Splunk Dev

What do you experienced folks recommend in order to really know everything about Splunk?

rshoun
Explorer

I just purchased the Building Splunk Solutions Book for one resource and I really want to get into the Dev Side of Splunk but as I am slowly introducing myself to this area, what IDE's or potential open-source resources to you all recommend in order to really get your hands into developing Splunk Apps? (Other than Google) I am assuming Python is the best language for this? Any suggestions or input?

0 Karma
1 Solution

cmerriman
Super Champion

http://dev.splunk.com/ has a bunch of documentation. You can look at all sorts of how-tos and whatnot for developing apps.

http://dev.splunk.com/python is the overview for the SDK for Python, if you're most familiar with Python.

View solution in original post

0 Karma

woodcock
Esteemed Legend

To REALLY know Splunk you need to SPL a ton OR see it done well a ton. The best way to do the latter is to go to the Splunk Answers leaderboard and pick some people in the top 50 and follow them or go back and look at their answers:
https://answers.splunk.com/users/index.html?all=1&sort=karma

More and more people are providing SPL to spoof dummy events so you can play around with the full answer and deconstruct how each works. I HIGHLY recommend @martin_mueller, @lguinn, @dwaddle, any of the Aplura guys ( @starcher, @dshpritz ), and many more (sorry if I slighted anybody by leaving you off, but I am just recalling the ones that I have learned much deep stuff from). Also be sure to join the #general channel and lurk on slack.

Another GREAT way to learn is to download popular or complicated apps from Splunkbase and tear them apart to see how it works. You can learn a TON from this and very quickly.

0 Karma

cmerriman
Super Champion

http://dev.splunk.com/ has a bunch of documentation. You can look at all sorts of how-tos and whatnot for developing apps.

http://dev.splunk.com/python is the overview for the SDK for Python, if you're most familiar with Python.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...