awesome-awesomeness/html/splunk.html

<div data-align="center">
<pre><code>&lt;img width=&quot;344&quot; height=&quot;193&quot; src=&quot;https://raw.githubusercontent.com/sduff/awesome-splunk/master/splunk.jpg&quot; alt=&quot;Splunk&quot;&gt;</code></pre>
</div>
<h1 id="awesome-splunk-awesome">Awesome Splunk <a
href="https://awesome.re"><img src="https://awesome.re/badge.svg"
alt="Awesome" /></a></h1>
<blockquote>
<p>A curated list of awesome apps, visualisations and other resources
for Splunk.</p>
</blockquote>
<p><a href="https://splunk.com"><em>Splunk</em></a> captures, indexes,
and correlates real-time data in a searchable repository from which
graphs, reports, alerts, dashboards, and visualizations can be
generated. It is widely used in industries such as finance, utilities,
healthcare and manufacturing for use-cases including security,
compliance and IT service monitoring.</p>
<h2 id="contents">Contents</h2>
<ul>
<li><a href="#basics">Basics</a> Basic resources for getting
started</li>
<li><a href="#apps">Apps</a>
<ul>
<li><a href="#premium-apps">Premium Apps</a></li>
</ul></li>
<li><a href="#visualisations">Visualisations</a></li>
<li><a href="#conferences-meet-ups-and-socialising">Conferences,
Meet-Ups and Socialising</a></li>
<li><a href="#unofficial-resources">Unofficial Resources</a></li>
</ul>
<h2 id="basics">Basics</h2>
<p>Basic resources for getting started with Splunk.</p>
<ul>
<li><a href="https://splunk.com">Splunk Website</a> - Splunk’s Homepage.
<ul>
<li><a href="https://www.splunk.com/download">Downloads</a> - Download
page.</li>
<li><a href="https://www.splunk.com/page/previous_releases">Previous
Releases</a> - Previous versions of Splunk Enterprise, Splunk
Forwarders.</li>
</ul></li>
<li><a href="https://answers.splunk.com">Splunk Answers</a> - Splunk’s
Community Questions and Answers.</li>
<li><a href="https://splunkbase.splunk.com">SplunkBase</a> - Splunk and
Community built apps and add-ons.</li>
<li><a href="https://blogs.splunk.com/">Splunk Blogs</a> - Blog posts on
various topics.</li>
<li><a href="https://dev.splunk.com">Splunk Dev</a> - Develop on Splunk.
<ul>
<li><a href="https://dev.splunk.com/enterprise/dev_license/">Free Dev
License</a> - Request a free Splunk Developer license.</li>
</ul></li>
<li><a href="https://docs.splunk.com/">Splunk Docs</a> -
Documentation.</li>
<li>Splunk Sizing Calculators
<ul>
<li><a href="https://splunk-sizing.appspot.com/">Storage</a> - Web Based
Storage Requirement Calculator.</li>
</ul></li>
</ul>
<h2 id="apps">Apps</h2>
<p>Recommended Splunk Apps.</p>
<ul>
<li><a
href="https://www.splunk.com/en_us/software/splunk-enterprise/server-and-infrastructure-monitoring-and-troubleshooting.html">Splunk
App for Infrastructure</a> - Correlate logs and metrics for
infrastructure monitoring.
<ul>
<li><a href="https://splunkbase.splunk.com/app/3975/">Splunkbase
Entry</a> - Download page.</li>
<li><a href="https://docs.splunk.com/Documentation/InfraApp">SAI
Documentation</a> - Splunk App for Infrastructure Documentation.</li>
<li><a
href="https://docs.splunk.com/Documentation/InfraApp/latest/Install/About">SAI
Install Guide</a></li>
</ul></li>
<li><a
href="https://github.com/jimmyatSplunk/SplunkForwarderRepairKit">Miscellaneous
Scripts for fixing issues with the Universal Forwarder</a> - This kit
was compiled based on common issues with Splunk deployments and managing
idiosyncrasies that tend to naturally occur.</li>
</ul>
<h3 id="premium-apps">Premium Apps</h3>
<p>Premium Apps for Splunk.</p>
<h4 id="enterprise-security">Enterprise Security</h4>
<p>Splunk Enterprise Security is the nerve centre of the security
ecosystem, giving teams the insight to quickly detect and respond to
internal and external attacks, simplify threat management minimizing
risk.</p>
<ul>
<li><a
href="https://www.splunk.com/en_us/software/enterprise-security.html">ES
Home Page</a> - Splunk’s Home Page for Enterprise Security.</li>
<li><a href="https://splunkbase.splunk.com/app/263/">ES Splunkbase
Entry</a> - Download page (if licensed).</li>
<li><a href="https://docs.splunk.com/Documentation/ES/latest">ES
Documentation</a> - Splunk documentation for Enterprise Security.</li>
<li><a href="https://github.com/sduff/awesome-es/">Awesome-ES</a> - An
Awesome list for all things Enterprise Security.</li>
</ul>
<h4 id="it-service-intelligence">IT Service Intelligence</h4>
<p>Splunk IT Service Intelligence (ITSI) is a monitoring and analytics
solution powered by artificial intelligence for IT Operations (AIOps)
that provides visibility into health and key performance indicators of
critical IT and business services, and its infrastructure.</p>
<ul>
<li><a
href="https://www.splunk.com/en_us/software/it-service-intelligence.html">ITSI
Home Page</a> - Splunk’s Home Page for IT Service Intelligence.</li>
