Monitoring Frozen Data Storage in Splunk

Frozen Wasteland

In this post, I'd like to visit the "Siberia" of Splunk data or frozen (archived) storage.  For all other types of data besides frozen, you can get insight on your Splunk data at the index and bucket level by using the "dbinspect" command or apps like "Fire Brigade."  However, because frozen data "lives" outside of the world of Splunk, there's no way to get insight on that data via Splunk.  Therefore, I will outline a solution for creating a scripted input to send metrics to Splunk which can then be used for reporting.

Create the...


How to generate 1 TB of data for Splunk Performance Testing

HOW TO GENERATE 1 TB OF DATA FOR SPLUNK PERFORMANCE TESTING

 

 

INTRODUCTION

Splunk, a leader in Event Management provides insight into your business’s machine-generated log data. Splunk enables you to make sense of your business, make smart decisions and initiate corrective actions.

Processing Big Data is by no means a small feat. The ability to scale Splunk to accommodate and grow with your business is key to providing reliable and accurate information.  Splunk provides insight into your...


Macros and Tokens: Getting the Best Use of Them

While at a client recently, I had the task of creating a dashboard with the ability to look at Linux and Windows data's highest points and averages. The Windows and Linux data needed to be viewed separately, but still have the ability to view the data in total. To accomplish this, I created a base search using six macros: two to encompass both operating systems with each calculation mode, and two per operating system for each calculation mode.My first step was to create the macros. This is done by Settings > Advanced Search > Search Macros. Once at this page, click “New”. You will be...


Function1 Announces Sponsorship of .conf2015

Function1 today announced it is a Giga sponsor of .conf2015: The 6th Annual Splunk Worldwide Users' Conference. .conf2015 will feature more than 165 sessions, including more than 80 customer presentations, and is expected to attract thousands of IT, security and business professionals who know the value of their data. The conference will be held September 21 – 24, at the MGM Grand Las Vegas, with three days of optional education classes through Splunk University®, September 19 – 21, 2015.

Longtime Splunk partner and one of...


Being Unique is All About Being Different

Unique: (adjective) Existing as the only one.

Being unique is something we strive for, to be the only one of “us”. Wouldn’t you like for your Splunk app to be the same? For customers to use your app and see your color, your logo, your complete customization.

 

Here is my app, F1 Demo, as “bare bones” or basic.


CIO Review Names Function1 to 20 Most Promising Red Hat Solution Providers 2015

Function1, global leader in Operational Intelligence, Web Experience Management, and Data Security solutions, has been selected by CIO Review as one of the 20 Most Promising Red Hat Solution Providers in 2015.
 
A distinguished panel of CIOs, CEOs, VCs and members of CIO Review’s editorial board are responsible for identifying this annual list of companies, which aims to highlight and promote technology entrepreneurship. The decision highlights Function1's 2 year...

Every Click You Make, Splunk is Watching You…

 

When I am at client sites I often get asked how they can get a better understanding of what is going on in their Splunk environment. A recent client wanted to understand what dashboards were being used the most in their environment and who were the top users. What a great thought! I knew that Splunk had to have a way to track this. It was just a matter of locating the data and then determining the best way to pull it. After going back and forth between metadata and the internal index, I came across this in Splunk’s internal index.

...

Join Function1 at .conf2014!

It’s the most wonderful time of the year (for Splunk aficionados)! Function1 is proud to announce our Level 2 sponsorship of .conf2014: The Fifth Annual Splunk Worldwide Users’ Conference at the MGM Grand in Las Vegas. With 150 sessions and more than 70 customer presentations, it’s no surprise that .conf2014 organizers are anticipating a record attendance of more than 4,000 IT and business professionals. Introduce yourself at the Function1 booth or join us during our two breakout sessions where our Splunk-certified consultants will be offering attendees powerful insight into dynamic new...


The Seven Dwarfs of Data On-boarding in Splunk

In my time working with and using Splunk, I have learned a few tricks and tips to make the Splunk experience even better. This post assumes you are familiar with a few Splunk keywords. If you are having trouble following along, take a look at this link and look up the terms: http://docs.splunk.com/Splexicon. If you have never seen Splunk before, I suggest taking a look at the Splunk Tutorial to familiarize yourself with the product: ...


Stay In Touch