All Topics

Learn Splunk

All Topics

It’s premiere season, and Splunk Education is rolling out new releases you won’t want to miss. Whether you’re dipping your toes into the world of data analytics for the first time or returning for an... See more...
It’s premiere season, and Splunk Education is rolling out new releases you won’t want to miss. Whether you’re dipping your toes into the world of data analytics for the first time or returning for an exciting sequel of skill-building, our new courses are here to help you reach your goals. Our programs include expert instructors, interactive labs, and self-paced offerings that will keep you on the edge of your seat.     Here’s what’s playing this month:    Instructor-Led Feature Course Platform: Building Splunk UI Apps Get a front-row seat to hands-on training led by Splunk experienced instructors. Learn how to build intuitive, user-friendly apps that wow your audience—no popcorn required. Paid eLearning with Labs Platform: Introduction to Implementing Splunk SmartStore for Indexer Clusters Go behind the scenes. You’ll dig into SmartStore architecture, explore cluster configurations, and build confidence in deploying data at scale. Free On-Demand Offerings Observability: Installing and Administering ITSI, AppDynamics 25.1 Update Security: Developing SOAR Playbooks for Splunk Enterprise Security There are no tickets to purchase or long lines to contend with for these new releases! So, if you’re looking to turn your curiosity into career currency, then find the course that supports your learning journey and we will see you in class.  Explore the full Splunk Course Catalog, grab a virtual seat, learn something new, and stay tuned for next month’s feature drops from Splunk Education. — Callie Skokos on behalf of the Splunk Education Crew
Welcome back to Splunk Classroom Chronicles, our ongoing blog series that pulls back the curtain on Splunk Education. Each episode introduces you to the passionate people behind our instructor-led tr... See more...
Welcome back to Splunk Classroom Chronicles, our ongoing blog series that pulls back the curtain on Splunk Education. Each episode introduces you to the passionate people behind our instructor-led training and shares stories straight from the classroom, in the words of our dedicated learners.   In a world where tech is constantly evolving, staying sharp means staying curious. That’s where Splunk Education comes in. Our hands-on, interactive courses are designed to not only build technical confidence but to also foster an engaging, practical learning environment. With expert instructors, thoughtfully-developed content, and labs that bring Splunk to life, we’re here to help learners grow no matter where they are in their learning journey.  Episode 3 | Let’s Meet More Instructors  In this episode of Splunk Classroom Chronicles, we’re shining the spotlight on a new group of passionate pros behind our instructor-led training. You’ll get a peek into several of our popular courses  – from Architecting Splunk Enterprise Deployments to Search Optimization – and hear what learners have to say about their classroom experiences. Behind every hands-on lab and well-paced module is a collaborative effort between our expert course developers and dynamic instructors. Together, they bring Splunk Education to life. Architecting Splunk Enterprise Deployments Architecting Splunk Enterprise Deployments is a 9-hour course for architects and others tasked with implementing and managing large enterprise deployments.The course covers Splunk deployment planning, Index and resource planning, an overview of Splunk clustering, forwarder selections and forwarder management, integration with other Splunk and third-party products, performance monitoring and tuning, and Splunk use cases. Sandya Arunn is one of the course instructors and Tomer Gurantz is the course developer.  Here’s what one student had to say about Sandya Arunn “The instructor explained the topic clearly and effectively. She took the time to address every question from the participants, and whenever there was any confusion, she revisited the topic to provide further clarification. Her teaching style was engaging and kept the session interesting throughout.” Enroll Today  You can enroll in this course and meet Sandya here on the STEP Learning Platform.  __________________________________ Visualizing and Alerting in Splunk Observability Cloud Visualizing and Alerting in Splunk Observability Cloud is a blended course for Devops/SREs and Developers. The course describes ways to enhance dashboards and alerts to help with troubleshooting. You will also be able to find insights using analytics in charts and detectors and to create detectors for common use cases. You will experience 4.5 hours of instructor-led content and approximately 30 minutes of eLearning. Adham labib ali is one of the course instructors and Coleen Stanley is the course developer.  Here’s what one student had to say about Adham labib ali “The instructor was perfect. This was by far the best Splunk training I've had so far. Thanks to Adham, the level of pedagogy was truly outstanding, very clear and delivered with deep expertise. Thank you!” Enroll Today  You can enroll in this course and meet Adham here on the STEP Learning Platform.  __________________________________ Search Optimization Search Optimization is a three-hour course designed for power users who want to improve search performance. The course will cover how search modes affect performance, how to create an efficient basic search, how to accelerate reports and data models, and how to use the tstats command to quickly query data. Haya Husain is one of the course instructors and Anna Morales is the course developer.  Here’s what one student had to say about Haya Husain  “Haya, the instructor, was very skilled. She was very responsive and interested. Her pace was perfect, and she explained things very well. She was very smooth. Overall, one of the best presenters in a long time. I am in Toastmasters, and so I’m not easily impressed. Management types could learn a few things here.” Enroll Today  You can enroll in this course and meet Haya here on the STEP Learning Platform.  __________________________________ Splunk Enterprise System Administration Splunk Enterprise System Administration is an 18-hour course designed for system administrators who are responsible for managing the Splunk Enterprise environment. The course provides the fundamental knowledge of Splunk license manager, indexers, and search heads. It covers configuration, management, and monitoring core Splunk Enterprise components. Alex Privee is one of the course instructors and Kevin Stewart is the course developer.  Here’s what one student had to say about Alex Privee "Alex was a wonderful instructor. They were responsive, entertaining, and engaging. I felt like I was able to grasp the concepts presented in the class with relative ease." Enroll Today  You can enroll in this course and meet Alex here on the STEP Learning Platform.  __________________________________ Resources and Reminders If we’ve piqued your interest in the value of Splunk Education and you’d like to increase your Splunk knowledge or get started on your journey, here are some useful resources: Course Registration: Ready to take the next step? Register for these or any of our courses here.  Splunk Education: Visit the official Splunk Education website to explore more courses and certification details. Splunk Lantern: Get field-tested guidance on use cases and best practices using Splunk Lantern. Community Insights: Join the Splunk Community to connect with other users and get insights into best practices and troubleshooting. Splunk Certification: Validate your Splunk proficiency with any of our Splunk Certifications. Whether you're a new administrator or a seasoned Splunk veteran, our courses are designed to empower you with the knowledge and skills needed to excel in your role. Stay curious, keep learning, and we look forward to seeing you in one of our upcoming classes!  
Overview When monitoring Kubernetes workloads using AppDynamics' Cluster Agent, users often observe a mismatch or confusion between the Memory (MB) values in the table and the Usage% shown in pod... See more...
Overview When monitoring Kubernetes workloads using AppDynamics' Cluster Agent, users often observe a mismatch or confusion between the Memory (MB) values in the table and the Usage% shown in pod detail graphs. This article explains how CPU and memory metrics are computed, displayed, and what to expect when resource limits are or are not defined.   Ask 1: How is CPU% Busy calculated for Pods? AppDynamics uses the following logic: If CPU limits are defined in the pod spec, the CPU%Busy is calculated relative to the defined limit. If limits are not set, AppDynamics falls back to node-level CPU usage, and percentage values may not reflect actual pod utilization.   Ask 2: Does the same logic apply to Memory (MB)? Not exactly. Memory (MB) is always collected as the raw value used by the container. Memory usage % (Usage%) is only calculated and displayed if a memory limit is defined. If no memory limit is set, AppDynamics may still show MB used in the table view, but the Usage% will remain at 0%, as no denominator is available for calculation.   Ask 3: Why does the graph show 0% even when memory is consumed? This behavior is expected when no resource limits are set. AppDynamics cannot calculate a percentage of memory used if there's no defined upper limit to compare against.   Screenshot Summary: Screenshot 1: Pod list view Shows the AppDynamics Operator pod using 11.84 MB memory with 1% CPU.    2. Screenshot 2: Pod container view (with limits defined) Graph shows 11.91% memory usage out of 100Mi defined.          3. Screenshot 3: Pod container view (without limits) NodeJS pod consuming 33 MB memory but graph shows 0% usage.       Verifying Pod Resource Limits: To check if a pod has limits defined: kubectl get pod <pod-name> -n <namespace> -o jsonpath="{.spec.containers[*].resources.limits}"   If output is empty ({}), no limits are set, and usage% will show 0%.   Conclusion: Always refer to the table for actual memory used (MB). Usage% depends on resource limits being set. No bug here – this is by design, and understanding this helps interpret the UI accurately.   Recommendations: Set CPU and memory limits in pod specs for better visibility and scaling insights. Use kubectl top pod to cross-verify values if needed.
I'm planning to pursue the Splunk Certified Power User certification in 2025, as it seems to be highly valued. I’m new to this certification and will be using Leads4Pass.com for practice exams. I’d a... See more...
