The Splunk Guy: A Developer’s Path from Web to Cloud
Behind the Build: A Dev’s Story from Curiosity to Splunk .conf
After his 2017 Splunkbase release, William discovered that building an app for public use required a new level of design, documentation, and portability. Many of his projects started as personal experiments, but sharing them with the Community has been highly rewarding. He has also delivered a number of .conf talks and workshops on app development, focusing on getting started, tools and techniques, and his passion for CI/CD.
Splunking Since 2013: From Pandemic Response to Cloud Powerhouse
In 2020, William was tasked with building a monitoring service for the UK’s Covid vaccination and Test Tracking initiatives using IT Service Intelligence (ITSI). What began as a single-use case quickly evolved into a major project, with teams across the country utilizing the monitoring and sending logs in every format imaginable. This deepened his understanding of Splunk’s capabilities. Since then, he has consulted for UK companies, focusing on Splunk Cloud, On-Prem to Cloud migrations (including ITSI and Enterprise Security), and elements of the Splunk Observability Suite.
Deploy Smarter, Not Harder: Inside the Automated Deployment Helper for Splunk Cloud
The app addresses CICD challenges by automating Splunk deployments using on-demand or scheduled authentication tokens. It supports Github.com, GitLab.com, GitLab Hosted pipelines, and AWS Secrets Manager. By generating short-lived, task-specific tokens, it enhances security, minimizes unauthorized risks, ensures token accountability, and enforces least privilege. This solution supports DevOps and CI/CD practices, reserving admin credentials for emergencies while delegating tasks to non-admin staff via role-specific tokens.
Behind the App: Simplifying Splunk Cloud Workflows with Secure Integration
Splunk's REST APIs and cloud platform facilitate CI/CD integration, but managing secrets and tokens can be challenging for enterprises with strict security needs. To address this, the app was developed to generate short-lived, scoped tokens just-in-time, streamlining workflows, enhancing security, and enabling audit trails. Initially designed to export Splunk Cloud app contents into Git for audit and version control, the app evolved to support a two-way sync between Git and Splunk Cloud, supporting use cases like managing Splunk Cloud via the Admin Config Service, performing backups, and deploying Splunk ES consistently using tools like GitLab CI and GitHub Actions.
Splunk App Development Like a Pro: Tools That Make It Easy
For Splunk app development, the Universal Configuration Console (UCC) Framework is recommended for simplifying modular input apps that pull data from API endpoints. Complementing UCC, the Pytest Splunk Addon provides automated test coverage, offering reassurance for both Splunkbase apps and internal apps, ensuring compatibility with Splunk version upgrades or app changes.
Additionally, the Splunk UI testing framework automates UI configuration workflows just as a real user would, enabling the application of DevOps best practices, such as Test-Driven Development, to Splunk app projects. The Splunk community is beginning to embrace these practices, and broader adoption is encouraged.
For those new to Splunk app development, sessions like "Splunk App Building 101: Learn, Create and Navigate the Ecosystem" provide excellent starting points with workshops and downloadable guides. Experimentation and community support are key to success.
Tech Projects and Tiny Hands: A Day in Will’s Life
Would you believe it - William often finds himself working on more Splunk projects in his spare time! It’s a bit of a busman’s holiday. Joking aside, he has a young family (three girls!) who keep him busy and make it hard to tackle the backlog of personal projects. Lately, he’s found himself spending more time on creative endeavors around the house: perfecting sourdough (but it never lasts until the next day), gardening, and crafting (and being drawn on!) with the little ones.
Want to be our next Developer Spotlight? Let us know by filling out this form!
