The Archive supports a collection of apps for Splunk prior to version 4.0. Browse the menu at left to find apps or add-ons by the category of solution they provide or the Splunk function they're built for. To learn more about installing apps in Splunk 3.x, check the Adminstration Manual for your version.
A Splunk application that provides visibility into the connectivity of Splunk forwarders to one or more indexers, the availability of Splunk forwarders and indexers, the data volumes passed by forwarders and the data volumes consumed by indexers. Displayed within a dashboard view.
Splunk indexes all IT data across every tier - the physical servers, hypervisor, VMs, and deployed applications, capturing and persisting 100% of your data in real-time. It includes inputs, indexing, searches, reports and dashboards.
Splunk for Change Management provides predefined reports and dashboards to facilitate change auditing, change detection, change reporting, change validation and incident response based on change events, change tickets and configuration files.
This script is designed to be used as a scripted input for data contained in database tables. Plese refer to the Splunk Admin guide for more information on configuring scripted inputs. The script has been successfully used in a number of deployments, and should work with Oracle, MySQL, and sybase databases as-is. Other database types can be added by installing the appropriate perl DBD module, and editing the script to configure for the new dbtype. In this version, all of the SQL code has been abstracted from the script, and all parameters including the query are passed as commandline arguments to the script.
Arkeia Network Backup Bundle used to index the common fields from the backup log file to make searching and reporting easier.
Gather and report on system fan speeds using ipmi
A few useful searches leveraging the monitoring bundle data, using the multikv operator
This bundle outputs this text : === START OF INFORMATION SECTION === Model Family= Seagate Momentus 7200.1 series Device Model= ST910021AS Serial Number= 3MH0498W Firmware Version= 3.07 User Capacity= 100,030,242,816 bytes Device is= In smartctl database [for details use: -P show] ATA Version is= 7 ATA Standard is= Exact ATA specification draft version not indicated Local Time is= Mon Aug 20 00:38:18 2007 PDT SMART support is= Available - device has SMART capability. SMART support is= Enabled === START OF READ SMART DATA SECTION === SMART overall-health self-assessment test result= PASSED Which is then indexed by Splunk.
A Splunk performance visualization search processor. See <a href="http://dev.splunk.com/2007/10/11/diagraming-splunk%e2%80%99s-data-flow-part-2-performance-overlays/">my blog</a> for more information.
Contains the basic extractions as well as some saved searches, reports, event types, and custom dashboard modules.
A modified version of sendemail.py which allows you to configure which fields are displayed in alert emails.
Command line utility to more easily search the splunk database, log specific errors and execute commands on a match. Comes with several predefined searches for cisco networking, and is easily extended. -s search Predefined search to run, use 'list' for options -cs string Custom search string passed in with quotes -l file Log results to file, appends by default -e email_addr Email addresses comma separated -x command Execute a command on a match -t time_restrict Suppress email alerts by time of day, use 'list' for options -d days Search over this many days in the past (default: 1) -m minutes Search over this many minutes in the past -c maxnum Max number of results (default: 100) -r Reverse results, (newest to oldest) -w Raw results, do not strip off timestamps -q Quiet Output, suppress errors -v Verbose output
This is a simple application to monitor change on network device configurations. It runs a scripted input to request the network device upload it's configuration file to a tftp server. The input reads /tftpboot for any files that get uploaded and indexes them through the fschange source.
This application reads in issues for a Jira server. It uses a scripted input that accesses the Jira remote SOAP interface.
This Splunk application manages Citrix XenServers. It includes inputs, indexing, searches, reports, dashboards and field actions.
When doing a CLI search for transactions, it can be hard to know the start and end points of the events. This script adds line breaks (with timestamps) between the events.
This application will allow you to collect data from a tcpdump standard output directly into Splunk, it will also perform the necessary field extractions based on the Common Information Model This application is compliant with the 3.3.x standard.