Monitoring Searches Applications

Want to share searches?

Search Applications allow you to download Splunk searches other people have created, or to share ones you've made! Even cooler, an Application can have more than one type of content, so you can add searches to any Application.

Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.

Screenshot

Splunk for UNIX

The Splunk for UNIX application is a compilation of a dashboard, saved searches, eventtypes, and field extractions that work for various flavors of UNIX. In addition, the application also ships with a set of scripted inputs that can be used to monitor UNIX machines. Inputs like top, ps, vmstat, and netstat are supported.

Author: Splunk Type: Searches, Scripted Inputs, Inputs, Fields, Event Types
Rating:
(4 votes)
 Added: 7 months ago
Downloads: 23,657 Last Updated: 10 hours ago
License: Creative Commons Price: Free
Categories:

steveyz_bundle

A few useful searches leveraging the monitoring bundle data, using the multikv operator

Author: steveyz Type: Searches, Reports
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 79 Last Updated: 12 months ago
License: Creative Commons Price: Free
Categories:

Splunk Parse

Splunk Parse (splunk_parse.py) is a python script you can set as your alert action on a saved search. It reads in the fields a saved search passing along and parses the corresponding saved search log file which is in CSV format. The parsing spits out the originating host and the full original problem. In this version it's feed to my ticketing system, but the output action can be easily changed.

Author: shaggy Type: Searches, Integration, Custom Processing, Alerts
Rating: Awaiting 3 votes Added: 5 months ago
Downloads: 96 Last Updated: 5 months ago
License: Creative Commons Price: Free
Categories: