Box Plots: Making Custom Visualizations
This is the first of a two part series on implementing Box Plots in Splunk for security use cases. Analyzing complex data is difficult, which is why people use Splunk. Sometimes patterns in data are...
View ArticleVote using Splunk
Someone recently challenged me to use Splunk for voting. Splunk is a versatile platform, why not make a voting app? Sigi and Stephen put the app together one afternoon and then I tested it out on a...
View ArticleConfiguring Nginx Load Balancer For The HTTP Event Collector
The HTTP Event Collector (HEC) is the perfect way to send data to Splunk, at scale, without a forwarder. If you’re a developer looking to push logs into Splunk over HTTP or you have an IOT use case...
View ArticleConfiguring Nginx With Splunk, REST API & SDK Compatibility
Last year I posted an article on how to configure HAProxy with Splunk, REST API & SDK compatibility. Yesterday, I posted an article on how to configure Nginx as a load balancer in front of a tier...
View ArticleEureka! Extracting key-value pairs from JSON fields
With the rise of HEC (and with our new Splunk logging driver), we’re seeing more and more of you, our beloved Splunk customers, pushing JSON over the wire to your Splunk instances. One common question...
View ArticleSplunking a Microsoft Word document for metadata and content analysis
The Big Data ecosystem is nowadays often abbreviated with ‘V’s. The 3Vs of Big Data, or the 4Vs of Big Data, even the 5Vs of Big Data! However many ‘V’s are used, two are always dedicated to Volume and...
View ArticleDocker? Amazon ECS? Splunk? How they now all seamlessly work together
Today the Amazon EC2 Container Service (ECS) team announced they have added the Splunk native logging driver to the newest version of the ECS agent. This means it’s now easier to implement a...
View ArticleSending binary data to Splunk and preprocessing it
A while ago I released an App on Splunkbase called Protocol Data Inputs (PDI) that allows you to send text or binary data to Splunk via many different protocols and dynamically apply pre processors to...
View ArticleSend data to Splunk via an authenticated TCP Input
Wow , my second blog in 24 hrs about Protocol Data Inputs(PDI) , but sometimes you just infected with ideas and have to roll with it. So my latest headbump is about sending text or binary data to...
View ArticleSecure Splunk Web in Five Minutes Using Let’s Encrypt
Configuring SSL for your public facing Splunk instance is time-consuming, expensive and essential in today’s digital environment. Whether you choose to go with a cloud provider or self-hosting;...
View ArticleHandling HTTP Event Collector (HEC) Content-Length too large errors without...
Once you start using HEC, you want to send it more and more data, as you do your payloads are going to increase in size, especially if you start batching. Unfortunately as soon as you exceed a request...
View ArticleAndroid ANR troubleshooting with MINT
Being involved with shippable software for mobile and desktop, I realize that there is a class of problems that are not easy to troubleshoot. Crashes are probably the easiest to reproduce in QA and...
View ArticleTracing Objective-C Methods
You can write very fast programs in Objective-C, but you can also write very slow ones. Performance isn’t a characteristic of a language but of a language implementation, and more importantly, of the...
View ArticleiOS Memory Warnings
Memory on mobile devices is a shared resource, and apps that manage memory improperly run out of memory and crash. iOS manages the memory footprint of an application by controlling the lifetime of all...
View Article#splunkconf16 preview: IT Operations Track – Choose your own adventure!
Does anyone else remember the ‘choose your own adventure books’ from the 90s? I do, and this year’s #splunkconf16 has me almost as excited as getting a brand spankin’ new pile of books. Just kidding,...
View ArticleSplunk at ThingMonk 2016
Hi everyone I’m Duncan Turnbull and I am the technical lead for the Analytics and IoT practice team here at Splunk in Europe. This means I get to spend my time listening, explaining, showing and...
View ArticleTalk to Splunk with Amazon Alexa
What do you think the future experience of interacting with your data is going to be like ? Is it going to be logging in by way of a user interface and then using your mouse/keyboard/gestures to view...
View ArticleI can’t make my time range picker pick my time field.
When you are working with Hadoop using Hunk or when you are working with Splunk and the time field you want to work with is not _time, you may want to use the time picker in a dashboard with some other...
View ArticleSplunk your Google Analytics
Gain more insight into site performance and user activity by correlating Google Analytics data within Splunk. A customer of mine recently wanted to understand more about the journey that retail...
View ArticleIntroducing AppInspect
Yesterday at .conf2016 we announced the general availability of Splunk AppInspect, the first static and dynamic analysis tool for Splunk apps. Built and used by the team that administers the Splunk...
View Article