Skip to content

TrackMe - Data tracking system for Splunk admins

License

Notifications You must be signed in to change notification settings

cheskyherskovic/trackme

 
 

Repository files navigation

TrackMe - An application for Splunk administrators to monitor and track data sources and hosts availability the easy way

branch build status
master master status

Download

Consult the application releases in Git:

https://github.com/guilhemmarchand/trackme/releases

The Splunk TrackMe application provides automated monitoring and visibility insight of your data sources availability, with a powerful user interface and workflow for Splunk product owners to detect and alert on failures or abnormal latency:

  • Discover and store key states information of data sources, data hosts and metric hosts availability
  • Provides a powerful user interface to manage activation states, configuration and quickly trouble availability failure detection
  • Analyse and detect lack of data and performance lagging of data sources and hosts within your Splunk deployment
  • Behaviour analytic with outlier detection based on machine learning outliers calculations
  • Behaviour analytic with data sampling and event format recognition, monitor and detect anomalies in raw events to detect event format changes or misbehaviour
  • Record and investigate historical changes of statuses, as well as administrators changes (audit flipping and changes)
  • Easy administration via graphical human interface from A to Z
  • No matters the purpose of your Splunk deployment, trackMe will easily become an essential and easy piece of your deployment, and even providing efficient answers to PCI and compliance requirements
  • Keep things under your control and be the first to know when data is not available, get alerted before your users get back to you!

screenshot1

screenshot2

screenshot3

screenshot4

screenshot5

Why this application?

Splunk administrators and engineers have to spend a good amount of time and energy to on-board new data sources, another data source after another data source.

However, it is very frequent to realise after math that something went wrong, for some reason the sender stopped sending, an upgrade broke a configuration, a network rule was lost…

No administrator should be informed of an issue in the data flow by the customer or end users, this is why you need pro-activity and cost less availability monitoring.

with the massive amount of data sources, this becomes easily a painful and time consuming activity, this application aims to drastically help you in these tasks.

TrackMe provides a handy user interface associated with an efficient data discovery, state and alerting workflow.

Made by Splunk admins for Splunk admins, the TrackMe application provides builtin powerful features to monitor and administer you data source monitoring the easy way!

Use cases for TrackMe?

No matters the purpose of your Splunk deployment, trackMe will easily become an essential and positive piece of your Splunk journey:

  • Security Operation Centers (SOC) with or without Enterprise Security compliance: detect lack of data, abnormal latency potentially impacting your security posture
  • PCI and compliance: deliver, alert and action
  • Monitoring and insight visibility about your indexes, sourcetypes, events and metrics
  • General data activity monitoring and detection of Zombie data

Please consult the online documentation: https://trackme.readthedocs.io

About

TrackMe - Data tracking system for Splunk admins

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages

  • HTML 70.4%
  • Python 27.9%
  • JavaScript 1.5%
  • Other 0.2%