Systems Management Applications
Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.
- Recent
- |
- Highly Rated
- |
- Most Downloaded
Splunk for UNIX
The Splunk for UNIX application is a compilation of a dashboard, saved searches, eventtypes, and field extractions that work for various flavors of UNIX. In addition, the application also ships with a set of scripted inputs that can be used to monitor UNIX machines. Inputs like top, ps, vmstat, and netstat are supported.
Arkeia
Arkeia Network Backup Bundle used to index the common fields from the backup log file to make searching and reporting easier.
IPMI Fan Speeds
Gather and report on system fan speeds using ipmi
steveyz_bundle
A few useful searches leveraging the monitoring bundle data, using the multikv operator
SMART Disk Reporting
This bundle outputs this text : === START OF INFORMATION SECTION === Model Family= Seagate Momentus 7200.1 series Device Model= ST910021AS Serial Number= 3MH0498W Firmware Version= 3.07 User Capacity= 100,030,242,816 bytes Device is= In smartctl database [for details use: -P show] ATA Version is= 7 ATA Standard is= Exact ATA specification draft version not indicated Local Time is= Mon Aug 20 00:38:18 2007 PDT SMART support is= Available - device has SMART capability. SMART support is= Enabled === START OF READ SMART DATA SECTION === SMART overall-health self-assessment test result= PASSED Which is then indexed by Splunk.
WildPackets packet number removal
Removes packet numbers from WildPackets events.
getdevicetype
This search command will parse a csv file exported by network or systems device management software and match the hostnames/ip addresses in the file to host field values in you Splunk search, returning the new field devicetype for every match. The csv location is specified at the top of the script, and if you wish you can also alter the field matching to something other than "host" by changing the field variable in the script. The csv must be in the format "device_name,device_type". Thus, you can type: login | getdevicetype | where devicetype="cisco6500" to get only logins on cisco6500 devices or login | getdevicetype to get devicetype to display as a field below each event and be filterable and clickable like host and hosttag. or login | getdevicetype | top devicetype to get a report of number of events by devicetype.
OSX Battery Monitor
Bundle for monitoring battery usage on an OSX based laptop.
splunk2nagios
This add-on helps you set up Splunk to Nagios integration
Bladelogic NSH and Agent Logs
This bundle contains field extractions for the Bladelogic agent and nsh log files. Some sample reports are also included.
splunk2netcool
splunk2netcool integration for splunk 3.0
Splunk Parse
Splunk Parse (splunk_parse.py) is a python script you can set as your alert action on a saved search. It reads in the fields a saved search passing along and parses the corresponding saved search log file which is in CSV format. The parsing spits out the originating host and the full original problem. In this version it's feed to my ticketing system, but the output action can be easily changed.