Products/Services
product
- Why choose Splunk
- Installation record
- price
- Splunk Enterprise Security
- Splunk Phantom (SOAR)
- Splunk ITSI (Next Generation IT Operations)
- Splunk Observability Cloud
- Splunk UBA
- Macnica CSIRT App Basic
- App for Splunk for Financial Institutions
- Splunk Analytics for Hadoop
- About Apps
- Splunk Edge Hub
- What is Splunk
service
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- List of services
- Macnica Premium Support for Splunk (utilization support, version upgrade monitoring)
- Macnica Premium Support for Splunk Skill Up Package
Specifications/Technical Information
Specifications/Technical Information
Evaluation machine application/FAQ
Application for evaluation machine
- FAQ
Splunk
Splunk
Ingest Actions feature added!
Reduce storage costs by transferring data locally!
The bookmark feature has been added to the UI for quick access!
Main additional functions
Ingest Actions Enhancements
- Added the ability to route data to NFS and local storage using Ingest Actions.
|
It can be used in the following situations!!
- I don't want to import unnecessary data into Splunk - Want to reduce remote storage costs |
Bookmarking the Splunk Web Homepage
- ●Bookmark functionality has been added to the SplunkWeb homepage.
You can create bookmarks for users or for sharing with your organization.
|
It can be used in the following situations!!
- I want to be able to quickly access frequently used functions to streamline my work |
Dashboard Studio enhancements
- ● You can now schedulea series of tasks to export dashboards as PDF and PNG and distribute them by email.
|
It can be used in the following situations!!
- I want to share dashboards more efficiently - I want to regularly distribute dashboard results to users who do not use Splunk. |
Automated rolling upgrades for indexer clusters
- A rolling upgrade is an upgrade method that minimizes the impact to ongoing searches and data ingestion.
- The splunk-rolling-upgrade app in a default installation automates steps that were previously performed manually.
- 1. Distribute settings from the cluster manager to the cluster peers
- On the cluster manager, create the following file:
・File path
$SPLUNK_HOME/etc/apps/splunk-rolling-upgrade-config/default/rolling_upgrade.conf
File contents
[downloader]
package_path = <path to installer package>
md5_checksum = <md5 checksum of installer package> - $SPLUNK_HOME/etc/apps/splunk-rolling-upgrade-config
Copy it to the $SPLUNK_HOME/etc/manager-apps directory. - Distribute the configuration to the cluster peers.
- On the cluster manager, create the following file:
- 2. Automatic Rolling Upgrades
Use the REST API or CLI commands to perform the upgrade of the cluster manager and peers.
- Run the command on the cluster manager to start the upgrade.
curl -X POST -u admin:pass -k "https://<host>:<mPort>/services/upgrade/cluster/manager?output_mode=json" - Monitor the cluster manager upgrade to ensure it is complete.
curl -X GET -u admin:pass -k "https://<host>:<mPort>/services/upgrade/cluster/status?output_mode=json" - Run the command on the cluster manager to initiate the upgrade of the cluster peers.
curl -X POST -u admin:pass -k “https://<host>:<mPort>/services/upgrade/cluster/all_peers?output_mode=json“ - Watch the cluster peer upgrade progress begin and complete.
curl -X GET -u admin:pass -k "https://<host>:<mPort>/services/upgrade/cluster/status?output_mode=json"
*$SPLUNK_HOME is the default installation directory.
*Only supported on Linux/Unix OS.
*To use the splunk-rolling-upgrade app, you must have the “splunk_system_upgrader” role.
*Only applies to upgrades from version 9.3 onwards to later versions. - Run the command on the cluster manager to start the upgrade.
- 1. Distribute settings from the cluster manager to the cluster peers
|
It can be used in the following situations!!
- I want to upgrade my indexer cluster with minimal impact to Splunk (rolling upgrade) In addition to the above, we want to reduce the burden on administrators who perform upgrades! (Rolling upgrade automation function) |
Upgrading Python version to 3.9
- ●The version of Python shipped with Splunk has been upgraded to 3.9.
- Use the Upgrade Readiness App 4.5.0 to check if your apps are compatible with Python 3.9.
*Currently, there is an option to revert to Python 3.7, but this is not recommended as it will be deprecated in the future.
Click here for function information of past and other versions
Inquiry/Document request
In charge of Macnica Splunk Co., Ltd.
- TEL:045-476-2010
- E-mail:splunk-sales@macnica.co.jp
Weekdays: 9:00-17:00