Technologies Applications
Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.
Featured Application:
Splunk for Windows Management
More...
- Recent
- |
- Highly Rated
- |
- Most Downloaded
AfterGlow Graphing
This new search processor enables the generation of link graphs through Splunk. See the README for more information.
Web access reports
Provides saved web access reports that you can access when needed.
Arkeia
Arkeia Network Backup Bundle used to index the common fields from the backup log file to make searching and reporting easier.
Cisco Pix Firewall Log Bundle
Cisco PIX firewall log bundle that indexes and extracts common fields, normalizing PIX firewall logs so they are Splunk-compliant and will work with other Splunk applications.
feorlen_twitter_alert
Example of using a 3rd party REST endpoint with a Splunk custom processor. Post a message to Twitter for sourcetype::access_common events containing the string "wikipedia" and add status info to the event so it gets indexed. Includes C++ source and osx-i386 binary.
IPFW - Field Definitions
This bundle contains field extractions for IPFW firewall log files.
PF - Field Definitions
This bundle contains field definitions for OpenBSD firewall events.
IPMI Fan Speeds
Gather and report on system fan speeds using ipmi
Nessus Bundle
This bundle extracts the common fields from a Nessus Vulnerability Scanner log file, such as the hostname, port, script id, and type.
nscreen
This bundle is for field extraction and reporting on netscreen firewalls
Ironport field extractions
Provides file classification, date extraction, and extractions for ironport data.
steveyz_bundle
A few useful searches leveraging the monitoring bundle data, using the multikv operator
IMAP Addon
This Addon will continually download mail from an imap account where it is indexed by a splunk server. You can do cool things like see how often you get mail from someone, graph by size, time, etc.
OS Monitoring
This bundle will one or more system level monitoring utilities and index the output. By indexing the system information you can help correlate events in logs with OS level trajectory information.
Web Page Monitor
This bundle will check a set of webpages every interval and index the result, time, size and optionally content and or crc of page(s). Its cool to do searches to see when your pages change, take long to load, or many other cool things.
javac++ bundle
adds reasonably good support for C++ and Java source code by breaking functions, classes, and structs into different events.
adds support for anonymizing log files at index time
anonymizes ip address as 127.0.0.1 (localhost); email addresses as user@domain.com ; social-security-numbers as 555-00-0000; password/passwd looking values as 'password' ; username/userid/login/user looking values as 'bob'.
Linux Failed Login
A series of saved searches to detect common login failures on Linux hosts.
Dee's wtmp input bundle
Help Splunk to index the output of last (from /var/log/wtmp), even though it's in a binary format.
SMART Disk Reporting
This bundle outputs this text : === START OF INFORMATION SECTION === Model Family= Seagate Momentus 7200.1 series Device Model= ST910021AS Serial Number= 3MH0498W Firmware Version= 3.07 User Capacity= 100,030,242,816 bytes Device is= In smartctl database [for details use: -P show] ATA Version is= 7 ATA Standard is= Exact ATA specification draft version not indicated Local Time is= Mon Aug 20 00:38:18 2007 PDT SMART support is= Available - device has SMART capability. SMART support is= Enabled === START OF READ SMART DATA SECTION === SMART overall-health self-assessment test result= PASSED Which is then indexed by Splunk.
Eggdrop IRC
A simple bundle to parse channel name, action status & msg, and user nick out of Eggdrop IRC channel logs.
SplunkWidget
Widget for the OS X Dashboard to list your saved searches and alerts. Double click on the uncompressed SplunkWidget to install, see the README.txt file for more info. Requires OS X Tiger, 10.4.3+
Google Earth / Google Maps
This bundle adds new field actions for IP addresses to locate the geographic origin of a connection.
Enable SSL in Splunk
A quick and simple add-on that enables SSL for your pre-3.2 Splunk server and Web interface.
WildPackets packet number removal
Removes packet numbers from WildPackets events.