Splunk + Cloudera for Hadoop–Better Together

This is a guest post contributed by Amr Awadallah, Ph.D., Co-Founder and Chief Technology Officer, Cloudera

On July 23, my friend Todd Papaioannou and I are co-hosting a webinar on a subject that’s very important to me. As co-founder and CTO of Cloudera and a long-time Hadoop user dating back to my days at Yahoo, I recognize that big data, for all its promise, also comes with its share of challenges. A central one being how to make data exploration and analysis on petabyte-scale datasets across distributed systems accessible to people without advanced data science backgrounds.

That’s one of the things I really like about Hunk, Splunk’s analytics and visualization solution for Hadoop. It’s a powerful platform that allows you …

» Continue reading

Atlanta Splunk User Group this Friday!

Just a reminder to folks that the monthly user group meeting is this Friday! If you haven’t already, please RSVP to the Meetup page so that we have an accurate count for food and building security.

The agenda:

• 11:30 – 12:00 Networking, lunch

• 12:00 ( 5-10 min) – Welcome, introductions

• 12:10 – 1:20 Presentations:

Michael Conner, Coke CCR – Automating Splunk app deployment in AWS

Hutch, Splunk – Advanced Visualizations

Hal, Splunk – Techniques for analyzing Splunk performance

• 1:20 – 1:30 Open discussion, next meeting logistics, close…

» Continue reading

Retail Success at John Lewis

Since I joined Splunk a few months ago, I’ve had the opportunity to hear about some amazing things customers are doing with Splunk. During those conversations, I’ve noticed that most of our customers have a similar experience – they download Splunk to solve a specific issue, but quickly find out it can do so much more.

John Lewis is a prime example. In a recent press release, we announced how this UK retailer is using Splunk Enterprise to support the operations of a website that generates over 1 billion pounds in sales per year. The company initially downloaded Splunk to solve a single problem. In this case, John Lewis was trying to identify and resolve an extremely arcane technical …

» Continue reading

Deploying Splunk Securely with Ansible Config Management – Part 1

Intro

More times than not I have seen corporations struggle with config management and it is key for concise mitigation and remediation plan. Interfacing with a variety of Splunk customers the corporations whom do implement a config management system usually have a different tactic on how to manage Splunk while doing it in a secure fashion. In this series of blog posts which will hopefully walk you through a simple deployment of Ansible all the way to the most complex use-cases I have seen. I will first be covering how Ansible can be leverage to manage a simple Splunk deployment on your own hosts. Part 2 we will cover how this can be done in a larger scale with EC2 …

» Continue reading

Monitoring Local Administrators on Windows Hosts

It is always gratifying when one of my readers comes to me with a problem. I love challenges. This one had to do with one of my old posts surrounding Local Administrators remotely. Of course, the way to do this is via WMI. However, it doesn’t quite work the same way locally. This is because the WMI call to Win32_Group.GetRelated() returns other stuff as well. So the question posed was “how do I get the list of Local Administrators locally.” More specifically, I want to monitor the local Administrators group.

I look at this two ways. Firstly, I want to get a regular list of names in the Administrators group and secondly, I want to monitor for changes to the …

» Continue reading

Splunking web-pages

Have you ever had a situation where you found information on a webpage that you wanted to get into Splunk? I recently did and I wrote a free Splunk app called Website Input that makes it easy for everyone to extract information from web-pages and get it into a Splunk instance.

The Problem

There are many cases where web-pages include data that would be useful in Splunk but there is no API to get it. In my case, I needed to diagnose some networking problems that I suspected was related to my DSL connection. My modem has lots of details about the state of the connection but only within the web interface. It supports a syslog feed but it doesn’t include …

» Continue reading

Big data just got its Tricorder

Tricorder

In Star Trek a Tricorder is described as:

“A Tricorder is a multifunction hand-held device useful for data sensing, analysis, and recording data, with many specialized abilities which make it an asset to crews aboard starships and space stations as well as on away missions”.

I’m happy to announce the launch of the Splunk Mobile App, which unofficially I’m calling the “Big Data Tricorder”. You can download it from here (iTunes).

The Splunk Mobile App allows you to take the Splunk (Starship) Enterprise platform and allows you to explore strange new insights, to seek out new data and new visualizations, to boldly go where no machine data has gone before.

You can find more in the official press release here

» Continue reading

Splunking Social Media: Tracking Tweets

splunk-blog-twitter-dashboard

So you use Twitter and have heard Splunk can do “Big Data”. By tapping into Twitter’s API you can use Splunk to investigate the stream of tweets being generated across the globe.

The great thing about using Splunk to do this is that you have complete control of the data meaning it’s incredibly flexible as to what you can build. A few basic ideas I’ve had include tracking hashtags, following specific influencers, or tracking tweets by location in real-time.

What’s more, it takes a matter of minutes before you can start analysing the wealth of data being generated. This post will show you how.…

» Continue reading

Splunk Named a Leader in Gartner Magic Quadrant for SIEM…again!

This week Splunk was named a leader in Gartner’s 2014 Magic Quadrant for Security Information and Event Management (SIEM) for the second year in a row. For the MQ, Gartner evaluated Splunk® Enterprise and the  Splunk App for Enterprise Security and also spoke to multiple Splunk customers as part of the process. To read the Gartner report, please register here.

We are very proud of this award, as it reflects the success that you, the security and compliance customers of Splunk, have had with our product. We now have thousands of security and compliance customers across the world using Splunk for a wide range of use cases including log management, incident investigations, forensics, real-time correlations and alerting, advanced …

» Continue reading

Marines and Baby Wipes?

By Mike Glauser

What started as a cost-saving maneuver has turned into an improbable relief effort.

The Splunk Facilities team has donated more than 4,000 baby wipes to Operation Care and Comfort, a non-profit organization committed to supporting our troops during time of war. OCC has donated more than 1 million pounds of care packages to U.S. military personnel since 2003.

Operation Care and Comfort logo

Why does our Facilities team have so many baby wipes? And why do our troops want so many baby wipes? The answer to both of these questions is a happy case of coincidence.

Enter Andrew Doudna, the newest member of the Facilities team. While serving his country in the Marines, Andrew became acutely aware of what is needed on …

» Continue reading