Join Splunk at the Emirates Travel Hackathon next weekend!

Emirates Travel Hackathon logo

Splunk is pleased to be sponsoring the Emirates Travel Hackathon next weekend, and we want to see you there! The event is taking place Nov 7th in San Francisco, and is open to all who want to participate in a great event with real prizes. Come out, learn something new, and solve challenging problems in the realm of travel! What should you build? Here’s what Emirates is looking for (from the FAQ page):

The hack should revolve around the experience of traveling. There are many websites and applications that focus on the logistics of travel – scheduling flights, reserving seats, booking hotels, etc. However, we’re looking for apps that help people experience the excitement of travel to the fullest extent, so get creative

» Continue reading

Splunking Sensor Data with Arduino and HTTP Event Collector

It’s been (relatively) chilly in the SF office the last few weeks, but given “how I feel” is rather subjective I figured it would be an excellent chance to both gather some empirical evidence, and try out the new Splunk HTTP event collector! In this post I will walk you through setting up an Arduino with an ethernet shield and temperature sensor to log data directly to Splunk.



Arduino Duemilanove

Ethernet Shield (the older model but new should work too)

Arduino Sketch (code)

Splunk 6.3 (even the free one!)

Wiring It Up (Fritzing Diagram)


Setting Up Splunk HTTP Event Collector

First things first, lets set up the HTTP Event Collector to be able …

» Continue reading

Achieving scale with the Kafka Modular Input

A hot topic in my inbox over the recent months has been how to achieve scalability with the Kafka Modular Input , primarily in terms of message throughput. I get a lot of emails from users and our own internal Splunk team about this , so rather than continuing to dish out the same replys , I thought I’d just pen a short blog to share some tips and tricks.

So let’s start off with this simple scenario :

  • a single instance of Splunk 6.3
  • downloaded and installed the freely available Kafka Modular Input from Splunkbase

These are the scaling steps that I would try in order.

Enable HTTP Event Collector output

With the recent release of Splunk 6.3 , …

» Continue reading

Getting Smarter with Splunk; Lessons Learned in Higher Education

university-of-adelaide-logoSplunk has a lot of smart people working to bring you the best product experience and return on investment that we can. I am always humbled, however, when customers come back to Splunk with ideas that are brilliant, creative, and valuable… and something that we as a company would probably have never thought of ourselves. Splunk a train? We got that. Splunk a plane? We got that. Splunk an automobile? We got that too.

Which is why the potential of working with the best universities on the planet is so exciting – once these folks understand and explore the power of Splunk, the ongoing transformation of the research and teaching institutions will accelerate in ways we can …

» Continue reading

HTTP Event Collector, your DIRECT event pipe to Splunk 6.3

At .conf2015, we introduced HTTP Event Collector, a new exciting capability for developers to send events from applications, DevOps tools, and IoT into Splunk. In this post I’ll explain what it is and how it can help.

Why something new?

A common request we’ve heard from you, the Splunk developer community, over and over is “How can I send data directly to Splunk?”. When you say direct, what you really mean is without needing a local forwarder and generally you are talking about sending from clients living outside the corporate network.

Up until your options have been to use TCP/UDP inputs or the REST API. Each of these are usable, but they have their challenges and limitations as they …

» Continue reading

Scheduled Export of Indexed Data

I’m really enjoying playing with all the new Developer hooks in Splunk 6.3 such as the HTTP Event Collector and the Modular Alerts framework. My mind is veritably fizzing with ideas for new and innovative ways to get data into Splunk and build compelling new Apps.

When 6.3 was released at our recent Splunk Conference I also released a new Modular Alert for sending SMS alerts using Twilio, which is very useful in it’s own right but also a really nice simple example for developers to reference to create their own Modular Alerts.

But after getting under the hood of the Modular Alerts framework, this also got me thinking about other ways to utilise Modular Alerts to fulfill other use …

» Continue reading

Splunking NRL 2015. The winner will be…




The 2015 National Rugby League (NRL) season comes to a breathtaking end this weekend with Brisbane Broncos playing the North Queensland Cowboys in Sydney this Sunday. While I was planning out the weekend I started wondering how would these two Queensland teams perform playing in Sydney. As most sports fans would know, there is a common myth that teams perform their best when playing at home…but is this really true? I thought I’d try and find out by Splunk’ing some historical NRL data and asking some tough questions. I then created four dashboards that I’ll discuss below.…

» Continue reading

Follow the Roadmap to IT Operational Intelligence

Screen Shot 2015-09-03 at 9.24.46 AM
At Splunk, we’re committed to helping customers make their way down the path to Operational Intelligence (OI), from troubleshooting to proactive monitoring to end-to-end service-level visibility. While every journey may be unique, we’ve created an interactive video to help customer’s plot their way through the levels of OI.

While watching the video, you can click into it to view a complimentary white paper to learn more about how Splunk collects, indexes and correlates the machine data needed to let you quickly troubleshoot issues and outages, monitor end-to-end service levels and detect anomalies.

Learn how Splunk customers have gone on their OI journey to reduce mean-time-to-resolution (MTTR), lower monitoring costs, improve system uptime and support strategic initiatives like datacenter optimization and …

» Continue reading

Meet the 2015 Splunk Answers karma contest winners!

Congratulations are in order for Splunk Answers users Gregg Woodcock and Somesh Soni, this year’s winners of a free pass each to the 2015 Splunk Worldwide User’s Conference in Las Vegas!  Gregg won the July pass*, and Somesh won the August pass.

Every summer, we have a series of contests on Splunk Answers to award free passes to .conf. If you get the most karma points (awarded on the site for answering Splunk questions and helping other users) for a given contest month, you win!

If you’re coming to .conf this year, make sure to find Gregg and Somesh and shake their hands! Community rockstars like these are what make Splunk great. I’m grateful to be able to recognize and …

» Continue reading

Tea and Biscuits and Operational Intelligence

KettleWherever in the world you are reading this, there’s always time for a cup of tea. Whether it is English Breakfast, Earl Grey, Peppermint or Roobois, in the 4-5 minutes it takes you to make “a cuppa” (British slang) you can also get your Operational Intelligence Benchmark score based on EMEA wide research conducted by industry analyst Quocirca and Splunk. I’m going to guide you through the steps whilst making my own cup of tea:

  1. Fill the kettle up and switch it on. Your water should boil in about 2 minutes.
  2. Whilst it is boiling, open your web browser and visit (English), (German) or (French) and click “start”


  3. Select your industry, answer the twelve quick questions and
» Continue reading