http://www.splunkbase.com/feed/apps.rss/Alerts Latest SplunkBase Applications filtered by Alerts Splunk Thu, 21 Aug 2008 18:50:38 +0000 http://www.splunkbase.com/apps/Alerts/app:Splunk+for+PCI dee992af056843fe38d6ed22d52676c5 The Splunk PCI application offers over 57 reports, more than 91 saved searches, a dashboard, and corresponding alerts you can use to satisfy PCI requirements such as secure remote access, file integrity monitoring, secure log collection, daily log review, audit trail retention, and PCI control reporting. nimishd Wed, 13 Aug 2008 17:07:55 +0000 http://www.splunkbase.com/apps/Alerts/app:Consuming+Splunk+RSS+Feeds+in+Java 7a4842c44867d34be1ca7146c4cc6594 This application demonstrates how to consume an RSS alert feed in Java from any saved search from Splunk. It uses Sun's RSS parser (included) to gather the feed and breaks up the fields into a Java Bean. Since the RSS Splunk Alert presents meta information about saved search, the included Link in the RSS entry is then used within the same command line application to retrieve each entry from the saved search using the Splunk provided Java SDK. It is hoped that this code will be used to better serve the Splunk Java community for: - A method to consume RSS feeds from SPlunk with Java - A way to use the feed's link to gather all entries from a saved search - A foundation to pass search entries to higher level Java applications Splunk Tue, 12 Aug 2008 23:10:56 +0000 http://www.splunkbase.com/apps/Alerts/app:splunk2nagios 45e012497f119c83d7e2a4e3e58c5fc7 This add-on helps you set up Splunk to Nagios integration Splunk Wed, 23 Jul 2008 23:01:41 +0000 http://www.splunkbase.com/apps/Alerts/app:Splunk+for+Change+Management 95d9940cef25692b9483d352c8ed494c Splunk for Change Management provides predefined reports and dashboards to facilitate change auditing, change detection, change reporting, change validation and incident response based on change events, change tickets and configuration files. yantisj Fri, 04 Apr 2008 14:41:38 +0000 http://www.splunkbase.com/apps/Alerts/app:Splunk+Alert 8e2c2a15568cedc48cb46355dbdd805b Command line utility to more easily search the splunk database, log specific errors and execute commands on a match. Comes with several predefined searches for cisco networking, and is easily extended. -s search Predefined search to run, use 'list' for options -cs string Custom search string passed in with quotes -l file Log results to file, appends by default -e email_addr Email addresses comma separated -x command Execute a command on a match -t time_restrict Suppress email alerts by time of day, use 'list' for options -d days Search over this many days in the past (default: 1) -m minutes Search over this many minutes in the past -c maxnum Max number of results (default: 100) -r Reverse results, (newest to oldest) -w Raw results, do not strip off timestamps -q Quiet Output, suppress errors -v Verbose output shaggy Tue, 18 Mar 2008 22:06:36 +0000 http://www.splunkbase.com/apps/Alerts/app:Splunk+Parse 6d1bf077e7913237de81dfbcae840b6c Splunk Parse (splunk_parse.py) is a python script you can set as your alert action on a saved search. It reads in the fields a saved search passing along and parses the corresponding saved search log file which is in CSV format. The parsing spits out the originating host and the full original problem. In this version it's feed to my ticketing system, but the output action can be easily changed. Splunk Mon, 03 Mar 2008 23:44:14 +0000 http://www.splunkbase.com/apps/Alerts/app:splunk2netcool a2d5060f779e6047ba2c256ac5b6aafb splunk2netcool integration for splunk 3.0 araitz Fri, 16 Nov 2007 21:52:33 +0000 http://www.splunkbase.com/apps/Alerts/app:Alex%27s+sendemail.py 0042a2ac83bd0d2496baf6bd423caa8c A modified version of sendemail.py which allows you to configure which fields are displayed in alert emails. maverick Fri, 07 Sep 2007 04:20:12 +0000 http://www.splunkbase.com/apps/Alerts/app:Nessus+Bundle 761b6685ad2bb1f397ab50934bd0affe This bundle extracts the common fields from a Nessus Vulnerability Scanner log file, such as the hostname, port, script id, and type. maverick Fri, 07 Sep 2007 04:18:53 +0000 http://www.splunkbase.com/apps/Alerts/app:Negative+Searching+Demo+Bundle 5c0f7184d8c648bae1e1991d91f83aef This bundle, created jointly by Maverick and Stephen Sorkin, demonstrates a way to perform negative searches by indexing known patterns and catching anomalous patterns into a separate index. andrea Wed, 05 Sep 2007 18:30:16 +0000 http://www.splunkbase.com/apps/Alerts/app:SplunkWidget b1d193511802f6e0270f1fcf9fbfc10f Widget for the OS X Dashboard to list your saved searches and alerts. Double click on the uncompressed SplunkWidget to install, see the README.txt file for more info. Requires OS X Tiger, 10.4.3+ andrea Mon, 13 Aug 2007 03:26:17 +0000 http://www.splunkbase.com/apps/Alerts/app:feorlen_twitter_alert 9fcc3a25cf99144267c02b2d69c03227 Example of using a 3rd party REST endpoint with a Splunk custom processor. Post a message to Twitter for sourcetype::access_common events containing the string "wikipedia" and add status info to the event so it gets indexed. Includes C++ source and osx-i386 binary.