Posts

Splunk and the Internet of Things (IoT)

What’s new in Splunk 6.3?

The release of Splunk Enterprise 6.3 saw improvements in performance, management and Total Cost of Ownership (TCO). Data integrity control, intelligent job scheduling, custom alert actions, geospatial visualization, anomaly detection and the addition of the HTTP event collector are only a few of the new features available in 6.3. This blog posting will discuss two of these features in more detail and what it means for Splunk’s push into the Internet of Things (IoT). Read more

How to Create a Splunk KV Store State Table or Lookup in 10 Simple Steps

As of Splunk 6.2, there is a Key-Value (KV) store baked into the Splunk Search Head. The Splunk KV store leverages MongoDB under the covers and among other things, can be leveraged for lookups and state tables. Better yet, unlike regular Splunk CSV lookups, you can actually update individual rows in the lookup without rebuilding the entire lookup – pretty cool! In this article, we will show you a quick way of how you can leverage the KV store as a lookup or state table. Read more

Team DI wins big at Splunk Conf 2014

SplunkAwards2014Team members of Discovered Intelligence were recognized for their global Splunk domain expertise at this years’ Splunk Conference in Las Vegas, scooping no less than two awards – Splunk Ninja and Splunk Developer! Our highly skilled DI team members have now been recipients of Splunk awards since 2012. Read more

Master your Operational Data, with the Splunk Operational Intelligence Cookbook

SplunkOpIntelCookbookLooking to master your Operational data? Authored by leading experts from Discovered Intelligence; the new Splunk Operational Intelligence Cookbook provides hands-on, easy to follow recipes that will have you mastering Splunk and discovering new insights from your operational data in no time. Leveraging our years of expertise, the book is filled with best practices and packed with content, that will get you hands-on with Splunk right from the first chapter. Read more

Northern Enlightenment – Splunking Canadian Weather Extremes

When I mentioned to folks that I had an upcoming engagement in Yellowknife recently, their first reaction was to make a joke about how cold it was up there and the weather in general. For those who are not up on their Canadian geography Yellowknife is “North of 60” and is the capital of the Northwest Territories. Once home to many gold mines, it’s now the diamond capital of North America and one of the best places to see the northern lights. So, to see what I was getting myself into, I decided that I should analyze the weather data for the past decade and see how things were going to shape up. Read more

Sendresults Command for Splunk

sendresults is an immensely powerful, life-changing Splunk command developed by Discovered Intelligence, that allows you to send tabulated search results to individuals dynamically, based upon the data within the results. This means that you no longer need to hardcode an email into the search, but can evaluate the email addresses instead. Read more

Heartbleed Command for Splunk

heartbleedDiscovered Intelligence has developed a simple Splunk command for identifying Heartbleed vulnerabilities!

This CIM-Compliant Technology Add-on (TA-Heartbleed) contains a new heartbleedtest Splunk command that can be used to check your internal infrastructure and external websites for the recently announced Heartbleed vulnerability. Read more