Does anyone else remember the ‘choose your own adventure books’ from the 90s? I do, and this year’s #splunkconf16 has me almost as excited as getting a brand spankin’ new pile of books. Just kidding, 2016 user conference is going to be much, much better!

(No, this is not an ITSI Glass Table)

Splunk .conf2016 is coming up fast, and everyone on the Splunk team is excited to head down to the happiest place on earth for this year’s user conference. Check out some key details below about the great sessions that will be featured in the Splunk IT Operations track this year at .conf 2016. This year, we’ve made it easy for you by parsing the sessions into …

Hey there community and welcome to the 76^th installment of Smart AnSwerS.

SplunkTrust member rich7177 graced us with his presence at HQ earlier this week, and was awarded an awesome trophy from the Splunk documentation team for always providing constructive feedback. Not only has he been helpful with improving the docs, but he’s an all-star on Answers too! Five of his many contributions have been featured in this Smart AnSwers blog series to date, with more to come I’m sure Congratulations Rich!

It’s a shame he couldn’t stick around until next week to join us for our monthly San Francisco Bay Area user group meeting next Wednesday, September 7^th @ 6:30PM. If you happen to be in the area, …

As organizations grow, the number of applications and tools utilized to perform a job and support the business of the organization inevitably grows. It is not unheard of for enterprises to literally have hundreds of on premise, SAAS and Cloud based tools and applications. Making sure users of those applications are who they say they are means, at the least, one must authenticate themselves into the application. Although it was effective, people frowned on the practice of sticking a mass of Post-it notes on a monitor with user names and passwords. Password vault tools are a nice alternative to the Post-it, but it still means one has pull up the password vault app to look up a forgotten password to …

“Hey Ninja! My manager just got me access to this ‘Splunk’ thing and I was able to log in and all but all I see is this screen with a search bar. What the heck is this and where are all the answers? What do I do here?”

After way too many situations teaching newbies about Splunk, I finally took a step back and asked myself: What if when they logged in to Splunk, they were presented with all the materials needed to get Splunking? Not only would they get answers more rapidly, but I’d get a heck of a lot more work done with less distractions.

Attempting to solve this, I created dashboards that “Welcomed” users to the Splunk environment by providing …

I want to introduce you to our internal Splunk platform, SplunkZero. I’ll go into some detail on the philosophy of how we chose to deploy Splunk at Splunk, but what I hope to do is kick start the conversation about how we gain value with our own products.

A little bit about myself, in the 5+ years I’ve been here at Splunk, I have worked in both marketing and IT orgs and am excited to now be leading the SplunkZero team. I am passionate about our products and love seeing how excited our customers get when the talk about how they leverage Splunk.

The name SplunkZero came out of a request from our markets group that IT be driving internal …

As part of the Cloud Adoption team, I am working with Splunk Cloud (and Splunk Enterprise) customers on a daily basis and I get asked questions quite frequently about how to optimize, and effectively reduce, administration overhead. This becomes especially relevant when I am talking with new or relatively new customers that are expanding from a handful of forwarders, into the 100’s or 1000’s of forwarders. And I always say…. start with a Deployment Server.

For larger customers that have trained and experienced Splunk Administrators, or have engaged with Professional Services, this is a given and typically already exists in their deployments.

On the other end however, new Splunk Cloud and Splunk Enterprise customers may not have this luxury.…

Welcome to the Dashboard Digest Series! Starting today you can look forward to a different dashboard (and sometimes a collection of dashboards) that was created to solve one of many hundreds of use cases in just about any industry in hopes of getting your creative juices flowing and show you the art of possible of what you can create with Splunk.  Some upcoming examples you can expect in this series are depicted in the collage below.

Each post will contain information about the dashboard such as data sources involved, Splunk version, Apps used, and general purpose. This is a great way to see new features and learn about tips and tricks on how to create these dashboards!

So let’s get started!

The first …

What’s a Modular Alert (and why should I care)?

Modular Alerts is a feature in included in Splunk 6.3 and later that allows it to actively respond to events and send alerts, gather more data, or perform actions. Splunk includes an API that makes it easy for people to write their own apps with modular alerts that can be shared on apps.splunk.com.  See the official docs for more detailed information.

Modular Alerts can used for things such as:

• Notifications: send out a message letting people know something happened (e.g. Twilio SMS Alerting, Slack Notification Alert, HipChat Room Notification Alert(
• Automation: perform an action whenever a particular event is detected by Splunk (e.g. Insteon Home Automation Control, IFTTT Alert Action, Octoblu

Hey there community and welcome to the 75^th installment of Smart AnSwerS.

The “Where Will Your Karma Take You” contest officially ended this past Monday, and the winners were announced in a Splunk blog post by piebob earlier this week. BIG congratulations to sundareshr, skoelpin, and jkat54 for accruing the most karma points during the competition period, earning them each a free pass to .conf2016! If any of these guys have helped you solve your issues on Splunk Answers, be sure to thank them for being such awesome community contributors if you happen to cross paths.

Check out this week’s featured Splunk Answers posts:

How to encode a URL for a Hipchat notification alert action

Memory on mobile devices is a shared resource, and apps that manage memory improperly run out of memory and crash. iOS manages the memory footprint of an application by controlling the lifetime of all objects using object ownership, which is part of the compiler and runtime feature called Automatic Reference Counting (ARC). When you start interacting with an object, you’re said to own that object, which means that it’s guaranteed to exist as long as you’re using it. When you’re done with the object, you relinquish ownership and if the object has no other owners, the OS destroys the object and frees up the memory. Not relinquishing ownership of an object causes memory to leak and the app to crash. …