Introducing Splunkbase Curated Experience

There are about 1,200 apps in Splunkbase today. Up until now, the typical ways to look for an app on Splunkbase have been to either search for the app, or filter through multiple apps based on several filter criteria. We have not recommended apps to our user community in the past. With the launch of curated experience at Splunk .conf2016 we are changing this by bringing the notion of “curation” to Splunkbase.

We believe this will improve the app browsing and discovery experience for our users by highlighting apps that provide the most value. The main emphasis here is on “curation of content” by a team at Splunk – sifting through all the apps on Splunkbase, and highlighting these …

» Continue reading

Best Practices in Protecting Splunk Enterprise

Splunk EnterpriseSplunk Enterprise helps companies collect, analyze, and act upon the data generated by their technology infrastructure, security systems and business applications. Customers use Splunk software to achieve operational visibility into critical information technology assets and drive operational performance and business results.

Splunk Apps enhance and extend the Splunk platform and deliver a user experience tailored to typical tasks and roles. Most customers make use of one or more of the 1000+ Apps available in Splunkbase.

While end-users are the main consumers of Apps, App installation requires full administrator access. We strongly discourage customers from granting this access to any user other than designated administrators.

Beyond restricting admin privileges, we recommend adopting the standard deployment and operation practices described briefly …

» Continue reading

Splunk and Cacti

Several options exist to bring SNMP into Splunk, with such examples as our SNMP Modular Input.  But what if you already have a SNMP collection built with Cacti?  You could consolidate, rebuild and reconfigure all the collection… but the easier option would be to take Cacti, and feed it into Splunk.  This is a great example of leveraging one tool to collect the data, but bringing all the information together into a single platform for analytics.…

» Continue reading

How’s my driving?

It was the summer of 2014. I was well into my big data addiction thanks to Splunk. I was looking for a fix anywhere: Splunk my home? Splunk my computer usage? Splunk my health? There were so many data points out there for me to Splunk but none of them would payoff like Splunking my driving…

Rocky Road

At the time, my commute was rough. Roads with drastically changing speeds, backups at hills and merges, and ultimately way more stop and go than I could stomach. But how bad was my commute? Was I having as bad an impact on the environment as I feared? Was my fuel efficiency much worse than my quiet cruise-controlled trips between New York and Boston? …

» Continue reading

Splunking Avalanches of Data

TLDR = Splunked some sensor data from a Thingsee data logger while skiing and sparked questions about avalanche safety. Dashboards of skiing data below if you don’t feel like reading.

We’ve heard it over and over again: the amount of data generated is growing exponentially. With the emergence of the Internet of Things (IoT), there is no doubt an avalanche of data (see what I did there?) coming. In fact, some say NOAA could be collecting as much as 800 terabytes of data a day, and storing over 100 exabytes by 2020. And that’s just one organization. The question we all have is how do we handle this data, no matter the structure, format, size, speed, schema, way it’s collected, …

» Continue reading

Wait, what – a youtube video for my app!?

At Splunkbase we are constantly striving to improve the experience for our users – whether it’s the app-discovery process for a Splunk admin/user, or the app-submission and management experience for our developers. We’ve been busy making changes over the last few months, and I thought this would be a good time to cover some of the more important changes we’ve made recently.

There was a lot of backend engineering work done to spruce up the infrastructure, the API, and search results relevancy – changes that are not always apparent to an end-user of Splunkbase. However, in this post I will talk about some user-facing features we recently added with the goal of improving the experience for our developer community. These features will allow you to …

» Continue reading

SMS Alerting from Splunk with Twilio

Modular Alerts

With the release of Splunk 6.3 comes an exciting new feature called Modular Alerts.

Historically the alerting actions in Splunk have been limited to Email, RSS and if you wanted to perform some custom alerting functionality then you could execute a Custom Script.

Whilst many Splunk Ninjas over the years have accomplished all sorts of amazing Kung Fu by wrangling with custom alerting scripts , they are ultimately not the most optimal approach for users and developers.

  • manual setup
  • no configuration interface
  • need file system access
  • loosely coupled to Splunk
  • no common development or packaging standard

So what if you want more alerting actions that you can plugin and present as first class alerting actions in your Splunk instance.

Well …

» Continue reading

Introducing the Splunk App for Stream 6.3 Release!

We just improved our popular and free Splunk App for Stream! In the new Splunk App for Stream 6.3 release we’ve introduced Distributed Forwarder Management (DFM), a functionality that simplifies configuration while increasing administration flexibility. The new 6.3 release is available now on Splunkbase.

As a flexible software solution, you can deploy the Splunk App for Stream anywhere in the network—on-prem or cloud environments. Your implementation can be simple—collecting data from only a handful of SPAN ports, or very complex—with hundreds of different globally distributed Stream forwarders gathering data from endpoints. If your monitoring needs are more complex, you can target and customize how and where to deploy Stream to collect wire data to meet those needs more precisely.…

» Continue reading

Instasplunk

Splunk Instagram

They say a picture is worth 1000 words. Actually it’s far more than that.

Take an Instagram image, there is tons of useful metadata behind the image – not just that tasty picture of what you had for dinner last night.

But how do you start to look at this data? I think you already know the answer to that! This post is just a quick guide showing you how to ingest and visualise Instagram data in Splunk.…

» Continue reading

Add an icon to your app or add-on

The “icon” has become a de-facto standard element of content description; it helps users to discover relevant content with just a quick look and helps your content to stand out from other apps. Until now, due to packaging limitations, only content hosted directly on Splunk Apps supported the display of  an icon.

As part of the user experience improvements we’ve made to Splunk Apps, we are introducing a new feature that allows you to attach an icon to externally hosted apps and add-ons.

To add an icon to your app: visit your app’s Edit page and look for the new option there.

Screen Shot 2014-02-03 at 2.03.15 PM

Drag and drop your new icon into the box and click Update.

Based on my observations, apps …

» Continue reading