-
Splunk Spotlight - The Lookup Command
I copied this blog post from Matthew Hodgkins Blog located at: [Matthew Hodgkins](https://hodgkins.io/) Splunk is an amazing logging aggregation and searching tool. Even though I’ve been using it a few months now, I feel like I am just scratching the surface of what it can do. My company recently switch over from the ELK stack (ElasticSearch, LogStash and Kibana) as we were moving to the cloud, with a focus on using managed services. The ELK...…
-
Splunk Spotlight - Alerts
I copied this blog post from Matthew Hodgkins Blog located at: [Matthew Hodgkins](https://hodgkins.io/) Once you have your data in Splunk, you often come across situations when you would like to be notified when something happens (or doesn’t). This is where Splunk alerts come in, where we can get alerts based on search results. Getting Splunk setup Getting test data Enable a TCP port Running a data generator script Alerting basics Cron scheduling Example 1 -...…
-
Splunk AWS App/Addon Troubleshooting
Information is here. Getting Splunk and the App/additional Getting Splunk and the App/additional The free edition of Splunk allows you to store 500mb/day. You can find a comparison of features here. You can use the free version for these examples. The Splunk AWS App can be downloaded here and the AWS Addon can be downloaded here. Make sure you have installed docker-compose. …