Community:What Are Add-ons

From Splunk Wiki

(Redirected from Community:What Are Apps)
Jump to: navigation, search

Splunk Add-ons: an introduction

Splunk add-ons are a series of modifications, saved searches, configurations and UI elements like dashboards, reports or views, packaged in a reusable format. We commonly refer to these as Splunk knowledge objects. A packaged add-on that is formatted correctly should install in any Splunk deployment, given some minor configuration as documented by the app author. Read on for a description of Splunk add-on structure and formatting.

Why add-ons?

Add-ons let you construct and maintain different environments on top of one Splunk instance. One Splunk installation can run multiple add-ons. This way, any number of different groups can use the same Splunk instance without running into each other.

For example, you can make an add-on for all your helpdesk employees and a different app for your marketing department. When a user in the helpdesk role logs into Splunk, they'll see a customized environment that helps them track their support cases. When a user from the marketing group logs in, they'll see the business analytics add-on, where they can run reports on business trends and web activity. Meanwhile, the Splunk admin can maintain all the installed add-ons, as well as build and install more.

By building add-ons, you can create separate contexts for the different groups of Splunk users within your organization: one add-on for troubleshooting your email servers, one add-on for analyzing business trends, and so on. This way, everyone can use the same Splunk instance, but see only data that is relevant to their interests. Some groups can access multiple add-ons while some may see only one. Add-ons are highly customizable, so you get to decide who sees what and how it works.

What is an Add-on?

Add-ons can be as simple as a saved search or extracted field, possibly with some UI elements, such as a dashboard or saved report, for example.

Add-ons can also be as complex as a workspace environment that solves a specific use case for your company. For example, a Splunk install can run a helpdesk add-on, a business analytics add-on, the Windows add-on and the Search add-ons, all at the same time.

Add-ons: 

* Focus on aspects of your data
* Are built around use cases or technology
* Support diverse user groups and roles.
* Run in tandem.
* Contain any number of Splunk configurations and knowledge objects.
* Are completely customizable, from front to back end.
* Can include Web assets, such as HTML, CSS and JavaScript.
Retrieved from "http://wiki.splunk.com/Community:What_Are_Add-ons"
Hot Wiki Topics


About Splunk >
  • Search and navigate IT data from applications, servers and network devices in real-time.
  • Download Splunk