Back to the Blog

Lessons Learned: Upgrading a Splunk Instance with No Downtime

Posted by Karthik Subramanian on Tuesday, April 10, 2018 - 08:35 Best Practices, Operational Intelligence Splunk, Splunk 6.x, Splunk 7.x, installation, Upgrade, Best Practices, Tips and Tricks

Upgrading a single machine's instance of Splunk is easy. All we need to do is stop the instance, download either the .tar or the .rpm, and then either untar or yum install the package, restart Splunk, and voilà, we have an upgrade!

Splunking The Billboard Hot 100 with help from the Spotify API

Posted by Karthik Subramanian on Wednesday, November 1, 2017 - 11:53 Operational Intelligence music, Splunk 6.x, Operational Intelligence, Python, Spotify, Billboard, Data Trends, Data Science

There's a lot of data out there and once we put it into Splunk, there's a lot of interesting information we can pull out of it, so why not have a trip down memory lane and see what sort of songs pop up when going through the Billboard Hot 100 charts from now back to 2000?

First, I found a scraper for the data - thank you Allen Guo for your Billboard charts scraper - and output the data in this format: 

date | title | artist | weeks | delta | current | peak | previous | spotifyID

I did so with this python...

read more

Moving? Don’t leave anything behind...

Posted by Rupak Pandya on Tuesday, May 10, 2016 - 11:51 Operational Intelligence Knowledge Objects, Splunk 6.3, Splunk 6.x, REST API, Lookups, macros, saved searches, event types, data models
My client was creeping up on their massive Splunk infrastructure migration to all new hardware and they wanted a quick and simple way to be sure that the knowledge objects in their environment were migrated successfully and nothing important was left behind. 
 
I suggested a solution that would utilize the various REST API searches that are available to gather this information and present it in a simple way.
 
We came up with a list of the knowledge objects and other important items they had in their environment. We ended up starting with the...
read more
Stay In Touch