@azanians reminded me in the thread linked above about Splunk! I’ve always thought that HTM would be very fitting for a Splunk add-on service, but we’ve never officially investigated it. Does anyone have Splunk experience and an interest in creating some type of log anomaly system on top of Splunk? I’ve used their services before, and I can tell you they have a great infrastructure that is really hackable and fun to write queries against.
Hi @rhyolight, I wouldn’t mind being involved in the initiative to create an HTM Splunk add-on and perhaps App. I have three years experience of working and can develop Splunk Apps and add-on. I’m however not so clued up with HTM. All I know is a little on what I’ve read and nothing hands-on. So I guess I need to start applying myself a little more on gaining practical experience to I get to understand HTM better, and how to implement solutions based on the technology.
Is there some HTM for dummies/beginners video tutorials I can use to get started? I’d appreciate any guidance on where to get started…
@azanians@Manpreet_Singh Do either of you have any experience with the Splunk add-on licensing model? Are there restrictions on OS licenses on the Splunk side?
We would have to get the detail for licensing of addons from the Splunk vendor itself, but the short of it is that any one can develop an addon that they upload to Splunkbase for use by others for free, or for a fee. So the developer can decide on whether they are doing it just to contribute to the community, or for commercial objectives.
I’m all for it!
Please also check out the information here as I’d think we should aim to have the app certified by Splunk for credibility’s sake. -> http://dev.splunk.com/view/app-cert/SP-CAAAE2S
I suppose the other decision should be around whether we’re merely contributing to the community, or out to get paid.
On your question of “issue tracking”. I’ll need your guidance there. I’ve never developed an app through the community so I’m not so familiar with much of the jargon used.
I think you’ll want to start your own repository for this work. And just to be clear, I was suggesting this as a community project. I can advise, but I don’t have time to work on it.
If you are “out to get paid” , you’ll need to eventually read our licensing guidelines.
I think you want to find anomalies in logs. Splunk has great tools to create queries that segregate different logs, and you can aggregate on log counts etc. This would be a good place to start. If there are a ton of logs, you might be able to identify anomalies simply on aggregated log counts.
I’m a Splunker and long-time HTM fan, and recently came up with a potentially interesting use case for combining the two together. Would love to work with whomever to build it out.