2010-02-08T23:58:06+00:00 http://www.splunkbase.com/api/apps/entries/?type=Fields 54 10 1 2009-10-15T21:15:05+00:00 http://www.splunkbase.com/api/apps/entries/RSS+Scripted+Input ndoshi 209 ndoshi nimish@splunk.com 2009-08-13T23:40:34+00:00 2009-10-15T21:15:05+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/RSS+Scripted+Input 1.0.2 Scripted Inputs Inputs Fields No Data 0 1 http://www.splunkbase.com/apps/RSS+Scripted+Input http://www.splunkbase.com/apps:screenshot/original/RSS+Scripted+Input/icon.jpg 36 36 0 0 0 0 0 0 3.0.0 4.999.999

This is a simple application to take the content of any RSS feed and index its metadata (date, title, link, and description) into Splunk. A scripted input calls rss.sh every 600 seconds, which in turn, calls the supplied Python program, rssfeed.py to gather the rss feeds. RSS feeds are supplied via a file passed on the command line. A sample file, feeds.txt, is provided for testing. This program uses the open source feedparser from www.feedparser.org for its RSS parser. Installation: Gunzip and un tar the distirbution into $SPLUNK_HOME/etc/apps and read the README.txt

2009-10-10T20:54:29+00:00 http://www.splunkbase.com/api/apps/entries/Web+Services+Stock+Quote+as+Scripted+Input ndoshi 300 ndoshi nimish@splunk.com 2008-12-09T18:06:56+00:00 2009-10-10T20:54:29+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/Web+Services+Stock+Quote+as+Scripted+Input 1.1.1 Scripted Inputs Fields No Data 0 1 http://www.splunkbase.com/apps/Web+Services+Stock+Quote+as+Scripted+Input http://www.splunkbase.com/apps:screenshot/original/Web+Services+Stock+Quote+as+Scripted+Input/icon.jpg 36 36 http://www.splunkbase.com/apps:screenshot/original/Web+Services+Stock+Quote+as+Scripted+Input/screenshot.jpg 400 320 http://www.splunkbase.com/apps:screenshot/scaled/Web+Services+Stock+Quote+as+Scripted+Input/screenshot.jpg 400 320 http://www.splunkbase.com/apps:screenshot/thumb/Web+Services+Stock+Quote+as+Scripted+Input/screenshot.jpg 91 73 3.0.0 4.999.999

This distribution calls a stock quote web service with a list of stock symbols as input which is output to Splunk's indexer. The code makes use of the Apache Axis client library to call a web service as a scripted input to retrieve stock quote reports for stock symbols and use each response as an event stored in XML format. It is used as a demonstration for using web services as a scripted input. The work to call the web service for each stock symbol is \ done in the GatherStockQuote.java program. To install, use tar zxvf and place the stockquotes directory under SPLUNK_HOME/etc/apps/. Then read the README_StockQuote.txt for further configuration. You can use this to create your own time series data store for stock information and create reports. This ships with one field action to get detailed information on a symbol. (use xmlkv to extract the symbol field).

2009-10-10T20:27:56+00:00 http://www.splunkbase.com/api/apps/entries/Web+Services+Weather+as+Scripted+Input ndoshi 369 ndoshi nimish@splunk.com 2008-12-02T20:06:38+00:00 2009-10-10T20:27:56+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/Web+Services+Weather+as+Scripted+Input 1.1 Scripted Inputs Fields No Data 0 1 http://www.splunkbase.com/apps/Web+Services+Weather+as+Scripted+Input http://www.splunkbase.com/apps:screenshot/original/Web+Services+Weather+as+Scripted+Input/icon.jpg 36 36 http://www.splunkbase.com/apps:screenshot/original/Web+Services+Weather+as+Scripted+Input/screenshot.jpg 935 798 http://www.splunkbase.com/apps:screenshot/scaled/Web+Services+Weather+as+Scripted+Input/screenshot.jpg 562 480 http://www.splunkbase.com/apps:screenshot/thumb/Web+Services+Weather+as+Scripted+Input/screenshot.jpg 86 73 3.0.0 4.999.999

This distribution calls a weather web service periodically with a list of cities as input which is output to Splunk's indexer. The code makes use of the Apache Axis client library to call a web service as a scripted input to retrieve weather reports for major cities and use each response as an event stored in XML format. It is used as a demonstration for using web services as a scripted input. You can choose your own cities to build your time series weather data store. The work to call the web service for each city country pair is done in the GatherWeather.java program. To install, unzip and un tar the distribution in SPLUNK_HOME/etc/apps and read the README_WS.txt file for further configuration.

2009-09-18T15:50:05+00:00 http://www.splunkbase.com/api/apps/entries/Sharepoint+MOSS+2007 ameyers 2 ameyers acm177@gmail.com 2009-09-18T15:50:05+00:00 2009-09-18T15:50:05+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/Sharepoint+MOSS+2007 1.0 Searches Inputs Fields No Data 1 0 http://www.splunkbase.com/apps/Sharepoint+MOSS+2007 0 0 0 0 0 0 0 0 3.0.0 3.999.999

This application provides a source type for Microsoft Office Sharepoint Services 2007 logs.

