This short article shows how tokens and handlers can be used to modify how a dashboard operates, including replacing a chart that is waiting for a search to complete with a tailored HTML panel, changing the values used by CSS, and, controlling the order in which searches execute.

This series provides practical, real-time examples demonstrating how to use the Splunk AI Assistant effectively in Splunk Observability Cloud.

In this fourth post, we'll see how the AI Assistant can help us dig into unfamiliar metrics and provide real-time, contextual feedback so we can easily analyze our data and troubleshoot faster.

Join Us for the Next Installment of the Splunk AppDynamics Agents Series – LIVE on YouTube! During this event, you’ll learn how to deploy AppDynamics APM agents in containerized applications like Kubernetes, with practical insights and demonstrations tailored to real-world scenarios.

It's that time, folks! The application/nomination period for the 2025 SplunkTrust is officially open! APPLY to join the SplunkTrust or NOMINATE a fellow Splunk practitioner now!

Hello Splunk Community!

Welcome to the June edition II of Splunk Answers Community Content Calendar!

This series provides practical, real-time examples demonstrating how to use the Splunk AI Assistant effectively in Splunk Observability Cloud.

In this third post, we'll see how the AI Assistant can help maintain organizational compliance and manage infrastructure costs.

We’re excited to announce our first two inaugural badges!

Meet William—aka The Splunk Guy—whose path from building websites to engineering cloud-scale solutions is anything but ordinary. Starting in Web Development and evolving into a Cloud and Security Expert, William has transformed personal projects into impactful tools for the Splunk community. From pandemic response systems to CI/CD automation, discover how his hands-on approach, passion for DevOps, and love for tinkering (both with tech and sourdough) make him a standout in the world of Splunk.

Stay ahead of the curve and in the know with our comprehensive list of upcoming Tech Talks, Community Office Hours, and webinars. From insightful discussions to hands-on workshops, there’s something for everyone eager to dive deeper and learn. Don’t miss out — mark your calendars now!

This series provides practical, real-time examples demonstrating how to use the Splunk AI Assistant effectively in Splunk Observability Cloud.

In this second post, we’ll use the AI Assistant to perform detailed root cause analysis and analyze service performance and deployment impacts.

Hello Splunk Community!

Welcome to the June edition of Splunk Answers Community Content Calendar!

This month, we’re excited to share Getting Started with Splunk Artificial Intelligence, a brand new guide that shows you how to use AI-driven insights with Splunk software no matter where you are in your AI adoption journey. We’re also showcasing how Splunk is transforming nonprofit operations with new guidance to help these organizations deliver services to their beneficiaries and stakeholders more securely, quickly, and efficiently. And as usual, we’re linking you to all the other articles we’ve added over the past month, with new articles sharing best practices and guidance for the Splunk platform, new data sources, and Splunk’s security and observability products. Read on to find out more.

This series provides practical, real-time examples demonstrating how to use the Splunk AI Assistant effectively in Splunk Observability Cloud. In this first post, you'll learn how the AI Assistant can quickly identify unknown issues in your environment.

Turning Your Financial Data Streams into a Comprehensive Fraud Defense System

Discover how Amazon EventBridge can seamlessly route AWS events and findings to Splunk, offering real-time insights and proactive monitoring. This article guides you through setting up API destinations and crafting EventBridge rules to ensure timely data delivery, leveraging services like Amazon GuardDuty and AWS CloudTrail. With EventBridge's robust event delivery system and Splunk's powerful analytics, transform your security and operational workflows into a scalable, resilient solution. Dive in to unlock the full potential of your AWS-Splunk integration today!

When it comes to getting data in, one of the earliest decisions made is what to use as a sourcetype. Often, this choice gets less thought, less consideration than any other detail in log onboarding. That's a mistake. Picking the right sourcetype often drives the right behavior throughout the log onboarding process.

Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a housekeeping update, it’s a critical step in ensuring long-term support, enhanced security, and compatibility with your Splunk apps and add-ons. R

In today’s fast-moving environments, getting alerts is only half the battle—what really matters is making them actionable. In this article, I’ll walk through how I integrated Splunk Observability Cloud alerts directly into Webex Teams to streamline collaboration and improve incident awareness. While we’re not running a full-scale SRE operation, staying informed about issues impacting our community projects—like splunkgames.com—is critical.

I’ll show you how to leverage Webex Adaptive Cards for clean, actionable notifications, use Splunk’s webhook helper functions to dynamically customize alert details, and add direct links for rapid investigation. Whether you’re looking for a lightweight way to stay informed or want to extend your existing observability workflows, this integration is simple, practical, and easy to customize to your team’s needs.

Get ready for the most useful (and fun) event you’ll attend this year — see you in Boston September 8 - 11!

When a fraudster spreads activity across multiple channels, they can fly under the radar of traditional detection systems. In this final part of our fraud detection series, I break down a real case where a bank caught a coordinated fraud scheme by connecting web traffic and account creation data that seemed innocuous when viewed separately. Find out how they used Splunk to spot the shared password that exposed the entire operation—and stopped a $250k loss before it happened.

Stay Ahead with the Latest from the Splunk App Dev Community!

Whether you're crafting new solutions, fine-tuning existing apps, or just beginning your developer journey, this roundup is packed with updates, expert insights, and growth opportunities to help you get even more out of the Splunk platform. In this roundup, we’re highlighting key updates—from expert-led sessions and hands-on SPL2 workshops to upcoming platform changes and a brand-new Developer Program. Let’s dive into what’s happening now and what’s coming next!

Stay ahead of the curve and in the know with our comprehensive list of upcoming Tech Talks, Community Office Hours, and webinars. From insightful discussions to hands-on workshops, there’s something for everyone eager to dive deeper and learn. Don’t miss out — mark your calendars now!

This month, we’re excited to feature a suite of articles that your Splunk Admin will love - how to get maximum performance from the Splunk platform on the indexing, forwarding, and search head tiers. We’re also sharing how you can use SPL2 templates to reduce log size for popular data sources, with guidance on how to implement these safely in production environments. And as usual, we’re sharing all of the other new articles we’ve added over the past month, with articles covering Cisco capabilities, platform upgrades, and more. Read on to find all the details.

We're excited to introduce our new Content Calendar, your go-to guide for spotlighted questions from key boards and a dedicated SME Day each month, featuring expert insights and community driven solutions. 

Brute force attacks are evolving beyond single-account targeting to coordinated, distributed campaigns that fly under traditional security radar. In this second installment of our fraud detection series, we examine how one financial institution used Splunk to uncover and halt a sophisticated attack targeting dozens of high-value accounts. Learn how connecting authentication data across accounts revealed attack patterns that would have remained invisible to conventional security tools, potentially preventing over a million dollars in losses.

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers creating a panel to show rates instead of counts for each status.

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers creating an alternative way of comparing hourly rates with the previous few days.

The Splunk Developer Program is now live in public preview! Access centralized tools, resources and community support to build innovative apps on Splunk. Learn more at preview.dev.splunk.com

2024 has been an exciting and transformative year for Splunkbase and our developer community. We've made significant strides in enhancing the Splunk App Dev Ecosystem, improving developer experiences, and driving innovations in app development. This review highlights our key achievements, major milestones, and the road ahead for 2025.

Meet Brett: Splunker, innovator, and all-around tech enthusiast. From building apps that solve real-world problems to geeking out over video games and home automation, Brett’s journey is as dynamic as the data he works with. Discover what drives this SplunkTrust star in our latest Spotlight feature!