Operational Intelligence

Creating my first dashboard and adding interactivity: The magic of text boxes in Splunk 6.1* in Simple XML

Posted by Ashley Mitchell on Thursday, March 5, 2015 - 11:22 Operational Intelligence Splunk 6, Forms, Text box, Dashboards, Simple XML

Recently, I had the opportunity to work on the Web Analytics portion of an internal app development project. As a newb, I was eager to jump in, get started, enjoy the adventures and misadventures of Splunking, and put to use my newly developed Splunk skills obtained from weeks of training. I mean how could I fail? I had the right people, processes, and technologies supporting me to jump in and start the Splunk magic.

Moving forward, I jumped into action by reading tons of documentation, asking the typical newb questions and making the typical newb mistakes until somehow the first...

Upgrading your Splunk Environment

Posted by Philips Thomas on Thursday, February 26, 2015 - 13:02 Best Practices, Operational Intelligence Splunk Ugrade Cluster

Recently one of our clients had an outdated version of Splunk and needed to upgrade to a newer version of Splunk Enterprise that incorporated additional features and security updates. This of course is a very important procedure that many Splunk customers will have to learn over their time using Splunk. In this blog I will outline the process used for upgrading distributed deployments of Splunk.

First, here are the download links:

You can download the latest version of Splunk here: http://www....

Splunk ES - Lets Correlate

Posted by Krishan Patel on Tuesday, February 17, 2015 - 15:52 Operational Intelligence Splunk, ES, correlation searches

Splunk ES – Creating Custom Correlation Searches

In today's blog I will be discussing one of the very valuable features of the Splunk App for Enterprise Security. Correlation searches provide a very highly customizable level of security based detection and alerting within Splunk and ES.

What is a Correlation Search?

A correlations search is a type of saved search used to detect suspicious events or patterns in your data. If a suspicious event is detected, a notable event is created. The notable event...

Ninjas on a Mission: Things to Know When Migrating Your Splunk Deployment

Posted by Natalie Kalas on Wednesday, January 28, 2015 - 11:48 Best Practices, Operational Intelligence Splunk, Best Practices, Splunk Migrations

Splunk is a journey. Whether you are a newbie playing around with Splunk on your local machine or have a multi-instance distributed Splunk deployment, your knowledge of Splunk is always evolving. Typically, the more you know about Splunk, the more you want to do with Splunk. Often, proof of concepts (POCs) turn into production environments and soon enough you’re increasing your license and looking into new architecture. Congratulations, you have become a full on Splunk ninja! Now, how do we migrate your current Splunk deployment to ‘beefier’ hardware,...

Clustering: It's Not Just For Indexers

Posted by Naveed Krabbe on Monday, December 15, 2014 - 13:34 Operational Intelligence Splunk, Search Head Clustering, Captain, Deployer, 6.2

The release of Splunk Enterprise 6.2 introduced several great new features and enhancements. The new capabilities center around a new faster interface designed to assist with data onboarding, easier analytics and event pattern detection, and improved scalability and centralized management. While I would definitely recommend exploring the first two topics, this blog will focus on the latter. Core to the improvements in scalability and centralized management within Splunk Enterprise 6.2 is the introduction of Search Head Clustering. Search Head Clustering (SHC) is a direct replacement for...

Generating Splunk Buckets

Posted by Philips Thomas on Wednesday, November 26, 2014 - 14:25 Best Practices, Operational Intelligence Splunk Buckets Generating Buckets

Intro

Recently, we worked with a client that was using a multi-tiered storage configuration for their Splunk deployment. One tier was used for hot/warm data and the other tier for cold storage. We wanted to test the cold storage tier specifically. We used the Splunk event generator to produce data and tweaked some index settings to generate buckets (if you haven’t used the event generator before, here's a previous blog post for reference).

Index Configuration

In the...

Jazzing Up Your Dashboards: Dynamic Drilldown 101

Posted by Natalie Kalas on Tuesday, October 28, 2014 - 13:57 Operational Intelligence Splunk, dashboard, drilldown, maps, geostats

Time and time again, our customers find the most value in Splunk when they can visualize their data. By using the tokenization of certain fields, customers have the ability to drilldown into certain elements of their data. Drilling down into maps, charts, and graphs within the same dashboard, gives customers the ability to pinpoint problems and solutions quickly and efficiently. Now that Splunk utilizes simple XML for dashboard design, jazzing up your dashboards is easier than ever before!

Using sample data, I will walk you through some of these dynamic features below.

...

Extending the Power of Pivot

Posted by Rupak Pandya on Thursday, October 16, 2014 - 15:01 Operational Intelligence Splunk 6, Splunk, data model, pivot, pivot editor, Dashboards, UI Customize

Data models were introduced with the release of Splunk 6 back in Oct of 2013. By now, Splunk users are aware of the pivot feature that allows them to build various types of reports that are fueled by data models without having to know the Splunk Search Processing Language (SPL). The Pivot Editor is a great way to build these reports, it allows users to simply point and click their way to creating reports/charts/graphs that provide great insight. This feature is great for users that only want to use the Pivot Editor to create their reports. However, you cannot add the Pivot Editor to a...

Join Function1 at .conf2014!

Posted by Caroline Givnish on Monday, September 29, 2014 - 14:35 Operational Intelligence Splunk, .conf2014, Operational Intelligence, function1

It’s the most wonderful time of the year (for Splunk aficionados)! Function1 is proud to announce our Level 2 sponsorship of .conf2014: The Fifth Annual Splunk Worldwide Users’ Conference at the MGM Grand in Las Vegas. With 150 sessions and more than 70 customer presentations, it’s no surprise that .conf2014 organizers are anticipating a record attendance of more than 4,000 IT and business professionals. Introduce yourself at the Function1 booth or join us during our two breakout sessions where our Splunk-certified consultants will be offering attendees powerful insight into dynamic new...

Introducing the Red Hat Storage App for Splunk Enterprise

Posted by Anshu Rastogi on Friday, August 15, 2014 - 09:29 Cool Tools, Operational Intelligence Splunk, Red Hat Storage, RHSS

Welcome Splunkers! Today, we are proud to announce the release of the Red Hat Storage™ App for Splunk Enterprise™ on the Splunk Apps site. This app is the result of collaboration between the Operational Intelligence Team at Function1 and the Red Hat Storage Server team. The app provides operational insight for your Red Hat Storage Server (RHSS) deployment.

For those that aren’t familiar, Red Hat Storage Server

“…is an open software-defined...

read more

« first

‹ previous

…

4

5

6

7

8

9

10

11

12

next ›

last »