I'm planning to pursue the Splunk Certified Power User certification in 2025, as it seems to be highly valued. I’m new to this certification and will be using Leads4Pass.com for practice exams. I’d appreciate insights from those familiar with the certification. Here are my questions: 1.What are the key topics covered in the Splunk Certified Power User exam? Are there specific areas (e.g., SPL, dashboards, or data models) that require extra focus? 2.Besides Leads4Pass practice exams, what are the best resources for preparing for this certification? Are Splunk’s official training courses (like "Splunk Power User") necessary, or are there other effective study materials (e.g., free courses or community guides)? 3.How challenging is the exam for someone with basic Splunk experience? Any tips for tackling complex search queries or time management during the test? 4.How has this certification benefited your career? Is it particularly valued in specific industries like cybersecurity or IT operations? 5.Does the certification focus more on Splunk Enterprise or Splunk Cloud, or both? Are there differences in preparation if I primarily work with Splunk Cloud? 6.Is there a recertification process or expiration for the Power User certification? If so, what’s involved in maintaining it? I’m based in a non-English-speaking region, so any advice on language support or localized resources would be greatly appreciated. Thank you in advance! Best regards Josephine W. Yokley (My english name) #SplunkCertifiedPowerUser  #SplunkEducation #SplunkCloud #SplunkEnterprise #SplunkSecurity #ITOperations
When you think of Boston, you might picture colonial charm, world-class universities, or even the crack of a bat at Fenway. This September, you can add one more to the list: a one-of-a-kind opportuni... See more...
When you think of Boston, you might picture colonial charm, world-class universities, or even the crack of a bat at Fenway. This September, you can add one more to the list: a one-of-a-kind opportunity to sharpen your Splunk skills and connect with our most seasoned technical instructors at .conf25 and Splunk University. This year’s event, being held at the Boston Convention & Exhibition Center, isn’t just about big keynotes and bold innovations—it’s about rolling up your sleeves and diving into the interactive, hands-on learning that defines Splunk Education. As part of the experience, our experts will be leading a dynamic lineup of Interactive Workshop Sessions, where attendees solve real security challenges, explore automation, and gain technical insights that can immediately be put to use. Get Ready for a Hands-On Experience with Our Instructors These sessions aren’t your typical talks. Interactive Workshops are designed to simulate live environments, guiding participants through product use cases, real scenarios, and active demos. Bring your laptop and get ready to work alongside the best in the business. Here’s a quick look at what’s in store: S3crets in the AWS Cloudtrail: Unraveling Data Exfiltration One Event at a Time Monday, Sep 8 | 1:45 PM – 3:00 PM EDT Instructors: Sarah Joy & Daniella Herrera Follow a single clue and trace the steps of a sophisticated data exfiltration attack in AWS. This hands-on session will challenge you to think like a threat hunter as you uncover privilege escalations, evasions, and hidden S3 secrets. Add to schedule Enterprise Security 8.0: Enhanced Detection and Investigation for the SOC Tuesday, Sep 9 | 10:30 AM – 11:30 AM EDT Instructors: Dace McPherson & Lauri Harris Learn how to accelerate your SOC response using new detection and investigation capabilities in Splunk Enterprise Security. This workshop will walk you through every step of the investigation—from alert to analysis to action. Add to schedule Risk to Rewards: Apply Machine Learning to RBA and Reward Yourself Tuesday, Sep 9 | 12:30 PM – 1:45 PM EDT Instructors: Rao Durvasula & Matthew Dami Discover how to amplify your risk-based alerting strategy using machine learning. You’ll learn techniques to cluster risky objects, calculate scores, and uncover threat patterns like firewall exploitation by malware. Add to schedule REST Easy, SOC Analyst: Enhance SOAR with Threat Intelligence from Splunk ES Wednesday, Sep 10 | 3:45 PM – 5:00 PM EDT Instructors: Chris Huryn & Kasia Lelonek Build effective SOAR playbooks using the Visual Playbook Editor—no Python needed. Learn how to query and update threat intelligence via REST APIs and turn Splunk Enterprise Security into an orchestration powerhouse. Add to schedule   Join Us in Boston If you’re looking to gain practical, high-impact skills that will set you apart, this is the moment. Whether you're attending Splunk University (Sept 6–8) for immersive training or diving into workshops during .conf25, you’ll walk away better prepared to tackle today’s toughest data and security challenges. Secure your spot today at conf.splunk.com Don’t forget to register for Splunk University and use Training Units to pay for your track Consider getting Splunk Certified onsite at .conf25 Come early, stay sharp, and leave with more than just inspiration—leave with expertise.
AppDynamics provides robust reporting and dashboarding capabilities, but one common limitation is the default 1-month retention period for report data. For users who require access to historical re... See more...
