TrackMe - An application for Splunk administrators to monitor and track data sources and hosts availability the easy way
branch | build status |
---|---|
master |
Consult the application releases in Git:
https://github.com/guilhemmarchand/trackme/releases
The Splunk TrackMe application provides automated monitoring and visibility insight of your data sources availability, with a powerful user interface and workflow for Splunk product owners to detect and alert on failures or abnormal latency:
- Discover and store key states information of data sources, data hosts and metric hosts availability
- Provides a powerful user interface to manage activation states, configuration and quickly trouble availability failure detection
- Analyse and detect lack of data and performance lagging of data sources and hosts within your Splunk deployment
- Behaviour analytic with outlier detection based on machine learning outliers calculations
- Behaviour analytic with data sampling and event format recognition, monitor and detect anomalies in raw events to detect event format changes or misbehaviour
- Record and investigate historical changes of statuses, as well as administrators changes (audit flipping and changes)
- Easy administration via graphical human interface from A to Z
- No matters the purpose of your Splunk deployment, trackMe will easily become an essential and easy piece of your deployment, and even providing efficient answers to PCI and compliance requirements
- Keep things under your control and be the first to know when data is not available, get alerted before your users get back to you!
Splunk administrators and engineers have to spend a good amount of time and energy to on-board new data sources, another data source after another data source.
However, it is very frequent to realise after math that something went wrong, for some reason the sender stopped sending, an upgrade broke a configuration, a network rule was lost…
No administrator should be informed of an issue in the data flow by the customer or end users, this is why you need pro-activity and cost less availability monitoring.
with the massive amount of data sources, this becomes easily a painful and time consuming activity, this application aims to drastically help you in these tasks.
TrackMe provides a handy user interface associated with an efficient data discovery, state and alerting workflow.
Made by Splunk admins for Splunk admins, the TrackMe application provides builtin powerful features to monitor and administer you data source monitoring the easy way!
No matters the purpose of your Splunk deployment, trackMe will easily become an essential and positive piece of your Splunk journey:
- Security Operation Centers (SOC) with or without Enterprise Security compliance: detect lack of data, abnormal latency potentially impacting your security posture
- PCI and compliance: deliver, alert and action
- Monitoring and insight visibility about your indexes, sourcetypes, events and metrics
- General data activity monitoring and detection of Zombie data
Please consult the online documentation: https://trackme.readthedocs.io