Configuring Nginx With Splunk, REST API & SDK Compatibility
Last year I posted an article on how to configure HAProxy with Splunk, REST API & SDK compatibility. Yesterday, I posted an article on how to configure Nginx as a load balancer in front of a tier of HTTP Event Collectors. Today, I want to iterate on the work I did yesterday and show a basic config for Nginx that’s compatible with Splunk, the REST API and SDK’s.
You’re going to need to build or install a version of Nginx that enables HTTPS support for an HTTP server.
If you install from source and don’t change the prefix then you’ll have everything installed in /usr/local/nginx. The rest of the article will assume this is the …
Splunk in Space: Splunking Satellite Data in the Cloud
This year a Team of Splunkers attended the ESA App Camp 2015 in lovely Frascati, Italy. The topic of this year’s challenge was:
“There are thousands of ways to enrich apps with data from space – what’s yours?”
The Splunk team featured Robert Fujara and Philipp Drieger alongside with camp participants Claire Crotty and Anthony Thomas. Together the team created a mobile web app that accessed a Splunk Cloud instance to analyze geolocation-based satellite data and inform users about different environmental indicators across Europe. Users can input their preferences in terms of living environment and based on different indicators they then receive recommendations on which city or region would suit them best.
The key data sources for this project…
Using The SplunkJS Stack – Part 1
I’ve recently helped a customer integrate the SplunkJS stack into their own custom web application. I wanted to spread the knowledge so others could learn as well.
What is the SplunkJS stack you ask? The SplunkJS stack is a component of the Splunk Web Framework that allows web developers to create apps in their own development environment allowing them to access and manipulate Splunk data. This allows you greater flexibility over the look and feel of your app, including the use of third party visualization tools like D3 and Keylines.
This blog post will be a three part series. I will be covering the following topics in detail.
Configuring HAProxy & Splunk With REST API & SDK Compatibility
As a customer of Splunk I used HAProxy as a software load balancer to distribute users amongst my search heads. I was using the old search head pooling technology at the time, but the same principal holds true for our search head clustering feature; both require a load balancer to distribute users to your search heads. At the time, I couldn’t quite get HAProxy configured to allow use of the REST API. I now believe that was a function of the fact that I was on the 1.4.x branch which didn’t support SSL proxying.
Late last year I had a customer who used our professional services to help with a project. It revolved around using our SDK’s and REST API …
New features and APIs
- Added Service.getJob() method for getting a Job by its sid.
- Added Service.ConfigurationFile.getDefaultStanza() method for getting the [default] stanza of a conf file.
- Updated the GitHub commits example to show this functionality.
- The node/helloworld/get_job.js example shows how to get a Job by its sid.
- The node/helloworld/endpoint_instantiation.js example
New support for authoring modular inputs in Node.js
In this post, I’ll show you how to create a modular input with Node.js that pulls commit data from GitHub into Splunk.
Node.js is designed for I/O intensive workloads. It offers great support for streaming data into and out of a Node application in an asynchronous manner. It also has great support for JSON out of the box. Finally, Node.js has …
New Splunk Tools for .NET Developers
Today we’re releasing a new suite of tools for .NET developers so you can supercharge your .NET development with Splunkl!!
CC image Supercharger by Eaday on Flickr
This release is a continuation of our commitment to provide developers a rich platform for developing Splunk solutions.
- C# SDK 2.0 – A new, modern, C# SDK for building cross-platform solutions that consume Splunk’s API and/or which extend Splunk.
- Logging libraries – These libraries allow you to easily wire logging in your existing .NET applications to send log data to Splunk via TCP or UDP. It provides .NET Trace Listeners as well as sinks for the Semantic Logging Application Block (SLAB).
- Visual Studio Extension – This extension makes it really easy to get
Recently I had a request internally for how to access the Export endpoint from Splunk from a node.js application. The Export endpoint is useful for exporting large amounts of data efficiently out of Splunk as it will stream the results directly rather than requiring you to continually poll for more results. It turns out we don’t support the Export endpoint currently in our JS SDK, but it is very easy do access it yourself using Mikael’s super simple request module.
A picture (or a snippet in this case) tells a thousand words. Below you can see how to export Splunk’s internal index. Once you start it up it will instantly start streaming. Make sure you have enough disk space, or …
Using Splunk as a data store for developers
A number of years ago, I wrote a blog entry called Everybody Splunk with the Splunk SDK, which succinctly encouraged developers to put data into Splunk for their applications and then search on the indexed data to avoid doing sequential search on unstructured text. Since it’s been a while and I don’t expect people to memorize the dissertations of ancient history (to paraphrase Bob Dylan), I’ve decided to write about the topic again, but this time in more detail with explanations on how to proceed.
Why Splunk as a Data Store?
Some may proclaim that there are many no-sql like data stores out there already, so why use Splunk for an application data store? The answers point to simplicity, …
My experience of building Splunk application
I joined Splunk a couple weeks ago and my first challenge was to learn everything I could about how to build Splunk applications. The best way of doing that is just to write your own application – and this is exactly what I did.
Application which I wrote contains two parts. The first part of application is a very simple scripted input for Firebase, the second part of application is built with the Splunk Web Framework that shows you objects and their routes on Google Maps using both real-time or playback historic information.
I hope that my experience can give you some thoughts about how you can extend Splunk for your needs.…