AppDynamics provides robust reporting and dashboarding capabilities, but one common limitation is the default 1-month retention period for report data. For users who require access to historical reports beyond this window—whether for compliance, auditing, or performance trend analysis—this can become a challenge. Below is a lightweight workaround to retain reports beyond 30 days using built-in AppDynamics features and scheduled email automation. Symptoms Reports (e.g., PDF or CSV exports of application metrics, dashboards, or health rules) older than 30 days are no longer accessible within the AppDynamics controller. Attempts to view older scheduled reports fail or show empty results. Compliance or audit teams require access to reports older than 1 month, but AppDynamics only retains scheduled reports temporarily. Diagnosis AppDynamics does not store past generated reports beyond the scheduled delivery period. By default, scheduled reports are generated at runtime and emailed or downloaded without long-term persistence on the controller. Report generation is tied to user-defined schedules, and no native archival solution exists within the AppDynamics UI to maintain historical copies. Solution To retain reports for longer than 1 month, use scheduled email delivery and set up an external archival process: Step-by-Step: Create Your Report Go to Reports > Create Report. Select the type (e.g., dashboard report, analytics report). Choose your filters and time ranges (e.g., "Last 30 Days"). Schedule Monthly Delivery Set the schedule to monthly (e.g., 1st of every month). Under Delivery Options, choose Email. Enter a distribution list or archival inbox (e.g., reports@appd-archive.yourdomain.com). Set up Archival Mechanism Configure a rule in your email client (e.g., Outlook, Gmail, or a shared mailbox) to auto-save attachments to: A cloud storage folder (e.g., SharePoint, Google Drive, S3) A company file server or long-term data store Organize Monthly Archives Use email filters or a script (e.g., Power Automate, Zapier, or a Python script) to: Save files into date-based folders Rename attachments for easier indexing (e.g., AppD_Report_AppX_Jan2025.pdf)  Benefits No need for custom scripts inside AppDynamics. Ensures long-term access to time-bound reports. Scales across multiple applications or dashboards by repeating the process.
  I received this message from recruiter today. i need help. am still in the process of learning splunk.  Hi Kenechi, We have a remote and long term contract opening for a Sr. SIEM Consultant with... See more...
  I received this message from recruiter today. i need help. am still in the process of learning splunk.  Hi Kenechi, We have a remote and long term contract opening for a Sr. SIEM Consultant with our client who is a large Canadian Grocery retailer. In this role you will be responsible for the organization's Splunk platform. This includes advising on strategy/technical problems, executive engagement, managing the MSSP, creating various metrics/reports, and more. The position offers a competitive contract rate with high probability of extension. Please let me know if you or a colleague might be interested in this exciting opportunity with a leading Canadian enterprise?
Is there a Splunk cloud development environment you can use to try out creating index and Dashboards. My company limits what we can do in Splunk and i want to experiment with some sample data.  Look... See more...
Is there a Splunk cloud development environment you can use to try out creating index and Dashboards. My company limits what we can do in Splunk and i want to experiment with some sample data.  Looking for something similar like you can do in AWS by creating an account and trying out a few things. 
After emailing certification@splunk.com, how long does it take to receive the voucher in email reply?? 
Hi everyone! I'm currently preparing for the Splunk Cloud Certified Admin (SPLK-1005) exam and wanted to ask — are there any reliable and up-to-date practice tests available? I'd really appreciate... See more...
Hi everyone! I'm currently preparing for the Splunk Cloud Certified Admin (SPLK-1005) exam and wanted to ask — are there any reliable and up-to-date practice tests available? I'd really appreciate suggestions on where to find practice questions or mock exams that match the actual test format. Any tips or recommended resources would be super helpful. Thanks in advance!
May 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist on wh... See more...
