Splunk
Basics
6_ENTRIESBasic resources for getting started with Splunk.
- Splunk Sizing CalculatorsStorage - Web Based Storage Requirement Calculator.
- Splunk Website
Splunk's Homepage.Downloads - Download page.Previous Releases - Previous versions of Splunk Enterprise, Splunk Forwarders.
- Splunk Answers
Splunk's Community Questions and Answers.
- SplunkBase
Splunk and Community built apps and add-ons.
- Splunk Blogs
Blog posts on various topics.
- Splunk Dev
Develop on Splunk.Free Dev License - Request a free Splunk Developer license.
- Splunk Docs
Documentation.
Apps
2_ENTRIESRecommended Splunk Apps.
- Splunk App for Infrastructure
Correlate logs and metrics for infrastructure monitoring.Splunkbase Entry - Download page.SAI Documentation - Splunk App for Infrastructure Documentation.SAI Install Guide
- Miscellaneous Scripts for fixing issues with the Universal Forwarder
This kit was compiled based on common issues with Splunk deployments and managing idiosyncrasies that tend to naturally occur.
Enterprise Security
4_ENTRIESSplunk Enterprise Security is the nerve centre of the security ecosystem, giving teams the insight to quickly detect and respond to internal and external attacks, simplify threat management minimizing risk.
- ES Home Page
Splunk's Home Page for Enterprise Security.
- ES Splunkbase Entry
Download page (if licensed).
- ES Documentation
Splunk documentation for Enterprise Security.
- Awesome-ES
An Awesome list for all things Enterprise Security.
IT Service Intelligence
4_ENTRIESSplunk IT Service Intelligence (ITSI) is a monitoring and analytics solution powered by artificial intelligence for IT Operations (AIOps) that provides visibility into health and key performance indicators of critical IT and business services, and its infrastructure.
- ITSI Home Page
Splunk's Home Page for IT Service Intelligence.
- ITSI Splunkbase Entry
Download page (if licensed).
- ITSI Documentation
ITSI Documentation.
- Awesome-ITSI
An Awesome list for all things IT Service Intelligence.
Visualisations
10_ENTRIES- Event Timeline Viz
Interactive timeline with call-outs for events.
- Timeline
Interactive timeline.
- Halo
Hierarchical, relational pie charts.
- Heat Map
A grid of related measurements, colour intensity derived from the value.
- Calendar Heat Map
Heatmap broken down by days.
- Punchcard
Punchcard Visualisation.
- Horizon Chart
Horizon Chart Visualisation.
- Sankey Diagram
Sankey Diagram Visualisation.
- WebGL Globe
Spinning globe with events correlated to locations (flashy C-level eye-candy).
- Splunkbase Custom Visualizations
Download other custom visualizations from Splunkbase.
Conferences, Meet-Ups and Socialising
7_ENTRIES- UserGroups
Find a nearby usergroup.
- .Conf
Splunk's annual conference website.Past .Conf Material - Watch past presentations and download the slides from past .conf presentations.
- Splunk UserGroups Slack
Splunk's publicly accessible Slack.
- /r/Splunk
Unofficial Sub-Reddit.
- IRC
Instructions for connecting to
#splunkof Efnet. - Splunk Store
Order some Splunk Schwag you missed from a meetup or .conf.
- Splunk Trust
The Splunk Trust is an invite only group of Splunk Ninjas.
Personal Home Pages
8_ENTRIES- Simon Duff
Miscellaneous scripts and visualisations.
- Ryan Faircloth
Security and Syslog related materials.
- George Starcher
Many Splunk related items, including details on Splunk ES's Extreme Search.
- Anthony Tellez
Security and Machine Learning items.
- Duane Waddle
Miscellaneous Splunk items.
- Vladimir's GitHub
Code for a number of Splunk resources, including CIM Validation.
- Nico's GitHub
Repository of searches and dashboards to assist with optimising concurrency settings.
- David Veuve
Some early resources on Splunk basics and optimisations (infrequently updated).
SPL Repositories
1_ENTRIESCollections of useful Splunk searches
- GoSplunk
Search Engine for Splunk Queries split by sourcetype and use-case.