Python 2’s End-of-Life is rapidly approaching, here’s what that means for your Splunk Deployment

In case you missed it, the version of Python that Splunk currently bundles and ships in Enterprise (Python 2.7) will be end-of-life January 1, 2020. How will this impact your Splunk deployment? Here's our detailed guide!

The What

Since a lot of Splunk customization can be achieved through Python, Splunk Enterprise now supports Python 3 and any Apps or Add-ons with Python 2.7 code will need to be updated to Python 3 compatibility. 


Splunk .conf19 Preview: Add these 5 must-see sessions to your schedule

In just a few days, we’ll be heading (back) to Vegas for Splunk .conf19 - the 10th anniversary of Splunk’s biggest event of the year - and this time we’re bringing our expertise to the Developer track (more on that later). As a proud Splunk PS partner and .conf veterans, it’s been exciting to watch the event evolve...

Building more secure financial institutions with three simple letters

While organizations (and their customers) are openly embracing digital transformation for unprecedented progress in experiences and efficiencies, cybercrime continues to play an increasingly menacing role. In 2017 alone, cybercrime cost organizations across sectors $11.7 million annually (on average), a 22.7% jump from 2016. 

Among industries, financial services companies were hit hardest with damages rising to $18.28 million. This doesn’t exactly come as a...

Lessons Learned: Upgrading a Splunk Instance with No Downtime

Upgrading a single machine's instance of Splunk is easy. All we need to do is stop the instance, download either the .tar or the .rpm, and then either untar or yum install the package, restart Splunk, and voilà, we have an upgrade!

Reading Trace Logs with Splunk Add-on for SQL Server

Hello fellow Splunkers! In this blog post, we will outline how to utilize the Splunk Add-on for Microsoft SQL Server to ingest the binary trace log data that is generated by SQL Server. 

In order to accomplish this objective, we must first establish a connection to the SQL Server instance using DB Connect. This of course involves creating an "Identity" that can authenticate to the database instance, and then creating a "Connection" via that Identity. This connection needs to be facilitated by a database driver, and one pitfall to watch out for here is to make sure to choose the...

Troubleshooting Tips for Splunk DB Connect 3

Hello, fellow Splunkers! In this post, we'll take a look at a few of the pitfalls to be aware of when using the quite powerful, but sometimes hard to troubleshoot, DB Connect (DBX) 3.1.1 application from Splunkbase. So let's jump right in, shall we?

NULL values for Timestamp

If a database table that you're importing (either rising column or batch mode) contains a column representing a timestamp, most likely you'll want to utilize that column as the timestamp of the event (database record) within Splunk, instead of using the index time as the timestamp. However, be...

Tips & Tricks: Splunk's Monitoring Console

Since Splunk enterprise released 6.5.x "The Distributed Management Console" app was renamed to "The Monitoring Console"; the app name change was not just a rename as the tool got bundled with a number of enhancements. The gist behind the monitoring console is its myriad of dashboards that provides a birds-eye-view health check of a multi-instance Splunk deployment. The dashboards behind the console rely on data collected from the different Splunk Enterprise deployments' internal logs located in both $SPLUNK_HOME/var/log/splunk/ as well as $SPLUNK_HOME/var/log/introspection/. But this blog...

Splunking Twitch

Twitch has transformed the live streaming industry by revolutionizing the process of user broadcasting and real-time audience interaction. At 15 Million daily visitors, Twitch has grown to one of the largest sources of internet traffic. With the massive amount of information being shared in Twitch, we asked ourselves the age-old question: Can it be Splunked?

The short answer is: yes. Using Twitch's API we are able to gain access to a plethora of information. To start, however, we look at a single API endpoint and see just...

Using Splunk to Analyze New York City Uber Data

It’s fun getting all types of data into Splunk, analyzing it, and learning something new. I was pretty excited when I found this Uber trip data from FiveThirtyEight with 4.5 million records of Uber pickups from April - September 2014. Uber also debuted Uber Movement which is offering access to their data if you get on a waiting list. If you are interested in Uber data, you should definitely check that out. 


Overview of the New Charting Enhancements in Splunk 7.0

Charts are highly configurable in Splunk and in Splunk 7.0 they have added more charting options to use in your dashboards. These charting enhancements improve metrics and multi-series monitoring use cases while elevating user experience.

In this blog post, I will provide an overview of the new charting options available with Splunk 7.0 and give you examples you can use for reference. 


The first charting option allows you to change the line width of your charts in pixels.   

In the the XML example below, I've taken it...

Stay In Touch