All Applications
Want your Splunk with extra IT goodness?
Install Applications! The Splunk community has created a growing collection of downloads you can use to add all kinds of functionality to your Splunk server. Download (or make and share with others) reports, helpful configurations for processing particular types of data, or even tools built using the Splunk API. Want to learn how to create Applications?
Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.
Featured Application:
Splunk for Citrix XenServer Management
More...
- Recent
- |
- Highly Rated
- |
- Most Downloaded
AfterGlow Graphing
This new search processor enables the generation of link graphs through Splunk. Make sure you follow the instructions in the README (once installed, located in etc/apps/afterglow) to configure the application!
Splunk License Usage
This bundle provides a new dashboard which has several widgets that query to help you determine your Splunk license usage total over the past 24 hours as well as usage by host, source, and sourcetype. It contains timecharts to help you understand usage over time and see usage spikes as well as pie charts to help you to figure out which log files, sourcetypes, and hosts Splunk is indexing the most data from.
Web access reports
Provides saved web access reports that you can access when needed.
Splunk for UNIX
The Splunk for UNIX application is a compilation of a dashboard, saved searches, eventtypes, and field extractions that work for various flavors of UNIX. In addition, the application also ships with a set of scripted inputs that can be used to monitor UNIX machines. Inputs like top, ps, vmstat, and netstat are supported.
Splunk for PCI
The Splunk PCI application offers over 57 reports, more than 91 saved searches, a dashboard, and corresponding alerts you can use to satisfy PCI requirements such as secure remote access, file integrity monitoring, secure log collection, daily log review, audit trail retention, and PCI control reporting.
Splunk for Change Management
Splunk for Change Management provides predefined reports and dashboards to facilitate change auditing, change detection, change reporting, change validation and incident response based on change events, change tickets and configuration files.
Arkeia
Arkeia Network Backup Bundle used to index the common fields from the backup log file to make searching and reporting easier.
Cisco Pix Firewall Log Bundle
Cisco PIX firewall log bundle that indexes and extracts common fields, normalizing PIX firewall logs so they are Splunk-compliant and will work with other Splunk applications.
feorlen_twitter_alert
Example of using a 3rd party REST endpoint with a Splunk custom processor. Post a message to Twitter for sourcetype::access_common events containing the string "wikipedia" and add status info to the event so it gets indexed. Includes C++ source and osx-i386 binary.
Negative Searching Demo Bundle
This bundle, created jointly by Maverick and Stephen Sorkin, demonstrates a way to perform negative searches by indexing known patterns and catching anomalous patterns into a separate index.
IPFW - Field Definitions
This bundle contains field extractions for IPFW firewall log files.
PF - Field Definitions
This bundle contains field definitions for OpenBSD firewall events.
IPMI Fan Speeds
Gather and report on system fan speeds using ipmi
Nessus Bundle
This bundle extracts the common fields from a Nessus Vulnerability Scanner log file, such as the hostname, port, script id, and type.
nscreen
This bundle is for field extraction and reporting on netscreen firewalls
Ironport field extractions
Provides file classification, date extraction, and extractions for ironport data.
Brian's valgrind bundle
aggregates and extracts information from valgrind logs
Brian's crash report log bundle
Aggregates and extracts useful information from osx crash reporter logs.
steveyz_bundle
A few useful searches leveraging the monitoring bundle data, using the multikv operator
Splunk for IMAP
This Addon will continually download mail from an imap account where it is indexed by a splunk server. You can do cool things like see how often you get mail from someone, graph by size, time, etc.
Web Page Monitor
This bundle will check a set of webpages every interval and index the result, time, size and optionally content and or crc of page(s). Its cool to do searches to see when your pages change, take long to load, or many other cool things.
javac++ bundle
adds reasonably good support for C++ and Java source code by breaking functions, classes, and structs into different events.
adds support for anonymizing log files at index time
anonymizes ip address as 127.0.0.1 (localhost); email addresses as user@domain.com ; social-security-numbers as 555-00-0000; password/passwd looking values as 'password' ; username/userid/login/user looking values as 'bob'.
Linux Failed Login
A series of saved searches to detect common login failures on Linux hosts.
Dee's wtmp input bundle
Help Splunk to index the output of last (from /var/log/wtmp), even though it's in a binary format.