My experience of building Splunk application

I joined Splunk a couple weeks ago and my first challenge was to learn everything I could about how to build Splunk applications. The best way of doing that is just to write your own application – and this is exactly what I did.

Application which I wrote contains two parts. The first part of application is a very simple scripted input for Firebase, the second part of application is built with the Splunk Web Framework that shows you objects and their routes on Google Maps using both real-time or playback historic information.

I hope that my experience can give you some thoughts about how you can extend Splunk for your needs.…

» Continue reading

Ponydocs: Open Source in July, Download Beta Today

As you may remember, some time ago I mentioned we would be open-sourcing the software behind our wildly successful docs site, docs.splunk.com. Well, that moment is nigh! As of right now, the web development team has just posted a public beta.

There’s even a dramatic countdown timer so you’ll know exactly when you can come back to find out more about the project once it’s fully open-sourced. We’ll be joining the ranks of other great open-source projects from Splunk over on GitHub. Please fill out the form if you’d like be alerted when we open source as well as get a beta copy of the code.

To celebrate the culmination of years of effort, the entire web development …

» Continue reading

Introducing Shep

These are exciting times at Splunk, and for Big Data. During the 2011 Hadoop World, we announced our initiative to combine Splunk and Hadoop in a new offering. The heart of this new offering is an open source component called Shep. Shep is what will enable seamless two-way data-flow across the the systems, as well as opening up two-way compute operations across data residing in both systems.

Use Cases

The thing that intrigues us most is the synergy between Splunk and Hadoop. The ways to integrate are numerous, and as the field evolves and the project progresses, we can see more and more opportunities to provide powerful solutions to common problems.

Many of our customers are indexing terabytes …

» Continue reading

Eloqua PHP SDK

As part of our continuing open-source efforts here at Splunk, we’ve released the Eloqua PHP SDK that we’re using internally under the Apache License, version 2. We’re always very excited whenever we can contribute code back to the community, and this is certainly no exception! The SDK abstracts away a lot of the complexity inherent in dealing with SOAP, allowing developers to focus strictly on the API itself. The SDK also provides a workaround for a PHP bug in the native SOAP client where constructors don’t get called when instantiating classes mapped to SOAP types.

The tarball is available on Google Code, and example code for every SOAP method call is available in the documentation.…

» Continue reading

Savio Rodrigues: Open Source Won’t Prevent Cloud Lock-in

My fellow blogger and roustabout Savio Rodrigues has posted something interesting over at the Open Sources blog:

One of open source’s promises is to minimize vendor lock-in. However, it’s not so apparent that this value proposition holds when using software as a service (SaaS) or cloud-based platform services.

This is a great point and one we discussed at great length at last night’s Open Cloud Meetup here at Splunk HQ. One of the topics we covered was how open source seems less relevant in a cloud-y, saas-y world. Sure, everyone loves to participate in Open Source communities. While Splunk has never defined itself as an Open Source company or released an open source product, we are Open Source-friendly …

» Continue reading

SQL + Splunk = SplunkMSE

Introducing SplunkMSE (Splunk MySQL Storage Engine).

SQL is the lingua franca of structured data.  Likewise, Splunk is the way to work with highly unstructured data generated in the data center.  Data residing in relational databases can be analyzed via a plethora of off the shelf tools like Excel, Tableau, Cognos, Crystal Reports and on and on.   SQL is well known by developers everywhere. What better idea than using these tools to work with data that lives within Splunk?

SplunkMSE is fully open source. Visit SplunkMSE’s home site  for downloads, installation instructions, detailed documentation, source code and more. While there, I encourage you to ask questions, file bugs and if the overwhelming urge to fix them should arise, feel free …

» Continue reading

Python and Salesforce

Well, a few months ago, a couple of the support folks asked me about the feasibility of creating cases in Salesforce through the command line in Python, and after doing a bit of research, I realized (surprisingly) that there really wasn’t a good way to use the Salesforce API in Python *if* you want to parse a WSDL (There is an excellent package called Beatbox if you don’t want or need to parse the XML). There is a very good Python SOAP client out these days called Suds, which unlike ZSI and SOAPpy is able to handle SOAP namespace prefixes (a key for handling Salesforce’s WSDLs), but it doesn’t handle the nitty-gritty details of the SOAP interaction for you …

» Continue reading