Clik here to view.
Hunk: Size matters
One of the questions I am often asked is what is the difference in storage between Splunk Enterprise and Hunk on Hadoop using Hunk archiving.Ā Customers are trying to drive down TCO by storing...
View ArticleClik here to view.
Cheers to .conf2015 with Three Clicks and a Beer
Tuesday was the kickoff of .conf2015: The 6th Annual Splunk Worldwide Usersā Conference in Las Vegas and it was incredible.Ā After months of preparation, we were ready to hit the stage for the keynote...
View ArticleClik here to view.
Splunking Box Data ā Content Events
In my last post about Splunking Box data, we focused on user authentications includingĀ percentage of failed logins, where logins are coming from, user accounts associated with failed logins, etc. Ā In...
View ArticleClik here to view.
Random Words on Entropy and DNS
During my last blog post, I mentioned that I would delve more into how to detect subdomains with relatively high entropy. But first I think it is important to discuss WHAT is entropy; WHY do I care if...
View ArticleClik here to view.
Use Custom Polygons in Choropleth Maps
In late September, 4,000Ā attendees gathered in Las Vegas for .conf, our annual user conference. Among a host of other features, we introduced Choropleth Maps, a new visualization type in Splunk 6.3....
View ArticleHunk, HDFS, and Indexes
Iāve been asked a number of times why Hunk does not create a physical index like Splunk. First, let me point out that your Hunk instance can search both physical and virtual indexes, allowing you to...
View ArticleSmart AnSwerS #39
Hey there community and welcome to the 39th installment of Smart AnSwerS. Playing catch up with work after .conf2015 last week in Las Vegas has been hard, but well worth it. It was great getting to...
View ArticleClik here to view.
Scheduled Export of Indexed Data
Iām really enjoying playing with all the new Developer hooks in Splunk 6.3 such as the HTTP Event Collector and the Modular Alerts framework. My mind is veritably fizzing with ideas for new and...
View ArticleClik here to view.
HTTP Event Collector, your DIRECT event pipe to Splunk 6.3
At .conf2015, we introduced HTTP Event Collector,Ā a new exciting capability for developers to send events from applications, DevOps tools, and IoT into Splunk.Ā In this post Iāll explain what it is and...
View ArticleClik here to view.
Splunk admin & some basics around working with REST APIs
Ā I saw an interestingĀ thread today on anĀ internal list that I would like to share with the world.Ā After all, while each of us is aĀ precious snowflake, our problems andĀ challenges are not always...
View ArticleClik here to view.
Achieving scale with the Kafka Modular Input
A hot topic in my inbox over the recent months has been how to achieve scalability with the Kafka Modular InputĀ , primarily in terms of message throughput. I get a lot of emails from users and our own...
View ArticleClik here to view.
Splunk at Dynatrace PERFORM
This week, Splunk will be participating at Dynatrace PERFORM ā the annual users event for Dynatrace APM users. Not only is Dynatrace the largest APM vendor by market share, we know that many people are...
View ArticleClik here to view.
A Trifecta of Takeaways from AWS re:Invent 2015
Hat-trick. Trio. Trifecta. Three: The number of things most people can easily absorb and retell after hearing a story. So, while there were many memorable things from AWS re:Invent 2015, Iād like to...
View ArticleClik here to view.
IoT and Flying Ponies at .conf 2015
One of the coolest demos I witnessed at Splunk .conf 2015 was the one by Nate McKervy. The reasons this demo was so cool is 1) it was live, 2) it involved audience participation, and 3) it involved...
View ArticleClik here to view.
Smart AnSwerS #40
Hey there community and welcome to the 40th installment of Smart AnSwerS. The San Francisco Bay Area Splunk User Group met up last week at Splunk HQ, and we had some great topics covered. With the...
View ArticleSecurely Storing & Accessing Passwords For Alert Action Scripts
I recently helped a customer securely store and access credentials for an alert action script in Splunk Cloud and wanted to share the details. Ledion Bitincka wrote a great article about storing...
View ArticleClik here to view.
Custom Message Handling and HEC Timestamps with the Kafka Modular Input
Custom Message Handling If you are a follower of any of my Modular Inputs on Splunkbase , you may see that I employ a similar design pattern across all of my offerings. That being the ability to...
View ArticleClik here to view.
Send JSON objects to HTTP Event Collector using our .NET Logging Library
Recently we shipped a bunch of logging libraries at the same time our new HTTP Event Collector hit the streets:...
View ArticleClik here to view.
Data Integrity is back, baby!
Iām sitting in my living room near Boulder, and watching the Republican Presidential Debate happening right down the road at the University of Colorado. Each candidate is doing their best to portray...
View ArticleSmart AnSwerS #41
Hey there community and welcome to the 41st installment of Smart AnSwerS. There have been a lot of questions on Answers throughout the years asking for a way to add comments to searches such as this 3...
View Article