All Scripted Inputs Applications
Want to use APIs or shell commands to get data into Splunk?
Scripted Input Applications can be used to feed data into Splunk that is available through APIs or shell commands. Create your own, or download scripts created by other members of the Splunk community!
Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.
- Recent
- |
- Highly Rated
- |
- Most Downloaded
Splunk for IMAP
This application will continually download mail from an imap account where it is indexed by a splunk server. You can do cool things like see how often you get mail from someone, graph by size, time, etc.
Splunk for UNIX
The Splunk for UNIX application is a compilation of a dashboard, saved searches, eventtypes, and field extractions that work for various flavors of UNIX. In addition, the application also ships with a set of scripted inputs that can be used to monitor UNIX machines. Inputs like top, ps, vmstat, iptables, and netstat, are supported.
Splunk for VMware ESX Management
Splunk indexes all IT data across every tier - the physical servers, hypervisor, VMs, and deployed applications, capturing and persisting 100% of your data in real-time. It includes inputs, indexing, searches, reports and dashboards.
Web Page Monitor
This bundle will check a set of webpages every interval and index the result, time, size and optionally content and or crc of page(s). Its cool to do searches to see when your pages change, take long to load, or many other cool things.
Script for database inputs
This script is designed to be used as a scripted input for data contained in database tables. Plese refer to the Splunk Admin guide for more information on configuring scripted inputs. The script has been successfully used in a number of deployments, and should work with Oracle, MySQL, and sybase databases as-is. Other database types can be added by installing the appropriate perl DBD module, and editing the script to configure for the new dbtype. In this version, all of the SQL code has been abstracted from the script, and all parameters including the query are passed as commandline arguments to the script.
Dee's wtmp input bundle
Help Splunk to index the output of last (from /var/log/wtmp), even though it's in a binary format.
Nmap Scripted Input & Field Extraction
Want to put your Nmap output into Splunk? Check out this add-on, which will parse your grepable Nmap output into a scripted input and then perform some field extraction on the data.
Perl POP3 Scripted Input
This is a simple perl script that reads messages from a POP3 account. Once the message is read and indexed, the message is deleted.
Splunk for Citrix XenServer Management
This Splunk application manages Citrix XenServers. It includes inputs, indexing, searches, reports, dashboards and field actions.
Splunk for tcpdump
This application will allow you to collect data from a tcpdump standard output directly into Splunk, it will also perform the necessary field extractions based on the Common Information Model This application is compliant with the 3.3.x standard.
Web Services Weather as Scripted Input
[NOTE to Splunk: This is a resubmission as the application is now in .spl format and has been tested on MAC OS and Windows XP] This distribution calls a weather web service periodically with a list of cities as input which is output to Splunk's indexer. The code makes use of the Apache Axis client library to call a web service as a scripted input to retrieve Weather reports for major cities and use each response as an Event stored in XML format. It is used as a demonstration for using web services as a scripted input. You can choose your own cities to build your time series weather data store. The work to call the web service for each city country pair is done in the GatherWeather.java program. To install, unzip and un tar the distribution in SPLUNK_HOME/etc/apps and read the README_WS.txt file for further configuration.
Web Services Stock Quote as Scripted Input
This distribution calls a Stock Quote web service with a list of stock symbols as input which is output to Splunk's indexer. The code makes use of the Apache Axis client library to call a web service as a scripted input to retrieve Stock Quote reports for stock symbols and use each response as an Event stored in XML format. It is used as a demonstration for using web services as a scripted input. The work to call the web service for each stock symbol is \ done in the GatherStockQuote.java program. To install, use tar zxvf and place the stockquotes directory under SPLUNK_HOME/etc/apps/. Then read the README_StockQuote.txt for further configuration. You can use this to create your own time series data store for stock information and create reports. This ships with one field action to get detailed information on a Symbol. (use xmlkv to extract the Symbol field).
BSM Audit log loader
This app will on an interval convert local audit logs to text while keeping track of the last time it ran as to not get duplicates. Run this app on a server that is running bsm to capture audit logs before they roll.
App Deployment
This application provides a way to distribute applications via the Deployment Server. Currently (3.4.3) the deployment server creates a tar file (as .bundle) for each application, and stores the configuration and discards the rest of the file. This script runs as a scripted input as a one-shot at startup. The script will go through each bundle that has been distributed to the instance, checks to see if a bin/ directory exists, checks the 'checksum' against the .checksum file within the instances etc/apps/APPNAME/ directory, if the file doesn't exist or the checksum does not equal that of the bundle the bin/ directory is extracted to the instances etc/apps/APPNAME/ directory.
IRC Splunk Bot
This application provides bi-directional integration between Splunk and an IRC Server. It logs and indexes the conversation from a channel as a scripted input and it replies to searches executed against that same Splunk server.
Splunk for MySQL
A collection of Splunk scripted inputs, eventtypes, and reports for MySQL monitoring and diagnostics.
Splunk for Solaris Zones
The Splunk for Solaris Zones application is similar to the system monitoring capabilities in the Splunk for UNIX app. Splunk for Zones uses zone capable options in commands like prstat and ps but also introduces the ability to grab statistics directly from running zones using zlogin.