Clik here to view.
Data Model Cheat Sheet
Have you been curious about how to incorporate data models into your Splunk life, but unsure about how to take the first step? Try this cheat sheet! It takes you step-by-step through the process of...
View ArticleClik here to view.
Introducing the Cisco Security Suite for Splunk 6
I know. I normally blog about Microsoft stuff. Recently, however, I’ve been helping out on another project – updating the Cisco Security Suite to be compatible with Splunk 6. The Cisco Security...
View ArticleClik here to view.
Splunk Apps installation assistant
So you were browsing the Splunk Apps portal and just found an app you’d like to try. You click “Download”, accept the license agreement and some file gets saved. Now what? You quickly glance through...
View ArticleSearch Command>
Over the day in the life of a Splunk user, he or she probably utilizes less than 50% of the available Splunk commands. It may be that the most popular commands such as stats, transaction, eval, top,...
View ArticleCorrelating Windows and VMware Host Information
When you install a new virtual host on VMware, you get to give it any name you want. The name has nothing to do with what is running on the host. How can we go from the Windows information to the...
View ArticleClik here to view.
Announcing Splunk and Tableau strategic technology alliance
We’re very excited to announce the alliance between Splunk and Tableau Software that extends machine data insights to Tableau users. As part of a joint technology investment, the latest version of...
View ArticleClik here to view.
Introducing the Hunk App for AWS Elastic Load Balancing
Today we’re excited to announce the addition of a new member in the class of apps that integrate with the Amazon Web Services ecosystem: Hunk App for AWS Elastic Load Balancing. Other apps in the class...
View ArticleCorrelating Cisco ESA with Microsoft Exchange for Message Tracking
One of the great features of the Splunk App for Microsoft Exchange is that you can track messages to the edge. It doesn’t matter what type of devices we go through, we get to see the messages and what...
View ArticleCustom Threat Feed integration with Enterprise Security
Threat intel feeds are a good way to add security context to your Splunk data with IP addresses, domain/host names or files. These feeds are generally accessible via some manner of web requests. Splunk...
View ArticleClik here to view.
Search Command> diff
What’s the grooviest Splunk search command goin’ round? It’s diff man, can you dig it? That’s right, diff. What other command is based on a *nix file comparison utility that’s been around since the...
View ArticleDeploying Splunk in the Comcast VOD Enterprise (part 1 of 2)
This is a guest post contributed by Frank Larkin Principal Engineer II Comcast, NETO. Introduction For the last 2 years, Comcast “Video-On-Demand” has been transitioning from over 100 separate Video On...
View ArticleClik here to view.
Custom Icons in Splunk 6 Tables
“Daddy. DADDY! We’re out of Sriracha. Does Costco sell Sriracha? Can you go get some before you start working today?” That was my five-year-old son at breakfast this morning, after he turned the...
View ArticleClik here to view.
Time based load balancing
Just found out about another cool feature that apparently has been in the product a while. By default, the Universal Forwarder can only load balance between indexers when it is safe for us to cut over...
View ArticleClik here to view.
Search Command> Coalesce
This blog post is part of a challenge or a “blog-a-thon” in my group of Sales Engineers. The challenge is to see who could blog about some of the least used Splunk search commands. I chose coalesce...
View ArticleSplunk on Windows, Clustering and IPv6
We had fun this week in our Seattle office setting up clustering for Splunk on Windows on a pure-IPv6 network. IPv6 has been gaining acceptance more outside the US than within for quite a number of...
View ArticleClik here to view.
Using Splunk as a data store for developers
A number of years ago, I wrote a blog entry called Everybody Splunk with the Splunk SDK, which succinctly encouraged developers to put data into Splunk for their applications and then search on the...
View ArticleClik here to view.
Time based load balancing – Part 2
This is a follow up to my earlier post on the forceTimebasedAutoLB setting for outputs.conf. There was some discussion (read: prove it to me) on the IRC channel about how would this feature behave with...
View ArticleWhat’s new in Microsoft Apps
Splunk is exhibiting at the Microsoft Exchange Conference this week. If you are in town, please stop by booth #805 in the Eastside to see us. To coincide with this conference, we are releasing a whole...
View ArticleClik here to view.
Search Command> stats, eventstats and streamstats
Getting started with stats, eventstats and streamstats When I first joined Splunk, like many newbies I needed direction on where to start. Someone gave me some excellent advice: “Learn the stats and...
View ArticleRunning two Universal Forwarders on Windows
We get quite a few requests on how to run two Splunk Universal Forwarders on the same Windows host. Why would you do this? The primary reason is that you have a lab environment and want to compare one...
View Article