May 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s edition of indexEducation, the newsletter that takes an untraditional twist on what’s new with Splunk Education. We hope the updates about our courses, certification program, and self-paced training will feed your obsession to learn, grow, and advance your careers. Let’s get started with an index for maximum performance readability: Training You Gotta Take | Things You Needa Know | Places You’ll Wanna Go Training You Gotta Take Boston to pre-game | Splunk University – September 6-8 Get ready to tailgate with the best — Splunk University is heading to Boston, Sept 6–8, 2025! This is your ultimate pre-game before .conf25, packed with hands-on labs, expert-led workshops, and face-to-face learning with the Splunk Education team. Whether you’re looking to sharpen your skills or gear up for the big event, this in-person experience will quench your thirst for knowledge. You may have avoided any 8 a.m. classes in college, but consider Early Bird registration so you can save big before the June 9 deadline!  Gotta go to Boston | The new campus for Splunk University The latest eLearning with Labs | SOC Essentials Oh, the frustration of hunting for that one essential missing sock! Err, wait, that’s not what this is about. We’re actually announcing our newest SOC Essentials: Introduction to Threat Hunting eLearning with Labs course. In this self-paced learning, you’ll go through the PEAK Threat Hunting Framework and get hands-on practice with labs that help you prepare, plan, and execute different types of hunts. Taking this course may not help you locate that one renegade sock, but it will definitely help boost your threat hunting skills. Gotta take the latest | Enroll in eLearning with labs  Things You Needa Know Cisco Live! is music to our ears | San Diego, CA, June 8-12, 2025 If expert-led Splunk Education content isn’t enough to get you to San Diego this June, maybe a live show by The Killers will do the trick. Either way, you’ll want to join us at Cisco Live! from June 8–12, 2025, for the big tech event of the year. Discover how Cisco is reshaping the future of infrastructure, security, and AI—and catch Splunk Education in action as part of the learning lineup. From hands-on sessions to free Cisco certification exams, it’s the ultimate mix of professional development, tech innovation, and a great night of rock and roll. Needa know the details | Find out more   Splunk Certification | Level up or re-certify at .conf25 Is your Splunk Certification nearing its expiration date? Well then, .conf25 is the perfect opportunity to knock out re-certification the quick, easy, and budget-friendly way. All exams are just $25 this year—no limit, no pre-reqs for our new cybersecurity certs, and no excuses. Whether you're refreshing your current credentials or looking for new badges to elevate your resume, it's never been easier to sit for our exams. Walk-up registration is available in Boston, but it’s a best practice to register early and avoid the wait or the sell out. Sharpen your skills, make your resume stand out, and keep your certifications current—at  this year’s .conf25 testing center. Needa get Splunk Certifications | Register for .conf25 in Boston Places You’ll Wanna Go Lantern Blog | New series just dropped This month on the Lantern Blog, we’re lighting your path to smarter Splunking with a new series of articles designed to help you solve real data problems—fast. Whether you’re a Splunk admin trying to squeeze more performance out of your indexing, forwarding, or search heads, or you’re looking to reduce log size using SPL2 templates, we’ve got practical, ready-to-use insights you can safely apply in production. Plus, don’t miss new content on the Cisco integration, platform upgrades, and more. Feeling in the dark? Don’t, because Splunk Lantern is our online customer success center that provides advice from Splunk experts on valuable data insights, key use cases, and more.  Wanna go toward the light | Lantern The ‘Tube | Short videos. Big impact. Wearing shorts to a red carpet event? Probably not the best look. But Splunk How-To YouTube Shorts? Now those are always appropriate! Our new series of bite-sized videos delivers fast, focused insights to keep you learning on the go —whether you're prepping for a certification exam, exploring new courses, or curious about our latest learning programs. From Last Minute Learning highlights to insider tips on our newest offerings, these 60-second videos pack serious value into every frame. Go get them shorts | Splunk learning, one quick hit at a time Find Your Way | Learning Bits and Breadcrumbs Go Chat | Join our Community User Group Slack Channel Go Stream It  | The Latest Course Releases (Some with Non-English Captions!) Go Last Minute | Seats Still Available for ILT Go to STEP | Get Upskilled Go Discuss Stuff | Join the Community Go Social | LinkedIn for News Go Index It | Subscribe to our Newsletter   Thanks for sharing a few minutes of your day with us – whether you’re looking to grow your mind, career, or spirit, you can bet your sweet SaaS, we got you. If you think of anything else we may have missed, please reach out to us at indexEducation@splunk.com.  Answer to Index This: Silence
Hi Friends, I am new to splunk.  I have created instance in google cloud and installed splunk enterprise.   Problem is iam not able to access any files like inputs.config file or outputs.conf.  Eve... See more...
Hi Friends, I am new to splunk.  I have created instance in google cloud and installed splunk enterprise.   Problem is iam not able to access any files like inputs.config file or outputs.conf.  Even if i tried to create file with vim editor, simply am getting error "command not found". can anyone suggest me best possible solution.
Preparing for my certification exam was one of the most stressful experiences I’ve faced in recent months. Despite putting in the hours, I constantly felt unsure if I was truly ready, and that uncert... See more...
Preparing for my certification exam was one of the most stressful experiences I’ve faced in recent months. Despite putting in the hours, I constantly felt unsure if I was truly ready, and that uncertainty started to take a toll on my confidence. That’s when a friend recommended SkillCertExams, and I’m honestly so glad they did. The practice tests were incredibly realistic and detailed. They didn’t just quiz me — they helped me understand the material and recognize where I needed to improve. The explanations after each question were clear and helped me connect the dots I’d been struggling with. Fast forward a few weeks, and I’m proud to say I passed my exam! For anyone else feeling overwhelmed by certification prep, I genuinely recommend checking them out. Sometimes the right resource makes all the difference.
Growth doesn’t just happen—it’s nurtured. Like tending a garden, developing your Splunk skills takes the right environment, a little structure, and guidance from those who know how to bring out your ... See more...
