This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I saw on a recent vacation).

Registration is officially open for .conf26 in Denver, Colorado! Secure your early bird ticket before June 22 and block off your calendar for the ultimate week of technical sessions, hands-on workshops, and networking.

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that opened up a rift in cyberspace that swallowed you whole! The only way out is through…. The story begins here

The 2026–2027 SplunkTrust application and nomination period is open. If you've been showing up for the Splunk Community — or know someone who has — now's the time to award them the hard-earned recognition they deserve!

Splunk User Group events are being hosted across the globe by region, product, and industry. Check out these upcoming events to connect with Splunk peers in-person and virtually.

So you searched, “what is the name of the usb key inserted by bob smith?” 

Read the article to find out more...

The learning doesn’t stop when .conf ends. Explore the new Best of .conf hub in the Splunk Community to revisit top sessions, watch recordings, and browse presentations organized by role and skill level.

Is your Splunk environment slowing down? Are you running low on CPU and RAM? The culprit is often a handful of inefficient scheduled searches, quietly consuming an unnecessary big portion of your resources. In this post, you’ll learn how to quickly identify the worst offenders, and how to apply simple fixes. Such Splunk housekeeping will lead to performance gains, cost savings, and happier users! 

Think you’ve built the ultimate Splunk Dashboard? We want to see your most creative, interactive, and impactful designs. Submit your best dashboard examples for a chance to be judged by the Honorary Splunk Trust and win a pass to .conf26 in Denver Colorado.

This puzzle (first published here) is based on matching timestamps to cron expressions.

All the timestamps follow this pattern:

Given that there are a number of interpretations/implementations of cron, it is worth specifying that the definition used in this puzzle follows this basic pattern:

Short names, ranges, step values and lists are also supported. Wikipedia has a good description of this here.

The challenge is to determine which timestamps do not correlate with any crontab entries (2), and which crontab entries do not correlate to any timestamps (2).

This is intended to be a regular expression and SPL challenge, i.e. convert the cron expressions to regular expressions in order to find matching timestamps, although you could just use SPL if you like!

Get to the answers you need faster with Federated Search and a home page activity feed tailored just for you.

This puzzle is based on the results of a Duplicate Bridge session I played in recently. The session was with 7 full tables, Hesitation Mitchell with relay between tables 3 and 4. Essentially, this means that there were 14 pairs (numbered 1 to 14) - 2 pairs per table, playing 24 boards (sets of cards) in 8 rounds of 3-board sets. After playing 3 boards, one of the pairs (usually the East/West pair) move to the next table and the boards (as a set of 3) move in the opposite direction. The details of the movement are not particularly relevant to solving this puzzle (and details can be found through an internet search, if you are interested)

This is a SPL challenge to determine the average percentage score for each pair.

This article contains a walkthrough to a solution for this puzzle, and demonstrates an approach to scoring events relative to each other as used as the basis for scores in duplicate bridge.

Advent of Code is a brilliant site run by Eric Wastl which has been running for over a decade setting programming puzzles in the style of an Advent Calendar during December. Full credit to Eric for conceiving these puzzles. Recently, Community member Gabriel Vasseur has been posting articles on his website, the eighth of which is here. Gabriel also posted links to his articles on the #puzzles Slack channel. This blog is my attempt to follow in Gabriel's footsteps with my own attempts at independently solving the Advent of Code puzzles. I am making no judgement on which solution is better, from my point of view, the fun is in trying to solve the puzzles with SPL.

Building OpenTelemetry Pipelines doesn’t have to be confusing. There’s three main components to a pipeline, and you’ll learn about all three in this fun incredible machine building experience. Figure out how to put the pieces together to get OT from the start of the pipeline to the end. When you’re done, enter for a chance to win Cisco Store credit for Splunk gear! 

Master the "what" and "how" of Splunk source types. Learn why these default indexed fields are the secret to efficient parsing, field extractions, CIM-normalization, and searching, and learn some special source type data analysis tips. 

Advent of Code is a brilliant site run by Eric Wastl which has been running for over a decade setting programming puzzles in the style of an Advent Calendar during December. Full credit to Eric for conceiving these puzzles. Recently, Community member Gabriel Vasseur has been posting articles on his website, the seventh of which is here. Gabriel also posted links to his articles on the #puzzles Slack channel. This blog is my attempt to follow in Gabriel's footsteps with my own attempts at independently solving the Advent of Code puzzles. I am making no judgement on which solution is better, from my point of view, the fun is in trying to solve the puzzles with SPL.

