual hugs, karma monitoring, a step-by-step lesson in reporting on session stats, and robot family planning advice.

The Truth will possibly get you snuggled

And Drainy is prepared for that outcome:

*** drsnuggle has left #splunk
<@piebob> i wish drsnuggle would…SAY something
<Drainy> piebob: I can’t wait for the day Dr Snuggle says something
<Drainy> I announced him as being on duty earlier but alas, still nothing
<amrit|lon> Drainy: who he be?
<Drainy> no idea
<Drainy> but anyone who is a dr of snuggles must be good for something
<amrit|lon> hehe
<jgedeon>…

“Splunk allows you to impose structure on any and all of your unstructured data!”

In my last blog entry, I wrote about asking vendors to make their log event formats follow industry best practices. Now, if the log events reside in files or can be broadcast out on network ports, this makes it quite easy to access them with technologies such as Splunk Universal Forwarders. However, if the log events are buried deep within the application, device, or system that created them, then there is is one more issue to address to get to the events and that is having an accessible transport mechanism with examples on usage.

By transport, I obviously am not referring to some futuristic vehicle transportation.

What I am talking about is a way for one computer…

Fellow Splunkers,

Thus begins my first blog post as an employee of a publicly traded company.  Given that, I would like to let you all know that [REDACTED - lstein].  Now that I have cleared the air, let’s move on.

It has never been more true: the more things change, the more they stay the same.  While Splunkers around the globe were partying like it was 1999, I was on the way to my second straight National Collegiate Cyber Defense Competition in San Antonio, Texas (aka the Alamo City).

This past weekend, Splunk sponsored the 2012 National Collegiate Cyber Defense Competition http://www.splunk.com/view/SP-CAAAGXF , a competition aimed at helping undergraduate students master the craft of cyber-security so that they hit the ground running when they graduate.

Over this same weekend, I had the chance to visit a decommissioned Nike missile site in the Marin Headlands.  The site was staffed by retired volunteers who were active army personnel on-site when it stood ready to deploy nuclear warheads mounted on supersonic missiles.  As someone who went to high school during the early 1980’s, seeing cold-war era hardware and procedures in action was spooky and fascinating.  A small group of us rode the missile platform down and got a brief history lesson…

“Space. We’re all in it together.” What an apropos tagline for an impressively collaborative event happening on all 7 continents and the Space Station!

Thanks to all of the hosts and participants that came out last weekend to make the 1st International Space Apps Challenge the amazing Citizen Science and hackathon experience it was! Splunk was proud to work with GWOB, TechShop, NASA, Tropo and others to make this event possible.

A special thank you and congratulations to Splunkers Andrea, GBA and Nick Key for representing Splunk and winning a few awards.

Andrea and her OpenROV team won the Opensource Award and were given the special nod to go on…

I am pleased to announce that we have just released the Splunk Python SDK beta.  This release contains significant updates that make it even easier to build applications on top of Splunk using Python.

Updates

• Improvements to entity state management
• Improvements to usability of entity collections
• Support for collection paging – collections now support the paging arguments: count, offset, search, sort_dir, sort_key and sort_mode. Note that Inputs and Jobs are not pageable collections and only support basic enumeration and iteration.
• Support for event types:
  • Added Service.event_types + units
  • Added examples/event_types.py
• Support for fired alerts:
  • Added Service.fired_alerts + units
  • Added examples/fired_alerts.py
• Support for saved searches:
  • Added Service.saved_searches + units
  • Added examples/saved_searches.py
• Sphinx based SDK API docs and improved

…

We are very happy to announce the general availability of the Splunk App for WebSphere Application Server 2.0! We’d introduced this solution earlier in the year (http://blogs.splunk.com/2012/03/02/splunking-your-websphere-application-server-environment/) and are proud to make it available on Splunkbase as a fully supported app http://www.splunk.com/goto/GetWAS. Use the Splunk App for WAS to monitor logs, configurations and performance of large scale production deployments of WebSphere Application Server. With 2.0, we primarily focused on enhancing the installation and deployment for very large scale environments, but you will also find several new and improved dashboards such as the centralized exception monitoring, configuration overview and performance dashboards. You can use these to extend and customize the app for your environment.

Getting into

…