Growth doesn’t just happen—it’s nurtured. Like tending a garden, developing your Splunk skills takes the right environment, a little structure, and guidance from those who know how to bring out your best. That’s where instructor-led training comes in. Our expert instructors are here to help you grow faster, dig deeper, and thrive in the ever-evolving data landscape. At Splunk Education, we’re constantly planting new learning opportunities—especially for those who value real-time interaction and expert support. While we offer a full catalog of learning formats—from free eLearning to interactive labs and YouTube How-To Shorts—this month we’re especially excited about our instructor-led training (ILT) lineup. This month’s ILT course release includes: Mastering Splunk Data Management Techniques – This course focuses on technical skills related to data management processes and will benefit professionals involved in designing, building, and optimizing Splunk data ingestion pipelines. [Enroll now] Building Splunk UI Apps – Learn how to build dynamic and responsive UIs, use the Splunk REST API to manage data, display the results of SPL searches, and package apps for deployment. [Enroll now] Prefer to learn at your own pace? We’re also sharing three new eLearning with Labs courses to support security operations: SOC Essentials: Introduction to Threat Hunting (Enroll now) Developing Splunk SOAR Playbooks in the Visual Playbook Editor (Enroll now) Implementing Splunk SOAR Community Playbooks (Enroll now) Whether you’re just getting your hands dirty or looking to cultivate deeper expertise, these new releases are here to help you thrive. Explore the full Splunk Course Catalog and take the next step in your learning journey—because the seeds you plant today might just grow into your next big career move. See you next month for another round of fresh training from your friends at Splunk Education! — Callie Skokos on behalf of the Splunk Education Crew
Hi Team. I am installing the Java agent in Tomcat server I have a proxy in between the server to AppDynamics SaaS . help me where i can add the proxy details. is it in controller.xml or any other ... See more...
Hi Team. I am installing the Java agent in Tomcat server I have a proxy in between the server to AppDynamics SaaS . help me where i can add the proxy details. is it in controller.xml or any other location ?      
AWS Lambda auto-scales, but every account & region has a concurrency ceiling. When you slam into it CloudWatch emits the Throttles metric. Surfacing that (plus Invocations, Errors, Duration…) in... See more...
AWS Lambda auto-scales, but every account & region has a concurrency ceiling. When you slam into it CloudWatch emits the Throttles metric. Surfacing that (plus Invocations, Errors, Duration…) in AppDynamics lets you keep all observability in one place and build health rules so you can react before customers feel pain. Pre-requisite AppDynamics Controller Machine Agent EC2 instance profile (IAM role with cloudwatch:ListMetrics and cloudwatch:GetMetricStatistics only) or AWS AccessKey and Secret Java 8 + Maven for building the extension High‑level flow   Install the Machine Agent (recap) wget https://download.appdynamics.com/.../MachineAgent-25.x.x.zip unzip MachineAgent-25.x.x.zip -d /opt/appdynamics # 2 Point to your Controller vim /opt/appdynamics/conf/controller-info.xml # <controller-host>my-controller.company.com</controller-host> # <controller-port>443</controller-port> # <account-name>customer1</account-name> # <account-access-key>abcd123…</account-access-key> # 3 (optional) register as a service sudo systemctl enable appdynamics-machine-agent sudo systemctl start appdynamics-machine-agent Steps are noted here: https://docs.appdynamics.com/appd/24.x/25.4/en/infrastructure-visibility/machine-agent/install-the-machine-agent Build the Custom Namespace extension Extension we are using: https://developer.cisco.com/codeexchange/github/repo/Appdynamics/aws-customnamespace-monitoring-extension/ git clone https://github.com/Appdynamics/aws-customnamespace-monitoring-extension.git cd aws-customnamespace-monitoring-extension mvn clean package cp target/AWSCustomNamespaceMonitor-*.zip \ /opt/appdynamics/monitors/ cd /opt/appdynamics/monitors unzip AWSCustomNamespaceMonitor-*.zip This creates AWSCustomNamespaceMonitor/ with configuration files you need Authoring config.yml metricPrefix: "Custom Metrics|AWS Lambda|" namespace: "AWS/Lambda" accounts: - displayAccountName: "prod" regions: ["us-east-2"] # your Lambda region # keys can stay empty on an EC2 instance profile # awsAccessKey: # awsSecretKey: # optional – pulls every function; give explicit names to narrow it dimensions: - name: "FunctionName" displayName: "Function" values: [".