<li><a href="https://splunkbase.splunk.com/app/1841/">ITSI Splunkbase
Entry</a> - Download page (if licensed).</li>
<li><a href="https://docs.splunk.com/Documentation/ITSI/latest">ITSI
Documentation</a> - ITSI Documentation.</li>
<li><a href="https://github.com/sduff/awesome-itsi/">Awesome-ITSI</a> -
An Awesome list for all things IT Service Intelligence.</li>
</ul>
<h2 id="visualisations">Visualisations</h2>
<ul>
<li><a href="https://splunkbase.splunk.com/app/4370/">Event Timeline
Viz</a> - Interactive timeline with call-outs for events.</li>
<li><a href="https://splunkbase.splunk.com/app/3120/">Timeline</a> -
Interactive timeline.</li>
<li><a href="https://splunkbase.splunk.com/app/3514/">Halo</a> -
Hierarchical, relational pie charts.</li>
<li><a href="https://splunkbase.splunk.com/app/4460/">Heat Map</a> - A
grid of related measurements, colour intensity derived from the
value.</li>
<li><a href="https://splunkbase.splunk.com/app/3162/">Calendar Heat
Map</a> - Heatmap broken down by days.</li>
<li><a href="https://splunkbase.splunk.com/app/3129/">Punchcard</a> -
Punchcard Visualisation.</li>
<li><a href="https://splunkbase.splunk.com/app/3117/">Horizon Chart</a>
- Horizon Chart Visualisation.</li>
<li><a href="https://splunkbase.splunk.com/app/3112/">Sankey Diagram</a>
- Sankey Diagram Visualisation.</li>
<li><a href="https://splunkbase.splunk.com/app/3674/">WebGL Globe</a> -
Spinning globe with events correlated to locations (flashy C-level
eye-candy).</li>
<li><a
href="https://splunkbase.splunk.com/apps/#/app_content/visualizations">Splunkbase
Custom Visualizations</a> - Download other custom visualizations from
Splunkbase.</li>
</ul>
<h2 id="conferences-meet-ups-and-socialising">Conferences, Meet-Ups and
Socialising</h2>
<ul>
<li><a href="https://usergroups.splunk.com/">UserGroups</a> - Find a
nearby usergroup.</li>
<li><a href="https://conf.splunk.com">.Conf</a> - Splunk’s annual
conference website.
<ul>
<li><a href="https://conf.splunk.com/watch/conf-online.html">Past .Conf
Material</a> - Watch past presentations and download the slides from
past .conf presentations.</li>
</ul></li>
<li><a href="http://splk.it/slack">Splunk UserGroups Slack</a> -
Splunk’s publicly accessible Slack.</li>
<li><a href="https://reddit.com/r/splunk">/r/Splunk</a> - Unofficial
Sub-Reddit.</li>
<li><a href="https://wiki.splunk.com/Community:IRC">IRC</a> -
Instructions for connecting to <code>#splunk</code> of Efnet.</li>
<li><a href="https://www.mylogocloud.com/splunk">Splunk Store</a> -
Order some Splunk Schwag you missed from a meetup or .conf.</li>
<li><a
href="https://www.splunk.com/en_us/community/splunk-trust.html">Splunk
Trust</a> - The Splunk Trust is an invite only group of Splunk
Ninjas.</li>
</ul>
<h2 id="unofficial-resources">Unofficial Resources</h2>
<p>Useful Splunk resources that are not specifically associated with
Splunk Inc.</p>
<h4 id="personal-home-pages">Personal Home Pages</h4>
<ul>
<li><a href="https://simonduff.net/splunk">Simon Duff</a> -
Miscellaneous scripts and visualisations.</li>
<li><a href="https://www.rfaircloth.com/">Ryan Faircloth</a> - Security
and Syslog related materials.</li>
<li><a href="http://www.georgestarcher.com/">George Starcher</a> - Many
Splunk related items, including details on Splunk ES’s Extreme
Search.</li>
<li><a href="https://anthonygtellez.github.io/">Anthony Tellez</a> -
Security and Machine Learning items.</li>
<li><a href="https://www.duanewaddle.com/">Duane Waddle</a> -
Miscellaneous Splunk items.</li>
<li><a href="https://github.com/hire-vladimir/">Vladimir’s GitHub</a> -
Code for a number of Splunk resources, including <a
href="https://github.com/hire-vladimir/SA-cim_vladiator">CIM
Validation</a>.</li>
<li><a href="https://github.com/nicovdw/">Nico’s GitHub</a> - Repository
of searches and dashboards to assist with optimising concurrency
settings.</li>
<li><a href="https://www.davidveuve.com/tech/">David Veuve</a> - Some
early resources on Splunk basics and optimisations (infrequently
updated).</li>
</ul>
<h4 id="spl-repositories">SPL Repositories</h4>
<p>Collections of useful Splunk searches</p>
<ul>
<li><a href="https://gosplunk.com/">GoSplunk</a> - Search Engine for
Splunk Queries split by sourcetype and use-case.</li>
</ul>
<h2 id="contribute">Contribute</h2>
<p>Contributions welcome! Read the <a
href="contributing.md">contribution guidelines</a> first.</p>
<h2 id="licence">Licence</h2>
<p><a href="https://creativecommons.org/publicdomain/zero/1.0"><img
src="https://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg"
alt="CC0" /></a></p>
<p>To the extent possible under law, Simon Duff has waived all copyright
and related or neighbouring rights to this work.</p>
<p><a href="https://github.com/sduff/awesome-splunk">splunk.md
Github</a></p>