Big Data

Splunk add-ons that give you even more valuable data to analyze

Splunk can turn every small bit of your businesses data into useful information. These add-ons will help make it even more valuable.

Image: TechRepublic/Brandon Vigliarolo

It's impossible to talk about modern business without also talking about machine-generated data. Everything down to the smallest detail is quantified and recorded, from bottlenecks in IT infrastructure to user input on an industrial milling machine.

That data is important to businesses, but understanding it can be difficult. That's where Splunk comes in. Splunk pulls all that data together and makes it digestible, but sometimes you can't get everything you need from the base program. Luckily there are add-ons that can make up for that.

Splunk add-on for Windows

If you're managing a Windows environment you know that every little bit of information about user's machines can make a difference. The Splunk add-on for Windows will deliver statistics about almost everything right to your Splunk server, allowing you to easily diagnose, troubleshoot, and monitor deployed assets.

SEE: Will 2016 be the year to make or break DevOps? (TechRepublic)

Splunk add-on for Linux/UNIX

When I was in college I worked in the IT department at a particle accelerator, and most of the machines doing the heavy lifting were running Linux. If your business has a split ecosystem and pulls data with Splunk you can eliminate headaches with this add-on.

The Splunk add-on for Unix and Linux will deliver the same detailed information as the Windows add-on. It's a must-have for any business that relies on UNIX or Linux machines.

Splunk Common Information Model

Also known as the CIM, this add-on is considered so essential that it's bundled into several of Splunk's software suites.

The CIM standardizes field and event names across platforms and programs. If you've ever spent time trying to compare machine-generated data from different platforms you know how hard it can be. Now imagine never having to do it again—that's the Splunk CIM.

SEE: Can IT keep up with big data? (TechRepublic)

Splunk add-on for Active Directory

The Splunk add-on for Active Directory serves data to the AD, Exchange, and Windows Management Infrastructure apps. This makes it a necessary tool if you want to populate Active Directory data into those apps.

This add-on is specifically used to attach AD data to other events and logs. Attaching a user or machine to an Exchange or WMI report can definitely make life easier.

Splunk add-on for mobile access

A successful IT department is a lean and mobile one, which means you probably want to take advantage of the Splunk mobile apps. You don't need the Splunk mobile access add-on to make the apps work, but it adds a few important features that you can't get otherwise.

You can use the app to allow single sign-on (SSO), receive mobile notifications, control what users can see, and even troubleshoot Splunk itself from a mobile device.

Flexibility is a Splunk fundamental

Splunk's core system is designed to be customized to unique business needs, most of which can be met by the add-ons on Splunkbase. If these five aren't exactly what you need take a look to see what else is available. Most of the add-ons are authored by Splunk itself, so you can trust them to be secure, safe, and to work properly.

Also see

About Brandon Vigliarolo

Brandon writes about apps and software for TechRepublic. He's an award-winning feature writer who previously worked as an IT professional and served as an MP in the US Army.

Editor's Picks

Free Newsletters, In your Inbox