| # SPL cheatsheet: | |
| # Additional resource: http://www.bbosearch.com/searches | |
| ######################################################## | |
| - List users and corresponding roles: | |
| ===================================== | |
| | rest /services/authentication/users splunk_server=? | |
| | fields title roles realname | |
| - List indexes: |
Sometimes, you need to fake something in Splunk. Might be during development and you don't feel like writing a real search, but you really need a number for a dashboard panel to look right. Maybe you are helping someone with a hairy regex, and you don't want to index data just to test it on your instance. Whatever the reason, here are some searches that have helped me out.
Note that when using these techniques, you are not going through the indexing
| CI & CD: | |
| ======== | |
| 2 core software development processes | |
| CI process of automating regular code commits followed by an automated build and test process designed to highlight intergration issues early. | |
| Additional tooling and functionality provided by Bamboo, CruiseControl, Jenkins, Go and TeamCity etc. | |
| workflow based | |
| CD takes the form of a workflow based process which accepts a tested software build payload from a CI server. Automates the deployment into a working QA, Pre-prod or Prod environment. | |
| AWS CodeDeploy and CodePipeline provide CI/CD services | |
| Elasticbeanstalk and CFN provide functionality which can be utilized by CI/CD servers. |
| This is a Gist of useful Splunk Queries. |
| <?xml version="1.0"?> | |
| <form> | |
| <label>The Battle Overview</label> | |
| <searchTemplate><![CDATA[ | |
| index=thebattle | rex field=uri "/battle/(?<thing>[^?]+)(\?color=(?<color>\w+))?" | eval color=if(isnull(color), "", color) | eval strategy=color.thing | stats count by date_hour, bytes, clientip, strategy | |
| ]]> | |
| </searchTemplate> | |
| <fieldset> | |
| <input type="time"> | |
| <label/> |