Awesome
<div align="center"> <img width="344" height="193" src="https://raw.githubusercontent.com/sduff/awesome-splunk/master/splunk.jpg" alt="Splunk"> </div>Awesome Splunk 
A curated list of awesome apps, visualisations and other resources for Splunk.
Splunk captures, indexes, and correlates real-time data in a searchable repository from which graphs, reports, alerts, dashboards, and visualizations can be generated. It is widely used in industries such as finance, utilities, healthcare and manufacturing for use-cases including security, compliance and IT service monitoring.
Contents
- Basics Basic resources for getting started
- Apps
- Visualisations
- Conferences, Meet-Ups and Socialising
- Unofficial Resources
Basics
Basic resources for getting started with Splunk.
- Splunk Website - Splunk's Homepage.
- Downloads - Download page.
- Previous Releases - Previous versions of Splunk Enterprise, Splunk Forwarders.
- Splunk Answers - Splunk's Community Questions and Answers.
- SplunkBase - Splunk and Community built apps and add-ons.
- Splunk Blogs - Blog posts on various topics.
- Splunk Dev - Develop on Splunk.
- Free Dev License - Request a free Splunk Developer license.
- Splunk Docs - Documentation.
- Splunk Sizing Calculators
- Storage - Web Based Storage Requirement Calculator.
Apps
Recommended Splunk Apps.
- Splunk App for Infrastructure - Correlate logs and metrics for infrastructure monitoring.
- Splunkbase Entry - Download page.
- SAI Documentation - Splunk App for Infrastructure Documentation.
- SAI Install Guide
- Miscellaneous Scripts for fixing issues with the Universal Forwarder - This kit was compiled based on common issues with Splunk deployments and managing idiosyncrasies that tend to naturally occur.
Premium Apps
Premium Apps for Splunk.
Enterprise Security
Splunk Enterprise Security is the nerve centre of the security ecosystem, giving teams the insight to quickly detect and respond to internal and external attacks, simplify threat management minimizing risk.
- ES Home Page - Splunk's Home Page for Enterprise Security.
- ES Splunkbase Entry - Download page (if licensed).
- ES Documentation - Splunk documentation for Enterprise Security.
- Awesome-ES - An Awesome list for all things Enterprise Security.
IT Service Intelligence
Splunk IT Service Intelligence (ITSI) is a monitoring and analytics solution powered by artificial intelligence for IT Operations (AIOps) that provides visibility into health and key performance indicators of critical IT and business services, and its infrastructure.
- ITSI Home Page - Splunk's Home Page for IT Service Intelligence.
- ITSI Splunkbase Entry - Download page (if licensed).
- ITSI Documentation - ITSI Documentation.
- Awesome-ITSI - An Awesome list for all things IT Service Intelligence.
Visualisations
- Event Timeline Viz - Interactive timeline with call-outs for events.
- Timeline - Interactive timeline.
- Halo - Hierarchical, relational pie charts.
- Heat Map - A grid of related measurements, colour intensity derived from the value.
- Calendar Heat Map - Heatmap broken down by days.
- Punchcard - Punchcard Visualisation.
- Horizon Chart - Horizon Chart Visualisation.
- Sankey Diagram - Sankey Diagram Visualisation.
- WebGL Globe - Spinning globe with events correlated to locations (flashy C-level eye-candy).
- Splunkbase Custom Visualizations - Download other custom visualizations from Splunkbase.
Conferences, Meet-Ups and Socialising
- UserGroups - Find a nearby usergroup.
- .Conf - Splunk's annual conference website.
- Past .Conf Material - Watch past presentations and download the slides from past .conf presentations.
- Splunk UserGroups Slack - Splunk's publicly accessible Slack.
- /r/Splunk - Unofficial Sub-Reddit.
- IRC - Instructions for connecting to
#splunkof Efnet. - Splunk Store - Order some Splunk Schwag you missed from a meetup or .conf.
- Splunk Trust - The Splunk Trust is an invite only group of Splunk Ninjas.
Unofficial Resources
Useful Splunk resources that are not specifically associated with Splunk Inc.
Personal Home Pages
- Simon Duff - Miscellaneous scripts and visualisations.
- Ryan Faircloth - Security and Syslog related materials.
- George Starcher - Many Splunk related items, including details on Splunk ES's Extreme Search.
- Anthony Tellez - Security and Machine Learning items.
- Duane Waddle - Miscellaneous Splunk items.
- Vladimir's GitHub - Code for a number of Splunk resources, including CIM Validation.
- Nico's GitHub - Repository of searches and dashboards to assist with optimising concurrency settings.
- David Veuve - Some early resources on Splunk basics and optimisations (infrequently updated).
SPL Repositories
Collections of useful Splunk searches
- GoSplunk - Search Engine for Splunk Queries split by sourcetype and use-case.
Contribute
Contributions welcome! Read the contribution guidelines first.
Licence
To the extent possible under law, Simon Duff has waived all copyright and related or neighbouring rights to this work.