2009-06-17T21:19:00+00:00 http://www.splunkbase.com/api/apps/entries/Splunk+for+OSSEC elazar 1988 elazar 2009-02-16T18:24:43+00:00 2009-06-17T21:19:00+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/Splunk+for+OSSEC 0.4.3 Fields Event Types 4.0 6 1 http://www.splunkbase.com/apps/Splunk+for+OSSEC 0 0 http://www.splunkbase.com/apps:screenshot/original/Splunk+for+OSSEC/screenshot.jpg 191 81 http://www.splunkbase.com/apps:screenshot/scaled/Splunk+for+OSSEC/screenshot.jpg 640 271 http://www.splunkbase.com/apps:screenshot/thumb/Splunk+for+OSSEC/screenshot.jpg 118 50 3.0.0 3.999.999

Field extraction for OSSEC HIDS(http://www.ossec.net)

2009-05-18T23:22:47+00:00 http://www.splunkbase.com/api/apps/entries/Common+Event+Format+-+Field+Extractions raffy 1065 raffy 2007-12-06T02:11:27+00:00 2009-05-18T23:22:47+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/Common+Event+Format+-+Field+Extractions 1.2 Fields No Data 0 1 http://www.splunkbase.com/apps/Common+Event+Format+-+Field+Extractions 0 0 0 0 0 0 0 0 3.0.0.0 3.999.999

CEF or the common event format is an event interoperability standard, defining a common syntax for communication among log generating devices and applications. This is an add-on to extract the fields of CEF messages.

2009-03-25T15:44:44+00:00 http://www.splunkbase.com/api/apps/entries/IRC+Splunk+Bot rataide 148 rataide 2009-02-20T17:13:31+00:00 2009-03-25T15:44:44+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/IRC+Splunk+Bot 0.3 Scripted Inputs Integration Inputs Fields No Data 1 1 http://www.splunkbase.com/apps/IRC+Splunk+Bot 0 0 0 0 0 0 0 0 3.0.0.0 3.999.999

This application provides bi-directional integration between Splunk and an IRC Server. It logs and indexes the conversation from a channel as a scripted input and it replies to searches executed against that same Splunk server.

2009-03-24T22:56:03+00:00 http://www.splunkbase.com/api/apps/entries/Splunk+for+Double-Take kordless 357 kordless 2009-03-24T21:33:50+00:00 2009-03-24T22:56:03+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/Splunk+for+Double-Take 1.1 Searches Search Commands Reports Inputs Fields Event Types Event Actions Alerts No Data 0 1 http://www.splunkbase.com/apps/Splunk+for+Double-Take 0 0 http://www.splunkbase.com/apps:screenshot/original/Splunk+for+Double-Take/screenshot.jpg 120 73 http://www.splunkbase.com/apps:screenshot/scaled/Splunk+for+Double-Take/screenshot.jpg 640 389 http://www.splunkbase.com/apps:screenshot/thumb/Splunk+for+Double-Take/screenshot.jpg 118 72 3.0.0.0 3.999.999

Splunk for Double-Take, a collaborative platform, brings higher system availability, lower cost of maintaining availability, and simplified monitoring of business critical Microsoft Exchange and SQL Server environments. By adding the power of Splunk IT Search into the Double-Take offering, users can tap into the capabilities of real-time search, alerting, reporting and analysis, to aggressively and proactively ensure successful failover conditions through a broader view of their environment.

2009-03-19T20:43:50+00:00 http://www.splunkbase.com/api/apps/entries/Splunk+for+Network+Security Splunk 15206 Splunk 2008-08-25T18:29:02+00:00 2009-03-19T20:43:50+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/Splunk+for+Network+Security for Splunk 3.3 and 3.4 Searches Reports Inputs Fields Event Types Alerts 2.0 3 1 http://www.splunkbase.com/apps/Splunk+for+Network+Security 0 0 http://www.splunkbase.com/apps:screenshot/original/Splunk+for+Network+Security/screenshot.jpg 86 86 http://www.splunkbase.com/apps:screenshot/scaled/Splunk+for+Network+Security/screenshot.jpg 480 480 http://www.splunkbase.com/apps:screenshot/thumb/Splunk+for+Network+Security/screenshot.jpg 73 73 3.0.0 3.999.999

The Splunk Network Security application offers a set of reports, saved searches, and dashboards, as well as corresponding alerts that you can use to monitor your firewalls, intrusion detection and prevention systems, as well as operating systems.

2009-03-19T17:47:55+00:00 http://www.splunkbase.com/api/apps/entries/Splunk+for+UNIX+%28Splunk+3+Compatible%29 Splunk 60555 Splunk 2008-01-11T22:56:08+00:00 2009-03-19T17:47:55+00:00 Free Creative Commons http://www.splunkbase.com/apps:license/Splunk+for+UNIX+%28Splunk+3+Compatible%29 for Splunk 3.3 Searches Scripted Inputs Inputs Fields Event Types 4.5 8 1 http://www.splunkbase.com/apps/Splunk+for+UNIX+%28Splunk+3+Compatible%29 0 0 http://www.splunkbase.com/apps:screenshot/original/Splunk+for+UNIX+%28Splunk+3+Compatible%29/screenshot.jpg 110 73 http://www.splunkbase.com/apps:screenshot/scaled/Splunk+for+UNIX+%28Splunk+3+Compatible%29/screenshot.jpg 640 425 http://www.splunkbase.com/apps:screenshot/thumb/Splunk+for+UNIX+%28Splunk+3+Compatible%29/screenshot.jpg 110 73 3.0.0.0 3.999.999

The Splunk for UNIX application is a compilation of a dashboard, saved searches, eventtypes, and field extractions that work for various flavors of UNIX. In addition, the application also ships with a set of scripted inputs that can be used to monitor UNIX machines. Inputs like top, ps, vmstat, iptables, and netstat, are supported.