Blog

 

Posts by Nick Mealy

Come see Nick talk at conf19 – “Master joining without using join”

If you’re coming to the Splunk user conference in Vegas, aka conf19, come see my talk – “Master Joining Your Datasets Without Using Join”! It’s on Thursday 10/24 10:30am. If you use Splunk and you have any searches or reports that use the join, append, or transaction commands this is a talk for you. Likewise…  continue reading…

General Splunk |

Splunk development adventures in Splunk 8.0 with Python3 on.

Splunk Enterprise 8.0 is coming! And it has Python3! Disclaimer: If you have never written any Python in Splunk and don’t plan on it, this is probably not the blog post for you. Still there? OK the short version is that Splunk Enterprise 8 ships both Python2 and Python3. The core python pieces inside Splunk…  continue reading…

General Splunk |

Welcome Rich Mahlerwein!

I am extremely excited to announce that Rich Mahlerwein has joined Sideview as of yesterday morning! Rich is a Splunker extraordinaire, an expert on technologies all across the datacenter, a fantastically helpful member of the Splunk community and even a Splunk Trust member. In fact he’s so unique that Splunk literally sent someone out to…  continue reading…

Uncategorized |

How to build everything backwards

Our minds, for better or worse, are wired a certain way. We hear someone’s problem and we immediately want to solve it, even before they’re done describing it. This doesn’t even sound like a bad thing does it? A story. The first version of a Thing is built. It’s purpose is to take a process…  continue reading…

Uncategorized |

Postprocess searches – pitfalls galore

As you develop a custom view you start with one chart or one table. After a while you’ve added and added, and you’re dispatching several searches. Often you’ll see that a lot of searches are pretty similar to each other. You’re getting the same events off disk more than once and you’re making Splunk do…  continue reading…

General Splunk |

There’s always a worse way

In the Splunk search language there is almost always a better way, and someone on answers.splunk.com to teach you about it. Less commonly advertised though, is the fact that there is ALWAYS a worse way… So let’s drive the wrong way down a one way street. Bear with me. First, a warning. Driving the wrong…  continue reading…

General Splunk |

New Sideview Utils module – NavBar

The latest release of Sideview Utils (3.3.9) includes a new module called NavBar that can be used to replace Splunk’s AppBar module. Now why do I need to replace AppBar?. Well, you very well might not! It has to do with the “displayview” setting in savedsearches.conf. If you’re a Splunk app developer who’s been around…  continue reading…

Sideview Utils |

Field pickers for everyone!

By popular demand, you can now pick the columns and fields in Browse Calls and also in the “raw call legs” table inside Call Detail. So when you’re looking into something around say call quality fields, with just couple clicks you can make Browse Calls show you everything about those fields instead. And then the…  continue reading…

Cisco CDR |

some words from the HTML module

Since I’ve been negligent in posting any news, I thought I’d let the HTML module take the wheel for a few minutes. What it has chosen to share are the donut-related comments above a few of its defined methods, written in 2010 when Sideview was just a few months old. /** * clients call this…  continue reading…

Sideview Utils |

Shotgun Reporting app released

Earlier this year I wrote up an app called “Shotgun Reporting” as an entry for the Splunk Apptitude contest. Here’s its page on the contest site. I like to think it had a shot at winning but it didn’t. In any event it was a fun and pretty intense week prototyping and building it. In…  continue reading…

Uncategorized |

New Testimonials page for the Splunk for Cisco CDR app

We just put a couple testimonials for our CallManager solution, Splunk for Cisco CDR.   Check them out if you get a chance.  

Cisco CDR |

New screen capture demo of Splunk for Cisco CDR

If you use Cisco CallManager, you will want to check out this 10 minute demo and overview of our reporting solution for CallManager – “Splunk for Cisco CDR”.   And afterwards don’t forget that you can set up a trial version on your own live data in about 15 minutes.  Download the trial, check out…  continue reading…

Cisco CDR, Screencasts |

Sideview Utils 2.7.1 released this morning.

I’m not sure why I haven’t been posting release notes as “news” items on the site. Going forward I think I’m going to post the release notes emails here. Without further ado: 2.7.1 (November 26th, 2013) > Fixed a bug in the Filters module where certain back-button and forward-button scenarios would lead to inconsistent UI…  continue reading…

Sideview Utils |

New Licensing FAQ

It’s better late than never – there is now a Sideview Utils Licensing FAQ. If you’ve ever thought about Sideview Utils and licensing, take a look.   It’s not uncommon for people to have slightly off ideas about the licensing and how it applies to them.  This faq really should clear it up.   And…  continue reading…

Sideview Utils |

New mailing list for Sideview Utils

1) There is finally a mailing list for Sideview Utils updates.  It’s been something people have been asking for for a long time, and it’s finally here. So if you’ve been having trouble staying up with all the latest fixes, features, and documentation,  sign up now.  Sideview Utils gets updated every couple weeks on average,…  continue reading…

Sideview Utils |

New Cooking with Sideview episodes

I did two videos last December and they’re really the best ones so far so check them out. In the first, which is the fourth overall, I take a step back and give a broad overview of Sideview Utils. What it is, what it does, why it’s awesome and why you should use it. —…  continue reading…

Sideview Utils |

Fire drill around Splunk 5.0

We just updated all of our apps!  Why, you ask? Well, Splunk 5.0 was released this morning, and despite having tested everything against earlier 5.0 builds,   when the GA version of Splunk 5.0 released this morning, we had a little problem! As you (the Sideview user) know,  Sideview Utils and Sideview apps in general…  continue reading…

General Splunk |

Sideview Utils 2.2 – even more awesome

This was a big release.   The Table and Multiplexer modules introduce a new Sideview mechanism that allows you to greatly expand the range of custom rendering.    I’ll be expanding on this as soon as I can, in the form of a new “Cooking with Sideview” video, so keep an eye out for that….  continue reading…

Sideview Utils |

Sideview Utils 2.1 released

  A bunch of great stuff just came out in Sideview Utils 2.1 “Runtime Debug” mode in the Sideview Editor.   For the first time Splunk admins have a way to debug tricky form searches and inline drilldowns.   Are the $foo$ tokens not ending up quite where they’re supposed to?  Walk the module hierarchy…  continue reading…

Sideview Utils |

So you’d like to… convert a simplified XML dashboard to Sideview Utils

Intro: There are two flavors of simple XML,  the <dashboard> and the <form>.   With both flavors, in terms of interface functionality they are both just limited shorthand forms of the “advanced XML”, which I just mention to reassure you that the conversion process is relatively reliable and you won’t necessarily lose anything.   And once…  continue reading…

Sideview Utils |