The Archive supports a collection of apps for Splunk prior to version 4.0. Browse the menu at left to find apps or add-ons by the category of solution they provide or the Splunk function they're built for. To learn more about installing apps in Splunk 3.x, check the Adminstration Manual for your version.
Search Script apps let you extend the Splunk search language. Create your own, or download scripts created by other members of the Splunk community!
This search processor enables the generation of link graphs through Splunk. Make sure you follow the instructions in the README (once installed, located in etc/apps/afterglow) to configure the application!
This search script (nslookup.py) will perform reverse name lookup on every IP from an event at search time.
This search command will parse a csv file exported by network or systems device management software and match the hostnames/ip addresses in the file to host field values in you Splunk search, returning the new field devicetype for every match. The csv location is specified at the top of the script, and if you wish you can also alter the field matching to something other than "host" by changing the field variable in the script. The csv must be in the format "device_name,device_type". Thus, you can type: login | getdevicetype | where devicetype="cisco6500" to get only logins on cisco6500 devices or login | getdevicetype to get devicetype to display as a field below each event and be filterable and clickable like host and hosttag. or login | getdevicetype | top devicetype to get a report of number of events by devicetype.
A Splunk performance visualization search processor. See <a href="http://dev.splunk.com/2007/10/11/diagraming-splunk%e2%80%99s-data-flow-part-2-performance-overlays/">my blog</a> for more information.
Create customizable PDF reports using this perl script, which includes the Intersplunk.pm module written by Andrew Hoying. Some knowledge of Perl required to install the Perl PDF modules available via CPAN.
This Splunk application manages Citrix XenServers. It includes inputs, indexing, searches, reports, dashboards and field actions.
Identify and analyze log files from the Zope web application server
Multirex allows the extraction of multivalued fields in events where a given key may occur one or more times with one or more values.
NetTool is a search processor that will filter search results to only show events that match a given CIDR block or IP address range.
A perl version of the python Intersplunk module that ships with Splunk.
Convert hex values to base10 decimal values OR base10 decimal values to hex values.
This custom sendemail allows email attributes (e.g. to, from, body, subject) on a per-alert basis.
Splunk for Double-Take, a collaborative platform, brings higher system availability, lower cost of maintaining availability, and simplified monitoring of business critical Microsoft Exchange and SQL Server environments. By adding the power of Splunk IT Search into the Double-Take offering, users can tap into the capabilities of real-time search, alerting, reporting and analysis, to aggressively and proactively ensure successful failover conditions through a broader view of their environment.