http://www.splunkbase.com/feed/apps.rss/Custom%20Processing/Technologies Latest SplunkBase Applications filtered by Custom Processing in category Technologies rcarney Thu, 23 Oct 2008 23:50:16 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:Script+for+database+inputs 4c689287f2e986f028679173d14ac8fb This script is designed to be used as a scripted input for data contained in database tables. Plese refer to the Splunk Admin guide for more information on configuring scripted inputs. The script has been successfully used in a number of deployments, and should work with Oracle, MySQL, and sybase databases as-is. Other database types can be added by installing the appropriate perl DBD module, and editing the script to configure for the new dbtype. In this version, all of the SQL code has been abstracted from the script, and all parameters including the query are passed as commandline arguments to the script. erik Fri, 10 Oct 2008 23:47:49 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:Splunk+for+VMware+ESX+Management eaba98b4f8386d4ed8552c81028cf465 Splunk indexes all IT data across every tier - the physical servers, hypervisor, VMs, and deployed applications, capturing and persisting 100% of your data in real-time. It includes inputs, indexing, searches, reports and dashboards. Splunk Sat, 26 Apr 2008 21:28:56 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:Splunk+Replay d63730ba49f07050b89da3eb523ec6a8 Inspired by glTail.rb and Digg Lab’s Stack, Splunk Replay is a Flash-based, data visualization tool which “replays” your Splunk'd logfile activities in an animated layout. Replay generates animated barchart graphs using two extracted fields from the events it receives from Splunk. For example, if you have Splunk eat wiki data, you can plot the wiki user and wiki page they are editing, and then animate those relationships over a given time range. Events particles are emitted from rows on the y-axis and stack up in columns x-axis. When a new row value is created, a random color is assigned to it for the duration of the session. These colors are then used in stacked bars to illustrate the amount of activity for a given row value. Older values on both axis are cycled out if more room is needed for newer data. More information, and instructions for installing replay can be found on the developer's wiki: http://code.google.com/p/splunk-flash/wiki/SplunkReplay yantisj Fri, 04 Apr 2008 14:41:38 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:Splunk+Alert 8e2c2a15568cedc48cb46355dbdd805b Command line utility to more easily search the splunk database, log specific errors and execute commands on a match. Comes with several predefined searches for cisco networking, and is easily extended. -s search Predefined search to run, use 'list' for options -cs string Custom search string passed in with quotes -l file Log results to file, appends by default -e email_addr Email addresses comma separated -x command Execute a command on a match -t time_restrict Suppress email alerts by time of day, use 'list' for options -d days Search over this many days in the past (default: 1) -m minutes Search over this many minutes in the past -c maxnum Max number of results (default: 100) -r Reverse results, (newest to oldest) -w Raw results, do not strip off timestamps -q Quiet Output, suppress errors -v Verbose output shaggy Tue, 18 Mar 2008 22:06:36 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:Splunk+Parse 6d1bf077e7913237de81dfbcae840b6c Splunk Parse (splunk_parse.py) is a python script you can set as your alert action on a saved search. It reads in the fields a saved search passing along and parses the corresponding saved search log file which is in CSV format. The parsing spits out the originating host and the full original problem. In this version it's feed to my ticketing system, but the output action can be easily changed. araitz Tue, 18 Dec 2007 19:25:57 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:Sancp%7FSguil+Add-on 86554233c6f753ca862119b8d13bdb0e This bundle indexes sancp logs when sancp is patched with the sguil output patch, extracts the fields, then sends to a processor which converts the decimal IP addresses to dotted format. deeann Tue, 02 Oct 2007 20:22:09 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:Enable+SSL+in+Splunk 773eae93545d03bcc0c19629fe23724d A quick and simple add-on that enables SSL for your pre-3.2 Splunk server and Web interface. carasso Mon, 20 Aug 2007 01:23:57 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:adds+support+for+anonymizing+log+files+at+index+time 68d72996a68ce809bc4d3c7b54916d9e anonymizes ip address as 127.0.0.1 (localhost); email addresses as user@domain.com ; social-security-numbers as 555-00-0000; password/passwd looking values as 'password' ; username/userid/login/user looking values as 'bob'. ssorkin Fri, 17 Aug 2007 20:07:35 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:Ironport+field+extractions 54b9c491e0030048e9dc8718f26927d9 Provides file classification, date extraction, and extractions for ironport data. andrea Mon, 13 Aug 2007 03:26:17 +0000 http://www.splunkbase.com/apps/Custom%20Processing/Technologies/app:feorlen_twitter_alert 9fcc3a25cf99144267c02b2d69c03227 Example of using a 3rd party REST endpoint with a Splunk custom processor. Post a message to Twitter for sourcetype::access_common events containing the string "wikipedia" and add status info to the event so it gets indexed. Includes C++ source and osx-i386 binary.