Advent of Code is a brilliant site run by Eric Wastl which has been running for over a decade setting programming puzzles in the style of an Advent Calendar during December. Full credit to Eric for conceiving these puzzles. Recently, Community member Gabriel Vasseur has been posting articles on his website, the sixth of which is here. Gabriel also posted links to his articles on the #puzzles Slack channel. This blog is my attempt to follow in Gabriel's footsteps with my own attempts at independently solving the Advent of Code puzzles. I am making no judgement on which solution is better, from my point of view, the fun is in trying to solve the puzzles with SPL.

Check out the Splunk User Group events that happening across the globe! Join an event or group to network with your Splunky peers, IRL or virtually.

Put on your engineer hat and save the big concert by helping Apple Stone use Code Profiling in Splunk APM to troubleshoot performance issues and bad customer experience. You’ll see why the fans aren’t happy and how to isolate the problem to exact source files and lines within the files. When you’re done, enter for a chance to win Cisco Store credit for Splunk gear! 

Master your data collection strategy with our guide to the Splunk Universal Forwarder. Learn where to download the UF, its key security benefits, and how to automate your installation.

Advent of Code is a brilliant site run by Eric Wastl which has been running for over a decade setting programming puzzles in the style of an Advent Calendar during December. Full credit to Eric for conceiving these puzzles. Recently, Community member Gabriel Vasseur has been posting articles on his website, the fifth of which is here. Gabriel also posted links to his articles on the #puzzles Slack channel. This blog is my attempt to follow in Gabriel's footsteps with my own attempts at independently solving the Advent of Code puzzles. I am making no judgement on which solution is better, from my point of view, the fun is in trying to solve the puzzles with SPL.

This puzzle is based on a letter grid containing tangled words. 

The diagram was created in draw.io which can use XML documents to export and import diagrams.

The challenge is to process the XML document using SPL to find the tangled words.

Advent of Code is a brilliant site run by Eric Wastl which has been running for over a decade setting programming puzzles in the style of an Advent Calendar during December. Full credit to Eric for conceiving these puzzles. Recently, Community member Gabriel Vasseur has been posting articles on his website, the fourth of which is here. Gabriel also posted links to his articles on the #puzzles Slack channel. This blog is my attempt to follow in Gabriel's footsteps with my own attempts at independently solving the Advent of Code puzzles. I am making no judgement on which solution is better, from my point of view, the fun is in trying to solve the puzzles with SPL.

We’ve reorganized the Splunk Community navigation to help you find the answers, programs, and events you love...faster than ever before. Dive in to see what’s new!

Stop struggling with inconsistent field names across your data sources. Learn how to use the Splunk Common Information Model (CIM) to simplify your SPL and future-proof your dashboards.

Advent of Code is a brilliant site run by Eric Wastl which has been running for over a decade setting programming puzzles in the style of an Advent Calendar during December. Full credit to Eric for conceiving these puzzles. Recently, Community member Gabriel Vasseur has been posting articles on his website, the third of which is here. Gabriel also posted links to his articles on the #puzzles Slack channel. This blog is my attempt to follow in Gabriel's footsteps with my own attempts at independently solving the Advent of Code puzzles. I am making no judgement on which solution is better, from my point of view, the fun is in trying to solve the puzzles with SPL.

Embark on a 16-bit adventure to master Splunk Observability Cloud. Play 'Into the Deep' to learn about system reliability and APM through seven interactive levels—and enter for a chance to win Cisco Store credit for Splunk gear! 

Want to learn Splunk Observability Cloud without the jargon? Play our 5-minute interactive games to master OpenTelemetry, Code Profiling, and AI-driven troubleshooting—and earn Cisco Store credit for Splunk gear while you do it!

Lightning Talks. Big Ideas. Two Chances to Join.

The Splunk Community Champions are back with rapid-fire sessions full of tips, tricks, and “oh dang” moments. Register for one of two global-friendly sessions and bring your brain.

Advent of Code is a brilliant site run by Eric Wastl which has been running for over a decade setting programming puzzles in the style of an Advent Calendar during December. Full credit to Eric for conceiving these puzzles. Recently, Community member Gabriel Vasseur has been posting articles on his website, the second of which is here. Gabriel also posted links to his articles on the #puzzles Slack channel. This blog is my attempt to follow in Gabriel's footsteps with my own attempts at independently solving the Advent of Code puzzles. I am making no judgement on which solution is better, from my point of view, the fun is in trying to solve the puzzles with SPL.