*"] # Display all Lambda functions regionEndPoints: #us-east-1 : monitoring.us-east-1.amazonaws.com us-east-2 : monitoring.us-east-2.amazonaws.com cloudWatchMonitoring: "Basic" concurrencyConfig: noOfAccountThreads: 3 noOfRegionThreadsPerAccount: 3 noOfMetricThreadsPerRegion: 3 threadTimeOut: 30 # Global metrics config for all accounts metricsConfig: # By default, all metrics retrieved from cloudwatch are 'Average' values. # This option allows you to override the metric type. # metricName supports regex # Allowed statTypes are: ave, max, min, sum, samplecount # # Note: Irrespective of the metric type, value will still be reported as # Observed value to the Controller includeMetrics: - name: "Invocations" statType: "sum" delta: false multiplier: 1 aggregationType: "OBSERVATION" timeRollUpType: "AVERAGE" clusterRollUpType: "INDIVIDUAL" - name: "Errors" # alias: "Errors" statType: "sum" delta: false multiplier: 1 aggregationType: "OBSERVATION" timeRollUpType: "AVERAGE" clusterRollUpType: "INDIVIDUAL" - name: "Duration" # alias: "Duration" statType: "ave" delta: false multiplier: 1 aggregationType: "OBSERVATION" timeRollUpType: "AVERAGE" clusterRollUpType: "INDIVIDUAL" - name: "Throttles" # alias: "Throttles" statType: "sum" delta: false multiplier: 1 aggregationType: "OBSERVATION" timeRollUpType: "AVERAGE" clusterRollUpType: "INDIVIDUAL" - name: "DeadLetterErrors" # alias: "DeadLetterErrors" statType: "ave" delta: false multiplier: 1 aggregationType: "OBSERVATION" timeRollUpType: "AVERAGE" clusterRollUpType: "INDIVIDUAL" - name: "Availability" # alias: "Availability" statType: "ave" delta: false multiplier: 1 aggregationType: "OBSERVATION" timeRollUpType: "AVERAGE" clusterRollUpType: "INDIVIDUAL" - name: "IteratorAge" # alias: "IteratorAge" statType: "max" delta: false multiplier: 1 aggregationType: "OBSERVATION" timeRollUpType: "AVERAGE" clusterRollUpType: "INDIVIDUAL" metricsTimeRange: startTimeInMinsBeforeNow: 5 endTimeInMinsBeforeNow: 0 # Rate limit ( per second ) for GetMetricStatistics, default value is 400. https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_limits.html getMetricStatisticsRateLimit: 400 maxErrorRetrySize: 0 All the metrics that you can configure are listed here: Types of metrics for Lambda functions Learn about the different types of metrics for Lambda: invocation metrics, performance metrics, concurrency metrics…docs.aws.amazon.com Restart & verify sudo systemctl restart appdynamics-machine-agent tail -f /opt/appdynamics/logs/machine-agent.log | grep -i "AWS/Lambda" DEBUG AMonitorJob-AWSCustomNamespaceMonitor - Printing Metric [OBSERVATION/AVERAGE/INDIVIDUAL] [Custom Metrics|AWS Lambda|AWS/Lambda|prod|us-east-2|Function|appdshield-deploy-agent|Invocations]=[1]]   With ~10 minutes you can bring Lambda’s key CloudWatch metrics into AppDynamics, build proactive health rules, and keep your SRE team on a single pane of glass. Extend the same approach to other AWS namespaces or use AppDynamics’ Lambda‑specific extension if you want the full metric set out‑of‑the‑box. Happy monitoring!
Hi, Recently I have completed my Splunk Security Admin certification, but old links are not working any more and please share the new link, I have also tried to download as per the instructions prov... See more...
Hi, Recently I have completed my Splunk Security Admin certification, but old links are not working any more and please share the new link, I have also tried to download as per the instructions provided in Splunk docs like I need to go to Splunk.com then support portal then get started, my problem is I am not getting get started button instead it’s showing visit Splunk partners website, and after visiting there it’s showing my account is inactive. why is it that critical to get my own certificate now a days. Please help me getting full link where I can directly download my certificate.
Pack your bags (and maybe your dancing shoes)—Cisco Live is heading to San Diego, June 8–12, 2025, and Splunk Education will be part of the excitement. This is your chance to dive into expert-led lea... See more...
