Back to the Blog

Encrypting a Modular Input Field without Setup.xml

Posted by Christopher Makepeace on Thursday, February 23, 2017 - 08:30 Operational Intelligence Modular Input, encryption, Splunk, setup.xml

Encryption of some fields when creating a modular input is sometimes needed when security becomes an issue. There are a few ways with the most common being the creation of a setup.xml file for the modular input schema. When using setup.xml however, you lose some of the modular input schemas built in to the python SDK. However, when not using setup.xml and still would like to use the python SDK to encrypt an input field it is still possible with a bit of work. In this writing I will go over one way of encrypting an input field using an additional field as an identifier.

To start off...

read more

Collecting Data from ServiceNow in Splunk

Posted by Anshu Rastogi on Thursday, January 19, 2017 - 10:21 Operational Intelligence Splunk, REST API, Add-on, ServiceNow, Big data, Operational Intelligence

Let's discuss how to collect data from your ServiceNow instance in Splunk. First, what is ServiceNow? ServiceNow is a maker of service management software that can be on-prem or in the cloud. Organizational use of ServiceNow ranges from standard IT help desk ticketing systems to legal service management. These organizations may want to collect data from their ServiceNow instance for security auditing or operational awareness of their deployment. ServiceNow exposes a REST API that can be used to extract this data.

Scenario

In...

read more

Year in Review: Function1's Most Popular Articles of 2016

Posted by Caroline Givnish on Wednesday, December 21, 2016 - 08:17 Function1 2016, function1, year in review, Analytics, Data, google analytics, Splunk, Drupal, Oracle WebCenter Sites

It's the most wonderful time of the year - not because of the presents and the parties - but, the lists! I mean, who doesn't love lists (besides maybe The New Yorker)? So, we decided to put our analytics hats on and pull together our top 5 most widely-read posts of 2016. And, while our year in review might not be as much of an emotional rollercoaster as Google's ...

read more

Growing your Splunk Deployment

Posted by Anshu Rastogi on Tuesday, November 29, 2016 - 08:56 Operational Intelligence Splunk, Indexers, architecture, storage, Disks, Indexes.conf, Volume, Warm Data, Cold Data, Frozen Data, Offline, Migration

Intro

Growth.  It's important in so many aspects of our lives; from our careers, health, and relationships.  The famed motivational, self-help guru Tony Robbins says that beyond our basic needs, we need growth and giving back in order to truly be fulfilled.  In addition to adding to ourselves, sometimes growth requires us to rebuild a portion of ourselves.  Well, Splunk is no different.  In order for it to keep it's self-esteem high, it also needs to grow. In this blog post I wanted to cover a process to expand the number of indexers in an existing Splunk deployment while also...

read more

Splunk 6.5 Under the Hood: Clustering Enhancements

Posted by Naveed Krabbe on Tuesday, November 22, 2016 - 09:18 Operational Intelligence Splunk, Splunk 6.5, Operational Intelligence, Clustering

Intro

By now I’m sure you’ve heard about the release of Splunk Enterprise 6.5. Those of you who were at .conf 2016 got to see many of the new features during the keynotes, in sessions, and at the various booths.

Splunk Enterprise 6.5 brings lots of great enhancements related to user experience such as table datasets, conditional table formatting, dashboard editing, and enhanced search/SPL assistance. For those of you who have not had a chance to see some of the new features yet, I encourage you to check out this short video: ...

read more

Stepping Up with Splunk!

Posted by Elizabeth Makepeace on Tuesday, October 25, 2016 - 09:08 Function1 Operational Intelligence, Splunk, Splunk 6.4, Visualizations, Wellness Program, Cool Tools

“Surround yourself with the dreamers and the doers, the believers and thinkers, but most of all, surround yourself with those who see greatness within you, even when you don’t see it in yourself.” –Edmund Lee

 

Splunk is an extremely versatile application, dissecting everything from a small csv file to multiple terabytes of data. I am a member of Function1’s Wellness Team as well as a part of the OI Practice. This year, the Wellness Team has decided to revamp itself and I thought Splunk would be a great tool to utilize to track our progress and feedback from...

read more

Splunk: Modular Inputs

Posted by Hani Atalla on Thursday, October 6, 2016 - 09:23 Development, Operational Intelligence Splunk, Development, Modular Input, JSON

I often blog about Drupal, but recently I worked on a Splunk App, so thought about sharing my experience because it was an interesting one.  For that Splunk App, I was on the Function1 Slack channel posting an endless stream of Splunk related questions and my colleagues provided tremendous support, patiently responding to my non-stop inquiries. It is great working among such a great pool of talented individuals.

The gist of the Splunk App is to dynamically post a JSON request to a RESTful API (the client developed the API) that returns a JSON response, and then send the response to...

read more
Stay In Touch