The dojo of Splunk. Learn, share, teach, mentor.
Videos
Latest Activity
tees for the holy day
I have several Splunk Tees, but I don't have the batbelt Tee I see the ninja has. Does anyone know how I can get a free version of that Tee? I am a devoted Splunk disciple and wear Splunk every Friday. I would cherish a new NO TIGHTS Tee to wear on that most holy day.See More
Blog post by Mike Hartford
Jason Hagerty updated their profile
.conf 2011 - Field Extractions: Making Regex Your Buddy
I did this presentation at Splunk's 2011 User Conference. I'm working on a video, but if you'd like to check out the presentation in the mean time, its embedded right here from SlideShare.net. Also, a direct download link for the PDF is below.
Direct Download of this Presentation (PDF)
Forum
New Splunk Taglines 2 Replies
Started by Michael Wilde in Humor, Taglines, Easter Eggs. Last reply by Pero Peric Jan 9.
Question about transform wmi on a heavy forwarder
Started by Tom in General Questions Dec 17, 2011.
Correlation between different source that have different value key 1 Reply
Started by Andi Susanto in Cool Search Commands. Last reply by Michael Wilde Nov 3, 2011.
Blog Posts
Splunk for Blue Coat Proxy SG - Setup help!
Recently, I've seen a number of folks who have been trying to use the Splunk for Blue Coat Proxy SG app and the proxy together so the logs come in to Splunk and they are displayed properly in Splunk.
Check out this guide, I hope it helps!
Big props go out to SplunkNinja community member and Blue Coat Pre-Sales… Continue
Check out this guide, I hope it helps!
Big props go out to SplunkNinja community member and Blue Coat Pre-Sales… Continue
Posted by Michael Wilde on September 25, 2009 at 2:00pm — 3 Comments
Getting more intelligence on how much data splunk is eating.
As you know, there is a License pane in Splunk Manager (admin interface) that lets you know your "peak daily volume", and that figure is compared against your license volume. (free, or enterprise)
In the Splunk search app, (as of version 4.0.5) there is an "Index Activity" status dashboard in the search app (http://yoursplunkserver:8000/en-US/app/search/index_status). It does give you more information such as:
In the Splunk search app, (as of version 4.0.5) there is an "Index Activity" status dashboard in the search app (http://yoursplunkserver:8000/en-US/app/search/index_status). It does give you more information such as:
- Top five sourcetypes (by total KB indexed) in the last…
Posted by Michael Wilde on November 6, 2009 at 8:24am — 4 Comments
Notes
Redesign
I'm kinda bored with the UI on this website and will make it better... Also, I need to do some new shirts.. if anyone wants to help, let me know.
...just sayin
Created by Michael Wilde Mar 3, 2011 at 7:30am. Last updated by Michael Wilde Mar 22, 2011.
Events
The SplunkNinja social network is a community for Splunk users, customers and enthusiasts. Share, learn and communicate. Freely.
Be a part of the community!
Help fund SplunkNinja.com
(this site is not funded by Splunk, Inc). There are monthly fees to remove advertising. Help out if you like
Splunk Ninja T-Shirts
Since we're a community, we put together some logo wear which we hope everyone likes. It is available for purchase (with no profit) here.
Note: they're American Apparel. No crap here.
© 2012 Created by Michael Wilde.
