I’ve recently developed a Splunk app called “splunkbase“.  It looks at your Splunk installation and suggests apps on splunkbase.com relevant to your data.  It analyzes your indexed data, as well as data in your file system not yet indexed.  It also suggests apps based on what other Splunk users have installed at similar installations — sort of like how Amazon will suggest items to purchase based on what other users similar to you have purchase.

The app is simple to run — it’s just one dashboard, with several reports that suggest apps.

Security: At no time is any of your data uploaded or forwarded on. The signatures of all free splunkbase apps are included with this app so…

Before we knew it, it is almost time for our 2nd annual APAC partner kick off that will fall on 19th till 21st March 2013 at magnificent Bali, Indonesia. As a preview to all the partners who will be attending this kick off with us, we have lined up a series of rock solid business and technical tracks that will definitely keep their time away from the beaches and bars. I’m sure the partners will gain tremendous values out from these three days.

There are close to 30 tracks that will be delivered, and topics range from global deployment considerations to Splunk modular inputs and SDK to even a rare chance to hear what our legal has to say…

With the release of Splunk 5.0, the Simple XML language we use to define the dashboards and forms for an app was greatly extended. So, we were given a challenge – could a reasonably complex app, such as the Splunk App for Microsoft Exchange – be represented using only Simple XML?

I work a lot with the various people who plan, deploy and support the Splunk App for Active Directory. Some issues come up quite frequently and I thought it would be a good idea to give you a roadmap of things to check as you deploy your environment. I’ll go through the issue and how to check for it so that you can make your roll-out as smooth as possible.

Have a mobile app that sends data to Flurry? Would you like to do some custom analysis on that data? Splunk to the rescue!

The new Flurry App for Splunk provides a scripted input that automatically extracts events from an existing Flurry account.

I am pleased to announce that the Splunk App for *Nix version 4.6 is now available on Splunkbase!  Similarly, the Splunk Technology Add-on for *Nix version 1.1 is now available on Splunkbase as well.

I’ve just got back from .Conf 2012 in Las Vegas, and it was a great conference. I had a great time and met some great customers. We had a booth in the Splunk Labs area demonstrating both the Splunk for Microsoft Exchange app and the Splunk for Microsoft Windows Active Directory app. We spoke to a lot of customers, many of whom were implementing the apps, and even more thought they should be implementing them after seeing the demo. We did two very technical sessions on best practices for deploying each app. We found that too many gigabytes give you a hangover. And yes the rumors are true, there was a monkey.

While at the booth and after the sessions, I answered some fairly common questions, so I’m going to start blogging a little more frequently to share those questions and of course my answers. My first one is this: “How do I alter the Splunk_TA_windows to log to winevents (as recommended) instead of main?”

Is that possible at all? At Splunk, we are constantly experimenting ways to make Splunk more usable. This new approach allows users to “talk” to Splunk (with a microphone) and transforms natural language into Splunk search command.

Notice the small little microphone icon in the textfield? That small little icon unlocks a huge potential to make splunk more user friendly.

Interested to learn more about this concept app?
Come join us at the Chalk-talk session on
Monday, September 10, 2012
5pm – 7pm
Gracia Commons, Level 3 Cosmopolitan Hotel

Here’s a thought. “Visualizing the content in the /etc/apps directory of your Splunk instance”. Is that possible with Splunk? There’s an app for that.

Here’s a sneak preview of the app …

Come join us and learn more in the Developing on Splunk sessions at .conf!

Hello! How may I help you? Hmmm … you want to visualize your indexed data with other means other than the traditional pie charts, bar charts and tables? I see … and you want to have full control to integrate external tools and plugins into your app because you are feeling adventurous? Is that possible with Splunk?

APPS-olutely!

Come join us and learn more in the Developing on Splunk sessions at .conf!

Let’s discover together the interesting yet easy to understand approach in developing custom apps that work seamlessly with Splunk as your data platform. Explore the ways how to make use of external tools to visualize your events as illustrated below: