Blogs

Valentine’s Day will be here in 3 short weeks. What’s better than chocolate and flowers? Splunk Schwag of course! Make this year memorable by ordering your favorite Splunk Schwag now so that it arrives by February 14.

Happy shopping!

Last week Google announced that Urchin will be closed as of March 2012.  We were sorry to hear of this announcement but understand that sometimes business decisions have to be made. We also recognize the huge commitment that Google has made in this area and the role Urchin and Google Analytics have played in helping bring Web Analytics mainstream. I know some members of the original Urchin team and want to thank them for the work on Urchin which helped shape Google Analytics. Without the initial success of these tools, Web Analytics would have not made the progress we have seen over the past ten years.  Today, smart organizations are starting and building products based on this data and Urchin…

Recently, Gartner published a report on APM Innovators, to recognize vendors that are driving an evolution in Application Performance Management.  Splunk is included in this report, even though it is not your traditional Systems or Application Monitoring tool – primarily driven by our fantastic customers who have deployed Splunk extensively to monitor their complex application environments.

This recognition is an important milestone for APM overall and for Splunk. In the past, Gartner has categorized it into 5 sub-segments – End User Experience Monitoring, Runtime Application Discovery, Modeling and Display, User-defined transaction profiling, Application deep-dive component monitoring and Analytics. However, as customers need increasingly to understand end-user experience from end to end in complex application environments, their requirements…

On behalf of all of us at Splunk, I’d like to welcome you to SplunkNews, our direct channel to journalists and bloggers interested in knowing more about Splunk, our products, the issues we keep our eyes on and information we think you’ll be interested in.

Our aim at SplunkNews is to keep things as centralized as possible. Splunk has a wealth of content that we think you’ll find interesting. On a regular basis, we will bring you up date you on the latest news from Splunk and interesting vignettes that might not make it into a press release but might be worth talking about.

One item that is still very top of mind here at Splunk is last week’s rollout…

Splunkbase has a new feature:  Star Ratings for apps!

Splunkbase now has 229 apps and add-ons (and growing!), and it’s time for a better way for our users to see the quality of a given app at a glance. The solution? Rate your favorite apps by assigning them a star rating.

You don’t have to write a text review of an app to rate it (although we’d really appreciate your honest feedback). Just hover your mouse over the number of stars you want to give an app and click.  That’s it!

If you decide to also post a review, you will see your star rating next to the review.  If you change your mind later, you…

“Security!  Security!  Security!”

Fellow Splunkers,

Yes, the old proverb is still true – there is perhaps nothing that gets the heart racing quite like… announcing new security features in enterprise software!  So fasten your seatbelt while I tell you about some of the exciting new features that made it in to Splunk 4.3.

At Splunk, ‘dot’ releases get you a lot and our newly minted Splunk 4.3 is no exception. I’ve spoken to many 4.3 beta customers in North America, Europe and Asia and they’re all excited. Customers such as Expedia, Swisscom, Ceryx and Otto Group, to name but a few.

Splunk 4.3 is now out and for a minor release it packs an elephant-sized punch! Our continuing emphasis on enhancing usability means that Splunk reaches more and more users on a daily basis. There are also subtle features we continue to add to make data exploration simpler and faster.

One exciting example is the new feature we added that makes structured data formats like XML/JSON easier to navigate within Splunk. While Splunk could always ingest XML/JSON data easily, navigating the nested hierarchical structure of these data formats was not intuitive.

With 4.3, we handle this data much better. Not only did we add color coding for fields within the hierarchy, we also added a search command…

There is a lot to like in Splunk 4.3 for security use cases, but three items should be of particular interest to security professionals.

Sparklines – Adding Time to Tables for Reporting

I use tables of information in several of the security reports I create. Usually I’ll want to track a particular type of event and include the number of times it happens along with an average over a period of time. This allows me to benchmark a particular threshold and use that as the impetus for an investigation. For example:

I want to track the number of successful accesses against assets where critical data is stored over a twenty-four hour period by user. My table will contain the name…

Many of you have read about the exciting launch of Splunk version 4.3.  This release has a number of enhancements which will help users.  Spunk is used by many users for web analytics and probably wondering how these features affect you.  Well, I am very excited to share that these features are available in the Web Intelligence App and also available for web analytics using core Splunk.  I am going to focus on couple of the features in this blog post – sparklines and data preview.

Context is King for any insightful analysis.  The context can be based on time (time series reporting) or comparing trends for various dimensions.  Visualization of these trends can make analysis faster and…