Splunk for Networking and SDN: In Action in Vegas!
Have you registered for Splunk Worldwide Users’ Conference .conf2013 in Vegas? If not, please hurry up and register here http://conf.splunk.com/. Time is running out! Come to our session “Splunk for...
View ArticleCountdown to Vegas – Plan your .conf2013 experience
It’s going to be rad at .conf2013 next week at Vegas. There is so much going on at Splunk (all the time!) and you’re going to hear all about it at the conference. Hear about our new products, services...
View ArticleAn Introduction to the Theory of Relative Time Modifiers for _indextime
Relative Time Modifiers for _indextime in 5.0+ tl;dr? Skip to the end for the syntax and save the details for later, as well as never. Verily, I remember not where I was when _indextime was added to...
View ArticleClik here to view.
Hunk Setup using Hortonworks Hadoop Sandbox
Recently Hortonworks and Splunk released a tutorial and video to install and connect Hunk with the Hortonworks Hadoop Sandbox This blog summarizes the configurations used as part of the Hunk setup....
View ArticleClik here to view.
Adventures with SNMP and Cisco Nexus (Part 2)
I’ve recently been working with the Splunk SNMP Modular Input and some Cisco Nexus switches to see what sort of data and information I could gather using just the SNMP collector. It has been an...
View ArticleClik here to view.
Adventures with SNMP and Cisco Nexus (Part 1)
I’ve recently been working with the Splunk SNMP Modular Input and some Cisco Nexus switches to see what sort of data and information I could gather using just the SNMP collector. It has been an...
View ArticleSimplifying IT Operations data analytics with Splunk Enterprise 6 and the...
At our annual user’s conference .conf 2013 this year, we announced the latest release of Splunk Enterprise – Splunk Enterprise 6. Splunk 6 introduces new analytics features that make it easy for anyone...
View ArticleClik here to view.
Hunk: Raw data to analytics in < 60 minutes
Update: now with UI setup instructions Finally, I got a bit of down time to sit down and get to the third part of the “Hunk: Splunk Analytics for Hadoop Intro” series of blogs, a follow up to part 1...
View ArticleInstalling the Splunk 6.0 Universal Forwarder on Windows
I’m currently working on getting all the Splunk apps that I am responsible for upgraded so that they use the Splunk 6 Universal Forwarder. Naturally, that means a whole slew of installs on Windows...
View ArticleUnstoppable AWS and Irresistible Splunk
AWS Re-invent is here! We, at Splunk, are excited to announce all the new goodies we have been working on with AWS! First, a lot of you might have seen the announcement around Amazon...
View ArticleClik here to view.
Analyze Data with Hunk on Amazon EMR
In this post you will learn how to use Hunk to process data with an Amazon EMR cluster. We will go through the steps of: Creating a Hunk EC2 instance, Creating an Amazon EMR cluster Configure Hunk with...
View ArticleClik here to view.
Splunk and Ford Test Drive Open Data Development in Connected Cars
Splunk Inc. and Ford Motor Company collaborated to analyze real-time automotive data to gain insight into driving patterns and vehicle performance. Using Ford OpenXC to gather data from connected...
View ArticleClik here to view.
Show/Hide a Dashboard Panel Based on a Search Result
Today’s post will build two of my previous posts about pivoting a single row table and toggling visibility of dashboard panels. In the post about pivoting a table, one of the fields in the table was...
View ArticleClik here to view.
My experience of building Splunk application
I joined Splunk a couple weeks ago and my first challenge was to learn everything I could about how to build Splunk applications. The best way of doing that is just to write your own application – and...
View ArticleWindows IP Address Monitoring
I’ve come across a couple of reasons to have a correlation between the IP Address (at a point in time) and a hostname. For most normal cases, you can use the nslookup script to do a reverse lookup....
View ArticleHadoop 2.0 rant
Here we go, time for another rant about Hadoop, this time about Hadoop 2.0. You can read the first rant here. The rant this time is about Yarn and the way it stores the application logs. Let’s start...
View ArticleRead-only database connections
Version 1.1.1 of the Splunk DB Connect Add-on is now available on our community site, and there’s a great new option for managing your users’ database access. Let’s walk through how to grant selected...
View ArticleClik here to view.
Syracuse University’s iSchool IT Girls want to change the world with data
This past Veteran’s Day weekend, I was in Syracuse, NY with fellow Splunker Christy Wilson, attending the 3rd annual IT Girls overnight retreat at Syracuse University’s iSchool. One of the goals of the...
View ArticleDecoding IIS Logs
Everyone (just about) knows that there is a table of status codes that HTTP/1.1 defines. However, IIS gives you two more status codes in the log files. The HTTP/1.1 status is stored in sc_status (and...
View ArticleClik here to view.
Using Watchlists to Your Advantage
The Splunk App for Enterprise Security comes with correlation searches that generate notable events. The correlation search for Watchlisted Event Observed is a great template for generating notable...
View Article