GitHub

Tutorial for pushing Databricks log to Splunk HEC endpoint

You need to create a HEC endpoint in your Splunk system if you don’t have one. We will not dive into this because there is a lot of materials for this in the ...
Security Boulevard

Splunk Tutorial: How To Bulk Enable Splunk Searches

In the Splunk GUI, you can select and enable multiple searches. However, what if you want to enable only a set of searches that match specific conditions?. There’s no built-in way to do this yet, but ...
Security Boulevard

Splunk Tutorial: KV Store Troubleshooting Adventures

One of my least favorite features in Splunk is KV Store – mainly, because whenever I have to deal with it as a Splunk administrator, it’s broken in some horrible new way that I need to figure out. The ...
GitHub

Splunk Python Modular Input example and tutorial

Modular inputs are a very powerful tool that helps the process of putting data into a Splunk instance. It's used when the traditional input data solutions (monitoring files, listening for TCP or UDP ...