Splunk Named a Leader in Gartner Magic Quadrant for SIEM…again!

This week Splunk was named a leader in Gartner’s 2014 Magic Quadrant for Security Information and Event Management (SIEM) for the second year in a row. For the MQ, Gartner evaluated Splunk® Enterprise and the  Splunk App for Enterprise Security and also spoke to multiple Splunk customers as part of the process. To read the Gartner report, please register here.

We are very proud of this award, as it reflects the success that you, the security and compliance customers of Splunk, have had with our product. We now have thousands of security and compliance customers across the world using Splunk for a wide range of use cases including log management, incident investigations, forensics, real-time correlations and alerting, advanced …

» Continue reading

Marines and Baby Wipes?

By Mike Glauser

What started as a cost-saving maneuver has turned into an improbable relief effort.

The Splunk Facilities team has donated more than 4,000 baby wipes to Operation Care and Comfort, a non-profit organization committed to supporting our troops during time of war. OCC has donated more than 1 million pounds of care packages to U.S. military personnel since 2003.

Operation Care and Comfort logo

Why does our Facilities team have so many baby wipes? And why do our troops want so many baby wipes? The answer to both of these questions is a happy case of coincidence.

Enter Andrew Doudna, the newest member of the Facilities team. While serving his country in the Marines, Andrew became acutely aware of what is needed on …

» Continue reading

Test-drive our new Splunk App for NetApp Bundle!

Do you like solving user and applications problems and helping your customers, but lack adequate resources? We have made it super easy for you to accelerate your journey deep into storage space! Take our new Splunk App for NetApp Bundle for a spin and we will get you there. Download it for free here.

So what is it and where will it take you?

You are getting our free version of Splunk Enterprise packaged together with our free Splunk App for NetApp Data ONTAP. With this powerful combo you get an at-a-glance view of your entire NetApp Data ONTAP storage space. Quickly explore logs, storage performance and the system configuration of your NetApp environment. You also get both Cluster-Mode and …

» Continue reading

Quick PowerShell Script to Start Splunk

Got another quick PowerShell post for you. I have a copy of Splunk running locally on my Windows 8.1 workstation. I don’t always leave it running, for obvious resource reasons, therefor I end up starting it and stopping it as needed. On Windows, there’s two ways to control the Splunk services:

  • CLI splunk.exe start|stop|restart commands
  • Windows native service control methods (and there’s a half-dozen ways to do that)

So, in PowerShell, you can just do this:

Get-Service splunk* | Start-Service

The only minor problem is that I keep forgetting to elevate my PowerShell shell, so I’ll get an error message, and then I have to open a new window, and then repeat the process.  That’s no way to automate, I said to myself, so I made this quick …

» Continue reading

Splunk Alerts: Using Gmail, Twitter, iOS, and Much More

splunk-blog-alerts-twitter

With no programming required!

One of the great features about Splunk is its built in alerting functionality. You can configure Splunk alerts to do just about anything, from sending an SMS to integrating them with another app, like ServiceNow for example.

Most Splunk users will probably want to configure alerts via email at some point. If you don’t have your own mail server you can use web based mail services like Gmail to do this. In this post we’ll explore how you can set this up and some neat ways in which you can extend upon native Splunk alerts.…

» Continue reading

Quick Tip: Upload Logs to Splunk from Windows PowerShell

I had a folder full of log files I wanted to index real quick in my local instance of Splunk. They won’t persist, so the right thing to do is to use the “oneshot” command (documented here). This can be done in the web UI, but I like doing stuff at the command line. I opened up PowerShell (elevated, as my Splunk instance runs as system) and tried this:

splunk add oneshot *.log

And this was the output:

In handler 'oneshotinput': unable to open file: path='C:\Users\Hal\temp\*.log' error='The filename, directory name, or volume label syntax is incorrect.'

It didn’t work! Ok, so my assumption was that Splunk would parse the wildcard and have at it. But no big deal, this is quick to …

» Continue reading

Quantified Splunk: Tracking My Vital Signs

splunk-blog-blood-pressure-overview

Last year Splunker, Ed Hunsinger, wrote a great post titled, “Go Splunk Yourself“, in which he shows how he’s using Splunk to track data from devices including a Fitbit, a Nike Fuelband, a Basis Band, and a Garmin GPS watch to name just a few!

Like Ed, I use a number of tracking devices and I use Splunk to analyse the data they produce. Recently – as my friends and colleagues will tell you – I’ve taken this concept of self-tracking to the next level. This has included purchasing both a blood sugar and a blood pressure monitor.

After a few weeks collecting the data I’ve uncovered some interesting trends. If you’re interested what I’ve found or how you can …

» Continue reading

Atlanta Splunk User Group meets soon!

EDIT:

We’ve decided to postpone the meetup and pick back up in July. Please track the meetup event page for the latest details!

If you are in or around Atlanta, please join us this Thursday for the June meeting which takes place in Marietta at 11:30 AM. You can find all the details at our meetup page. If you do plan to attend, please RSVP so that we can plan for food and site logistics.

Topics being discussed this time include:

  • Michael Conner, Coke CCR – Automating Splunk app deployment in AWS
  • Hutch Hutchinson, Splunk – Advanced Visualizations
  • Hal Rottenberg, Splunk – Techniques for analyzing Splunk performance

If you can’t make it to this one, please click the join button at the

» Continue reading

Calling Mobile App Builders: Bugsense is for you

A few months ago, Splunk acquired a tiny, fast growing company, Bugsense and its talented team including the founders Panos and Jon. Over the last few months, this team has been acclimatizing to the San Francisco weather, our crazy obsession with ponies, ninjas and such..

panosjonatsplunk1.jpg

So What Is Bugsense?

If you don’t know what Bugsense does – here’s a quick primer. You have a mobile app or many mobile apps. You want to know when your users are experiencing crashes. You want to know what’s causing those crashes. You want to know about handled and unhandled exceptions. You want to know this by app version, device version, OS version so you can see if your fixes worked.

Why? Because without …

» Continue reading

Splunking the World Cup 2014: Real Time Match Analysis

splunk-blog-world-cup-stadium-chart

As an Englishman I’ve been waiting months – with very high expectations – for the World Cup to come around. Reading fellow Splunker, Matt Davies’ blog post titled, “Splunking World Cup 2014. The winner will be…“, only heightened my excitement.

The tournament is now going into the second week and I’ve been starting to look at the teams, players, and tournament more closely. Which stadium holds the most people? Who’s the top scorer? Which referee hands out the most cards?

With these questions fresh in my mind I opened up Splunk and began to have a look at the huge amounts of information being streamed from the tournament. For this post I’m going to explore real-time match updates; including teams, …

» Continue reading