With the release of Splunk 5.0, the Simple XML language we use to define the dashboards and forms for an app was greatly extended. So, we were given a challenge – could a reasonably complex app, such as the Splunk App for Microsoft Exchange – be represented using only Simple XML?

To all .conf attendees, thank you for attending my presentation today. It was really heart-warming to see the strong support from you. The room reached full-occupancy within minutes!

To those that missed this session, there will be an encore session to talk about the internals of the concept viz app. We’ll look at the design and then dive straight into the codes:

Visualizing your Big Data
Castellana 1
Thursday, Sept 13, 2012
11:45am -12:15 pm

See you tomorrow and we’ll see how far your BIG data take you in your journey!
Follow me at @nicholaskey or http://blogs.splunk.com/author/nkey

Is that possible at all? At Splunk, we are constantly experimenting ways to make Splunk more usable. This new approach allows users to “talk” to Splunk (with a microphone) and transforms natural language into Splunk search command.

Notice the small little microphone icon in the textfield? That small little icon unlocks a huge potential to make splunk more user friendly.

Interested to learn more about this concept app?
Come join us at the Chalk-talk session on
Monday, September 10, 2012
5pm – 7pm
Gracia Commons, Level 3 Cosmopolitan Hotel

Here’s a thought. “Visualizing the content in the /etc/apps directory of your Splunk instance”. Is that possible with Splunk? There’s an app for that.

Here’s a sneak preview of the app …

Come join us and learn more in the Developing on Splunk sessions at .conf!

Hello! How may I help you? Hmmm … you want to visualize your indexed data with other means other than the traditional pie charts, bar charts and tables? I see … and you want to have full control to integrate external tools and plugins into your app because you are feeling adventurous? Is that possible with Splunk?

APPS-olutely!

Come join us and learn more in the Developing on Splunk sessions at .conf!

Let’s discover together the interesting yet easy to understand approach in developing custom apps that work seamlessly with Splunk as your data platform. Explore the ways how to make use of external tools to visualize your events as illustrated below:

What has Splunk got to do with Mobile Grocery Shopping? This is indeed an intriguing topic, and we have recently worked with the Infocomm Development Authority (IDA) of Singapore to have a working showcase to demonstrate how Splunk is used as the data engine to collect, index and report on the machine data that are generated from Near Field Communication (NFC) handsets where they are used to emulate mobile grocery shopping.

This showcase will be located at the iExperience Centre, which is located at Esplanade Xchange along the shortest underground linkway between Raffles City and Suntec City.

Some of the highlights for this year include:

…

We took a new corporate instance of Splunk into production last fiscal year, via the efforts of Paul Stout, my manager of Splunk applications, and the team who worked with him from our IT operations and professional services departments. The facilities group just ringed the office space with monitors to display some of the key dashboards we use on a daily basis to monitor and manage our assets. We are rolling out the Splunk App for Enterprise Security 2.0 and the latest app for VMware, and these have been major developments on our road map.

Had a nice reminder of how a passion for Splunk so often starts with someone from an operations trying to solve a specific problem and…

Following the successful release of the first Splunk App for Microsoft Exchange in August 2011, we just released an updated version. The Splunk App for Microsoft Exchange v1.1 allows you to monitor server health, e-mail messages and users across your Microsoft Exchange 2007/2010 infrastructure. Here are the top reasons you should install or upgrade.

There is a lot to like in Splunk 4.3 for security use cases, but three items should be of particular interest to security professionals.

Sparklines – Adding Time to Tables for Reporting

I use tables of information in several of the security reports I create. Usually I’ll want to track a particular type of event and include the number of times it happens along with an average over a period of time. This allows me to benchmark a particular threshold and use that as the impetus for an investigation. For example:

I want to track the number of successful accesses against assets where critical data is stored over a twenty-four hour period by user. My table will contain the name…

We wrapped up our SplunkLive events for 2011 by migrating to warmer climates–namely, deep in the heart of Texas.

We even had a few customers from the Great White North join us on our migration path. Josh Diakun from Interac/ Acxsys and Derek Mock of Ceryx flew from Toronto to wow the Texans with all the different ways they’re using Splunk. And for some local flavor, Bob Jones from the City of Corpus Christi rounded out the agenda with tips and tricks to help fledgling Splunkers get started.

<public service announcement>

First I must say, this. This is a trio of superstars in the Splunk community. They use Answers, attended .conf, post apps to Splunkbase, hold lunch and learns…