Hey everyone! I’ve been hard at work on Splunk Lab these last few months, and I wanted to share what I’ve done with it.
The first thing is that I baked in several Splunk apps so that they are all available when launching the app! That list includes:
- Syndication Input
- REST API Modular Input (Requires Registration)
- Wordcloud Custom Visualization
- Slack Notification Alert
- The Splunk Machine Learning Toolkit
- NLP Text Analytics
- Sankey Diagram Custom Visualization
I’ve also written (or, in one case, re-written) apps using Splunk Lab as a jumping off point. Here’s what I have so far:
- Splunk Yelp Reviews – Lets you pull down Yelp reviews for venues and view visualizations and wordclouds of positive/negative reviews in a Splunk dashboard
- Splunk Telegram – This app lets you run Splunk against messages from Telegram groups and generate graphs and word clouds based on the activity in them.
- Splunk Network Health Check – Pings 1 or more hosts and graphs the results in Splunk so you can monitor network connectivity over time.
- …plus a few other things that I’m not quite ready to release yet. 🙂
Finally, I’ve added a bunch of data sources to Splunk Lab so that you can jump right in and start pulling data down with Syndication Input or REST API Modular Input:
- Recent Questions Posted to Splunk Answers
- CNN Headlines
- Flickr’s Public Feed, or perhaps just Photos Tagged “cheetah”
- Philadelphia Regional Rail Train Data
- Real-time BitCoin Price
- Philadelphia Forecast from The National Weather Service
- Stock Quotes
- Meetup RSVPs
A bunch of the above endpoints are actually built into Splunk Lab, so once it is running, you can go into “Inputs” in Splunk and start pulling data down with just a few clicks.
To get started with Splunk Lab, make sure you have Docker running, and run this on the command line:
bash <(curl -s https://raw.githubusercontent.com/dmuth/splunk-lab/master/go.sh)
Anything you’d like to see me add to Splunk App? Do let me know what you think in the comments!
— Doug