Archive
Highlighted

Want to know about Splunk apps and add-on tools

Path Finder
  1. Is it possible to collect and index data from Mongo DB using Splunk without any extra license cost?

  2. Is it possible to collect data from 3 different sources and compare daily sales from three different sources and publish it on a Dashboard using Splunk Enterprise?

  3. How can I get to know that which apps and add-on are free as well as which are paid in Splunk Enterprise?

Please share the links also if you have

Tags (2)
0 Karma
Highlighted

Re: Want to know about Splunk apps and add-on tools

SplunkTrust
SplunkTrust

It sounds like you are trying to figure out whether you should implement Splunk, and you are trying to produce the information for someone to make a decision.

In the big picture, Splunk is a full-formed enterprise system, and it is capable of amazing things. The value you get out of it will depend on the data you put in, understanding how to use it, and continually improving your organizational clarity on what Splunk's strategic purpose in your organization is, so that you understand the value you are already receiving, and so that your efforts are increasing the value over time, not just throwing more data or resources at the tool, and expecting it to magically make decisions for you.


Here's some part of the answers you are looking for...

1) I believe you can search MongoDB using connectors and add-ons without incurring license, but indexing is the basic unit of how Splunk gets paid for its service, so the answer is, "no, you can't generally index things for free, other than on a trial basis."

There are many ways for Splunk to access data, but if you want to index the data for fastest and most efficient search, then you'll need to buy that service.

2) Absolutely yes. That's the basic function of Splunk, and it's very good at comparing information and presenting it.

However, I can't give you just one reference for that, because you need to understand how SPL searches work, how to build dashboards, and you need to fill in a lot more details about what information you have and how you want to compare it before anyone can help you with the pieces you need to know.

When you have a better, more specific question, search this site for answers, then ask the clearest, most specific question you can that will solve your issue. The more clear and specific your question, the better advice you are likely to receive.

3) Start small. Start with what you believe you need to do, and identify one or two potential apps that might help you do that. There are literally hundreds of apps available, most of them free. In fact, most of the apps will be free, especially if their purpose is to help you ingest data that comes from other proprietary systems (things you already pay license fees for elsewhere). Ingest, that is, as opposed to analyze.

Some of the basic analysis tools for the data from those other products will be free, and some will not. It will be a case by case basis. The deeper the analytic capability, the more likely that there will be some fees involved.


Hopefully that gives you a general response to your questions. Please feel free to join the splunk Slack channel, and ask general question like these in the #general and #n00bs subchannels, where you will get quick orientation advice. When you are ready to ask more specific questions, they will point you to the right channel, or back here for the things that require long essays that are worthy of being retained for future reference.