Pack your bags (and maybe your dancing shoes)—Cisco Live is heading to San Diego, June 8–12, 2025, and Splunk Education will be part of the excitement. This is your chance to dive into expert-led learning sessions, explore the future of infrastructure, security, and AI, and elevate your skills with free Cisco certification exams. Splunk Education will represent The Splunk Education crew will be on the show floor at the World of Solutions, ready to cross-pollinate learning with Cisco enthusiasts from around the globe. We’ll have experts showcasing our full lineup of Splunk training offerings, including industry-recognized certifications and free self-paced courses to help you or your team get started with Splunk. Our technical learning courses will help you connect the dots between data and action—so come find us and get one-on-one guidance and demos. Cisco learning opportunities And for all our Cisco fans, if you're looking to sharpen your skills, explore AI-powered infrastructure, or just geek out with fellow learners, Cisco Live is the place to do it. Don’t miss this chance to join hands-on sessions, take a free Cisco certification exam, and explore how Splunk and Cisco together are redefining security, observability, and learning. Register now and meet us in San Diego. You bring the curiosity—we’ll bring the knowledge, and Cisco will bring The Killers!
I have received a code from ITExperience for enrolling splunk training program through an organization. I input my code at https://workplus.splunk.com/ITExperience#   after logging in and still i am ... See more...
I have received a code from ITExperience for enrolling splunk training program through an organization. I input my code at https://workplus.splunk.com/ITExperience#   after logging in and still i am not able to access the courses. The code is working ( no error is thrown , which is shown otherwise) and many days have passed. Kindly help.
The below script can be used to find out the current environment component versions, be it AppDynamics synth environment or local environment: import selenium import platform from selenium impo... See more...
The below script can be used to find out the current environment component versions, be it AppDynamics synth environment or local environment: import selenium import platform from selenium import webdriver from selenium.webdriver.chrome.options import Options chrome_options = webdriver.ChromeOptions() chrome_options.add_argument("--incognito") chrome_options.add_argument("headless") driver = webdriver.Chrome(executable_path="<CHROME_DRIVER_PATH>", options=chrome_options) print ("\n*** Python, Selenium & Browser Details ***\n") print("Python Version: %s\n" % (platform.python_version())) print ("Selenium Webdriver Version: %s" % (webdriver.__version__)) print ("Selenium Client Version: %s\n" % (selenium.__version__ )) print ("Browser Name: %s" %(driver.capabilities['browserName'])) print ("Browser Version: %s \n" %(driver.capabilities['browserVersion']))   NOTE: <CHROME_DRIVER_PATH> is the absolute path to the downloaded chrome driver such as "/Users/kumars2/chrome-version/v132.0.6834.83/chromedriver"   Sample:  SaaS Synthetic Hosted Agent uses below versions of Browser & Selenium as of today (5/2/2025): Python Version: 3.12.8 Selenium Webdriver Version:  4.9.1 Selenium Client Version:  4.9.1 Browser Name: Chrome Browser Version : 132.0.6834.83   Follow below steps, to get the chrome driver and browser binary: 1. Head to https://googlechromelabs.github.io/chrome-for-testing/ 2. Download both the binary for chrome and chrome-driver from above URL based on your Platform/OS by replacing the desired Chrome <VERSION>  you want to test the scripts. Example: For Apple Silicon "M" chips MacBook, you can use below link to download chrome driver and browser binary. "mac-arm64" for Apple Silicon [M1/M2…] MacBook and "mac-x64" for Intel MacBook or any other available platforms. https://storage.googleapis.com/chrome-for-testing-public/<VERSION>/mac-arm64/chromedriver-mac-arm64.zip  https://storage.googleapis.com/chrome-for-testing-public/<VERSION>/mac-arm64/chrome-mac-arm64.zip  3. Unpack both the downloaded zips (browser and driver binary) to a single directory and use it as the <CHROME_DRIVER_PATH> in the above script. Note: Based on OS machine you may need to fix executable by running command given in below article - https://stackoverflow.com/questions/77099890/unable-to-update-chromedriver-since-chrome-for-testing-released   Linux: https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/linux64/chrome-linux64.zip https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/linux64/chromedriver-linux64.zip MacBook Apple Silicon CPUs ("M" chips like M1/M2 etc.): https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/mac-arm64/chrome-mac-arm64.zip https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/mac-arm64/chromedriver-mac-arm64.zip MacBook Intel CPUs: https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/mac-x64/chrome-mac-x64.zip https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/mac-x64/chromedriver-mac-x64.zip Windows 32Bit OS: https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/win32/chrome-win32.zip https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/win32/chromedriver-win32.zip Windows 64Bit OS: https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/win64/chrome-win64.zip https://storage.googleapis.com/chrome-for-testing-public/132.0.6834.83/win64/chromedriver-win64.zip   Reference link to install selenium: https://pypi.org/project/selenium/4.9.1/   After installing the right binaries for testing, the below screenshot is the output of the above script from one of the local environments (mac machine):   NOTE:  If the script works fine in your local environment but AppDynamics synthetic jobs are still facing an issue, please open a case with the support team. Please attach your script with test credentials, if any, for us to review/test it from our end.