Smart AnSwerS #2

Hey there Splunk community!  Welcome to the 2nd installment of Smart AnSwerS!

We’re in the last month of the year and entering prime holiday season, but big data waits for no one ;D — Check out this week’s featured Splunk Answers posts:

Is there a guide or map to understand Splunk’s internal indexes and their log content?

This topic is a great read and points you in the right direction to a better understanding of what Splunk logs about itself. ChrisG references a helpful page from the Splunk Troubleshooting Manual that contains a list of the various internal logs and a description of each one. However, the poster of the question (feickertmd) needed to dig a bit deeper into …

» Continue reading

Smart AnSwerS

Hello, and welcome to the debut of Smart AnSwerS, a weekly blog series featuring posts from Splunk Answers on trending issues, interesting use cases, and more!

For the last couple of months, I’ve been reviewing incoming content on Answers and selecting high-value postings to summarize and email weekly to my compadres on the mighty Splunk Support team. Pretty quickly, we realized that this information wasn’t just useful to Support–it is useful to everyone who uses Splunk–so here we are. This first installment is a bit of a best-of from the previous emails, but look for a new blog post each week chock full of specially-curated Answers for you to expand your brainmeats with.

Answers? What’s that?

If you aren’t familiar with Splunk

» Continue reading

My First Post – “Know your Splunker”

So here it is, my first blog post as Splunker, and boy has it been a long time coming!  Writing a blog post has been something I’ve been asked to do for pretty much as long as I’ve worked at Splunk.  It’s not that I didn’t want to write a blog, but more that I could never come up with anything cool/fun to say.

Then it finally hit me today, while I was walking around the office (and someone called me Amrit?!?!) — I have no idea who sits 4 desks away from me!  With that in mind, starting next week week, I am going to try to do a blog series called “Know your Splunker”.  It’s meant not only …

» Continue reading

Splunk Joins Public-Private Partnership to Improve Cybersecurity

Last week Splunk joined several other companies at U.S. NIST’s signing ceremony symbolizing our participation and partnership in the National Cybersecurity Center of Excellence (NCCoE).

There’s no doubt that there is a critical need to protect private-sector intellectual property and other valuable business data from a growing number of cyber threats. This partnership illustrates our commitment to the spirit of collaboration while providing real-world cybersecurity capabilities that address business needs.

The NCCoE has three key goals:

  • Provide practical cybersecurity – Help people secure their data and digital infrastructure by equipping them with practical ways to implement cost-effective, repeatable and scalable cybersecurity solutions.
  • Increase rate of adoption – Enable companies rapidly adopt commercially available cybersecurity technologies by reducing their total cost
» Continue reading

Splunk Challenge 2012 – A Competition in Operational Intelligence

“Put 40 students in a room, give them Splunk with some data sources and see what they can come up with”, suggested Lord Lau.

“Aye aye Chief”, I replied meekly. In front of Lord Lau, you have only one choice, and that is to take all these tasks with stride.

And so this was the beginning of a series of collaboration with Nanyang Polytehnic in Singapore to promote the awareness of machine data and Splunk as the platform for operational intelligence. The NYP (Nanyang Polytechnic) and Splunk team sat down and deliberated on the format of the competition, the type of questions, the type of data sources as well as the pre-preparation work that have to be done. Some of …

» Continue reading

You’re happier with fewer friends

Using the new Splunk Sentiment Analysis app I was able to correlate how positive tweets were, depending on how many people follow a twitter account. It’s a slight stretch, but essentially, are you happier with more friends?

index=twitter | sentiment twitter body | chart avg(sentiment) by actor.followersCount

It seems that people with smaller circles of friends are more positive. More friends equals more negativity, up until about 75 friends. Seems like a fairly good life lesson, but take it a grain of salt — spam twitter accounts may skew things.…

» Continue reading

Congratulations to the Newly Minted APAC Splunk Architects (Lab Exam)

Time flashes past and as I get older, it suddenly dawns upon me that seriously; time and tide waits for no man. Just a week ago, the entire APAC partners met in Kota Kinabalu, which was really a superb place to hold our kickoff as well as to bring the families along. The idea was to maroon all the partners in an island, give them just a few drops of beer and force them to listen to our Big Data Strategy as well as our differentiators.

Guess what? It worked! I didn’t see any partners strolling along the beach (except myself but that is another story..) and all of them were extremely attentive and stayed throughout the breakout sessions …

» Continue reading

Splunking Outside The Box -v2.0

If you attended my technical presentation @ the Splunk 2010 users.conf event last called “Splunking Outside The Box“, then you’re probably aware of just how esoteric my thinking can be when it comes to creatively leveraging Splunk for the more non-sensible, yet highly educational use cases.

For example, I showed-off my Splunk for Texas Lotto App, which my team here @ Splunk uses each month to pick our “winning” numbers.

So far, we’ve won about $26…but we’ve spent ten times that amount along the way. But that’s beside the point.

Anyway, at this year’s conference I am hoping to avoid those everyday boring run-of-the-mill searches and get you thinking outside the box yet again.

Yes, I plan to …

» Continue reading

Introducing the New Splunkbase

If you are a regular visitor to our web site, then you are probably familiar with Splunk Answers, our community-driven question and answer site, which has been a runaway success. You may also be familiar with our app and add-on sharing gallery, Splunkbase. When Splunkbase re-launched last year, it was pared down from previous iterations, but we knew it was only a starting point and would evolve to meet the Splunk community’s needs – the question was how and when.

The success of Splunk Answers pointed the way forward – Splunkbase needed to be more dynamic, more responsive, and there needed to be a way to communicate and collaborate with those who participated on the site. We had great success …

» Continue reading

All Business at SplunkLive Dallas

I had the pleasure of hosting SplunkLive Dallas late last week, with some of the best customer presentations yet from MetroPCS, Pegasus and Louisiana State University. 95 people attended, and nearly everyone stayed on for the afternoon technical sessions to dive deep into Splunk hands on.

What was remarkable about this event, to an even greater degree than other recent SplunkLives, is the extent to which Splunk deployments have evolved from simple search and break/fix – you could easily see an emerging maturity model for operational intelligence at work.

Lamar Holtzclaw, our local senior sales engineer in the Dallas area, gave a great demo showing exactly how Splunk can be used to quickly find SLA violations amongst transactions spanning multiple …

» Continue reading