Turn Machine Data into Real-time Visibility, Insight and Intelligence

Ever needed to analyze your system? To look what’s going on? Always faced the insanaty of huge logs? Then I may have a working solution for you…and yes it is partly free and yes it is cloud based. The magical product is SplunkStorm from splunk.com.

WHAT IS SPLUNKSTORM?

From the documentation – http://www.splunk.com/product :

Splunk Enterprise is the platform for machine data. It’s the easy, fast and resilient way to collect, analyze and secure the massive streams of machine data generated by all your IT systems and technology infrastructure.

Troubleshoot problems and investigate security incidents in minutes (not hours or days). Monitor your end-to-end infrastructure to avoid service degradation or outages. Gain real-time visibility and critical insights into customer experience, transactions and behavior. Make your data accessible, usable and valuable to everyone.

HOW TO GET STARTED?

  • First create an account
  • Next add your first project
  • Choose the plan you wish to use, in this case I can live with the Free plan1Gb storage.

  • SplunkStorm Main Dashboard

WHAT’S NEXT?

Lets import our first logs file. For the purpose of this post I only use a file based log. Forwarders seems a great approach but this is too far for an introduction.

Press the File menu item :

Upload a log file. I use the log file from an Oracle Service Bus installation running on top of Weblogic.

After pressing the upload button, the Splunk magic is started. Splunk starts parsing the log file, extracting the log based on the timestamps.

VIEWING THE DATA

Go to the Project home, then press explore data.

Quickly, as soon as SplunkStorm has finished indexing your log files, you can drill down issue, follow what’s going on, …

NOT CLOUD MINDED?

Splunk also has a local installer which can be installed on the different platforms Linux, Mac, Windows, …  Should I have more time, I ‘ll drill further into the reporting capacities of this tool in future posts.

SOURCES

Splunk.com
Splunkstorm.com
Doc: https://www.splunkstorm.com/storm/support
Tutorial: http://docs.splunk.com/Documentation/Storm/latest/User/WelcometotheStormtutorial

Author : A.Reper

blogger

blogger

Curious to know more about this topic?

Working at i8c

i8c is a system integrator that strives for an informal atmosphere between its employees, who have an average age of approx 30 years old. We invest a lot of effort in the professional development of each individual, through a direct connection between the consultants and the management (no multiple layers of middle management). We are based in Kontich, near Antwerp, but our customers are mainly located in the triangle Ghent-Antwerp-Brussels and belong to the top 500 companies in Belgium (Securex, Electrabel, UCB, etc…).

Quality Assurance

i8c is committed to delivering quality services and providing customer satisfaction. That’s why we invested in the introduction of a Quality Management System, which resulted in our ISO9001:2000 certification. This guarantees that we will meet your expectations, as a reliable, efficient and mature partner for your SOA & integration projects.

i8c - ISO9001-2015

Also worth reading

AWS AppFlow: Streamlining SaaS Integrations with AWS Services

In today’s digital world, organizations are constantly looking for ways to streamline their workflows and improve their data management processes. One of the key challenges that organizations face is integrating their various software as a service (SaaS) applications with their data management systems. This is

Read More »

Apigee Scope Validation using OpenAPI Specification

In API security and management, we often use a lot of different security mechanisms to protect the requested resource behind the API Gateway. One of these mechanisms is the validation of scopes to authorize a client on a specific sub-resource of the API. Most of

Read More »