Smart AnSwerS #2
Hey there Splunk community! Welcome to the 2nd installment of Smart AnSwerS!
We’re in the last month of the year and entering prime holiday season, but big data waits for no one ;D — Check out this week’s featured Splunk Answers posts:
Is there a guide or map to understand Splunk’s internal indexes and their log content?
This topic is a great read and points you in the right direction to a better understanding of what Splunk logs about itself. ChrisG references a helpful page from the Splunk Troubleshooting Manual that contains a list of the various internal logs and a description of each one. However, the poster of the question (feickertmd) needed to dig a bit deeper into …
Hello, and welcome to the debut of Smart AnSwerS, a weekly blog series featuring posts from Splunk Answers on trending issues, interesting use cases, and more!
For the last couple of months, I’ve been reviewing incoming content on Answers and selecting high-value postings to summarize and email weekly to my compadres on the mighty Splunk Support team. Pretty quickly, we realized that this information wasn’t just useful to Support–it is useful to everyone who uses Splunk–so here we are. This first installment is a bit of a best-of from the previous emails, but look for a new blog post each week chock full of specially-curated Answers for you to expand your brainmeats with.
Answers? What’s that?
If you aren’t familiar with Splunk …
Introducing the new Splunk App for AWS
Today we’re excited to announce the release of a fully re-written and much expanded Splunk App for AWS. Get it here and gain immediate operational assurance and visibility for your AWS-hosted infrastructure.
What’s new with the app?
- Works with Splunk Add-on for Amazon Web Services
- New dashboards and visualizations for AWS Cloudtrail
- New alerts for AWS CloudTrail
- New dashboards and visualizations for AWS Config
- Billing Reports provided by Splunk Add-on for Amazon Web Services
AWS CloudTrail records user API activity and related events for your AWS account. Using the <Splunk Add-on for Amazon Web Services> you can retrieve details about the actions made by the caller, including the caller’s identity, the time of the call, the request …
Congratulations, Splunk Revolution Award Winners!
Every year at .conf, Splunk’s annual worldwide users’ conference, we shine a big spotlight on the Revolution Awards. These awards, and their associated categories, distinguish the achievements of individual customers and recognize the many adventurous and cool things they are doing with Splunk software at their organization.
We announced this year’s Revolution Award winners during the Partner Soiree at .conf2014 at a ceremony that was followed by a fun game of Splunk Family Feud where the winners split up into two “families” and were subsequently joined by Splunkers. Winners were again recognized during our keynote sessions opened by Splunk Chairman and CEO Godfrey Sullivan. We also celebrated with award winners at a customer appreciation dinner later in the week at …
Now Time For the Splunk Weather Forecast
If you were at .conf last week you would have likely seen some of the exciting Internet of Things projects people are using Splunk for. I think Ed Hunsinger put it best:
So far I’ve heard about @splunk being used for planes (Royal Flying Doctor), trains (New York Air Brake), and automobiles (VW). #splunkconf
Watching .conf 2014 from a far in the UK, I got excited about some of my own IOT projects. Then I remembered Brian Gillmore’s call for cool projects using Splunk with the RaspberryPi. At the same moment, by pure chance, I got an email telling me AirPi circuit boards (a RaspberryPi connected weather station) were back in-stock.
And it was settled. I would build a RaspberryPi …
How to boost your apps performance with insights from virtualization and storage?
Are you getting the most out of your virtualized infrastructure investment? If your critical applications are suddenly running slow, how do you identify where exactly and how widespread is the issue causing the degradation. Is it the storage latency problem, overcommitted resources or something else? To find out answers to these questions and more join our “Getting Deeper Insights Into Your Virtualization and Storage with Splunk” session on Thursday, October 9th, 11:45 AM, suite 121-122.
Here is a sneak peek into our session. First, we will dive deeper into Splunk Apps for VMware and NetApp Data ONTAP and help you get better understanding of the value these extremely popular Splunk apps can bring to your enterprise. After that our amazing virtualization expert Mike Donnelly, …
Live in Vegas – Splunk Operational Analytics for Networking and SDNs
Are you going to .conf2014: The Fifth Annual Splunk Worldwide Users’ Conference?
Do not miss our “Splunk Operational Analytics for Networking and SDNs” session on Wednesday, October 8th, 10:30 AM! There, you will learn how Splunk software can help you optimize networking resources for the most efficient application performance and gain end-to-end visibility into your traditional as well as software-defined networks. We will also highlight Splunk software integrations with key vendors in networking space including Cisco, Arista, Ixia, Emulex (Endace) and others. In the demo part of our session, we will showcase Cisco ACI for Splunk Enterprise app.
You will learn how to utilize Splunk software for proactive monitoring of Cisco ACI to dramatically reduce troubleshooting times, optimize applications delivery and …
Mainframe machine data in Splunk – Made way easier!
In the past, IT professionals have had to maintain specialized and expensive tools to monitor their mainframes. Mainframe operational insights are important but even more so in the context of the rest of the infrastructure and application performance and operational data. Now getting these insights is only a few steps away – I am very excited to announce Syncsort’s Ironstream, the latest addition to our Splunk apps.
Ironstream enables our and Syncsort’s joint customers to collect, visualize and report on mainframe log data in Splunk Enterprise and Splunk Cloud. This rich source of mainframe machine data includes z/OS log files such as syslog, various SMF records, WebSphere Log4j and more.
There are many benefits of analyzing mainframe data …
Splunk Command> Cluster
Being a Splunk sales engineer is incredible. I get to talk to customers about their use cases, ‘Splunk’ their data, and together discover the insight Splunk provides them. Initial demos typically start with the search bar, looking for keywords in their data. Usually doesn’t take long before the “Ah Hah!” moment comes – either by using Splunk’s intuitive GUI to interact with extracted fields of interest or employing a very small subset of the 130+ search commands with in the search bar to gain operation intelligence not readily seen before. At a recent customer visit I employed the Splunk on Splunk (S.o.S.) App, explored some of the underlying searches and noticed the cluster command, which I never used before. …
Updating the iplocation db
When Splunk added the new version of the iplocation command in v6.0, it added the ability to add location info without the need for internet concenttivity. We did this by shipping a custom version of the MaxMind DB in the 6.0.x release. However, because we used a Splunk specific version of the DB, you still had to wait for a new version of Splunk to get a new copy of the DB.
In 6.1 we added support for using the native MaxMind DB (.mmdb), allowing you to update the DB yourself at anytime! It looks like some of you have already figured this out (Go George go!), but I figured I would add some additional info about this …