Smart AnSwerS #35

Hey there community and welcome to the 35th installment of Smart AnSwerS.

For all the hard work put into making all things Splunk as awesome as possible, a group of Splunkers were taken on a day trip to Sausalito, CA for some kayaking and paddleboarding action in the bay. The morning was chilly, cloudy, and windy, so most folks avoided falling into the water like the plague, but of course the overcast gloom cleared up to show off some sun and blue skies AFTER we were done. It’s just good ole San Francisco Bay Area weather teasing us in its true, unpredictable form. Nonetheless, folks had a great, and well deserved, time :) Great job and big thanks to …

» Continue reading

Splunking Box Data – User Authentications

The Splunk Add-on for Box collects a lot of valuable data including Box users, files, folders, groups, and more.  Included in the Splunk Add-on for Box are several pre-built panels to get quick insights into this data.  The purpose of this post is to introduce various use cases around Box data included in the pre-built panels and custom searches and visualizations not included in the pre-built panels.

User Authentications

Before a user can access Box content, they have to authenticate.  It is important to keep an eye on the percentage of failed logins, where logins are coming from, user accounts associated with failed logins, etc.  The Splunk Add-on for Box has an event type named box_events_authentication that gives you all the …

» Continue reading

Storytelling: The Heart of Splunk Beats at .conf2015

I love a good story. It’s when you hear an amazing story that the lines blur between what you were told and what you actually feel. I also believe there is great power in a well-told story – the power to motivate, teach, inspire, and entertain.  In business, we often use our podium time to help teach or report out, but when I hear people share ideas through emotionally-charged storytelling, I find that I’m more apt to relate to and then recall what was said.

Splunk-conf2015-K-RGB-450x150

Our Splunk customers are some of the best storytellers I know. When they present, I often feel like I’m listening to ancient explorers or modern-day detectives who are using Splunk software to make rare discoveries …

» Continue reading

Collecting docker logs and stats with Splunk

I’m working at Splunk, but this is my personal thoughts. I have some knowledge about Splunk obviously, but you should not consider this as an official Splunk manual. Everything I did here – I did only for my personal needs and my free time.

You cannot really feel safe for the services you run if you don’t monitor them. There are plenty of great tools which allow you to monitor your docker environments, like cadvisor and some other cloud solutions. I did not want to use cloud solutions, because they can also upload some sensitive information, like environment variables, where I could keep passwords for AWS backups. So I wanted to use something like cadvisor, but with historical information and …

» Continue reading

Earning a Seat at the Table: Why Containers Matter

Docker-logo Container technologies like Docker matter to the enterprise for three key reasons:

1. Density
2. Portability
3. DevOps

Density is about extracting as much value from your infrastructure as possible. Private clouds deployed using traditional VM’s are memory-bound, which is why most private clouds still run with single or low double digit CPU utilization. I was able to run my private cloud at roughly 2 VM’s per core, where each VM hosted an application server instance. Using containers, I was able to get roughly 10 containers per core, where each container hosted an application server instance with an identical configuration.

Screen Shot 2015-08-21 at 3.24.53 PM

Similar to virtual machines, containers are inherently portable – they abstract the underlying hardware from the app, enabling the app …

» Continue reading

Smart AnSwerS #34

Hey there community and welcome to the 34th installment of Smart AnSwerS.

An exciting announcement just went out earlier this week, and that was the launch of the Community MVP Program, the SplunkTrust. The Splunk community is full of amazing leaders that are passionate about our various products and actively share their knowledge with other users to grow and learn, whether that be through active participation on Splunk Answers, Splunk User Groups, writing blogs, and many more avenues. These helpful leaders are what being a SplunkTrust member is all about. Read through the SplunkTrust blog announcement by Rachel Perkins, the Sr. Director of Community, to learn more about the program, the awesome perks of being a …

» Continue reading

Announcing the SplunkTrust Community MVP Program!

The meaning of the Splunk fez we know and love is about to come into sharper focus–splunktrust
–as the symbol for our new Community MVP program, the SplunkTrust.

The Splunk user community is one of the strongest, best communities in the world. We’re excited to be able to recognize our community leaders formally, thank them for their passion and service to other users, and to give them opportunities to learn about our roadmap and share product and process feedback with us.

What makes someone a SplunkTrust member?

SplunkTrust membership is open to Splunk customers and partners, and is renewed yearly. You can apply yourself, or nominate someone else. You do not have to be a ‘paying’ customer–your community contributions are what matter here. If you are nominated, …

» Continue reading

Smart AnSwerS #33

Hey there community and welcome to the 33rd installment of Smart AnSwerS.

Yesterday, two teams of Splunk interns presented their Splunk4Good Hack projects in a contest where they had to create an app using public open source data in a way that could highlight issues affecting different communities, build awareness, and spark constructive conversations. I had the opportunity to help judge the contest and see what awesome work some of the Splunkterns put together throughout their time at Splunk for the Summer. BIG congratulations to the winners Brooke Wenig and Aamir Goriawala for their app using public San Francisco crime data to find trends for certain types of criminal activity throughout different districts in San Francisco. They made …

» Continue reading

Meet the Splunkterns: Ryan Flynn

IMG_0935 Welcome back to our “Meet the Splunkterns” series. This week our featured Splunktern is Ryan Flynn, a Software Engineering Intern working in the Content/Applications (ITSI) Department. Ryan is from Dublin, CA and is majoring in Computer Science at the University of California, Berkeley.

We got the chance to speak with Ryan and here is what he had to say about his summer in The City as a Splunktern:

How did you find out about Splunk’s internship program?
I briefly spoke to a recruiter at a career fair on campus and dropped off my resume, but I learned more about it when one of my friends from school was given an offer to work for Splunk in Seattle.

What kind of

» Continue reading

Smart AnSwerS #32

Hey there community and welcome to the 32nd installment of Smart AnSwerS.

The SF Bay Area Splunk User Group met up this week at Splunk HQ which opened up a lot of great discussion between fellow Splunkers and customers alike. Octavio Di Sciullo, Principal Supportability Engineer at Splunk, covered a presentation on the Distributed Management Console and also facilitated a discussion between everyone present. It was a great opportunity to pick their brains on how they currently manage and monitor their Splunk deployments, but also hear their woes with current built-in features, including the DMC. The takeaways from the meeting were constructive and helpful in how to improve the long term supportability of the product, making the lives of …

» Continue reading