- Advanced Splunk
- Ashish Kumar Tulsiram Yadav
- 455字
- 2021-07-02 16:36:03
Splunk apps and technology add-ons
It is very easy and simple to create a basic Splunk app or technology add-on using the Splunk Web console. We will also study how Splunk apps and add-ons can be manually created and configured in the further topics.
What is a Splunk app?
A Splunk app is basically a collection of all the dashboards, alerts, and visualizations created for a specific use case. It is a collection of an entire use case packaged in such a way that it can be installed on any Splunk Enterprise deployment to gain specific insight from the uploader, provided that its minimum requirements are fulfilled.
Splunk apps can be configured on the basis of user roles and permissions, thus providing a level of control when deploying and sharing the application across different stakeholders of the app. A Splunk app is created taking a use case into consideration and to avoid rework in case of the same use case or data sources. Splunk apps are applications that are ready to be used once the data is on board the Splunk Enterprise server.
Splunk apps make it easier for users of Splunk Enterprise to use the same deployment for different use cases; for example, the same Splunk deployment is used for network health monitoring, security and threat detection, and many more… Each Splunk application can be used for each use case, even though it is available on the same Splunk Enterprise deployment server and has the ability to assign roles where the apps will be visible and can be used only by authenticated users of each app.
Later in this chapter, you will learn how to create Splunk apps and manage and install Splunk applications on Splunk Enterprise.
What is a technology add-on?
A Splunk add-on is basically a single-component, reusable application with no user interface, and it can be used in many uses cases. A Splunk add-on can be a script that is used to fetch data from a web server and upload it to Splunk. Now, this add-on can be used along with any other application and use case where one of the requirements is to fetch and upload data from a web server. In such scenarios, Splunk add-ons can reduce the rework required to do the same task.
Splunk add-ons can be bundled with one or more Splunk apps that have similar requirements. The following are a few examples of Splunk add-ons:
- Custom data parsing and field extraction before data is uploaded on Splunk
- Custom scripts to fetch data from one or more sources and then upload it on Splunk
- Creating custom macros and sourcetypes
- Reusable JavaScript and CSS
- Custom regular expression detection and data cleaning before uploading data on Splunk
- Designing Machine Learning Systems with Python
- JavaScript語言精髓與編程實踐(第3版)
- Apache Hive Essentials
- Python 3破冰人工智能:從入門到實戰
- C程序設計案例教程
- Flutter跨平臺開發入門與實戰
- PySide 6/PyQt 6快速開發與實戰
- C語言程序設計
- Getting Started with Eclipse Juno
- Java零基礎實戰
- Mastering Akka
- 智能手機APP UI設計與應用任務教程
- Learning Material Design
- Unity Character Animation with Mecanim
- Practical Predictive Analytics