For those not familiar with it (why are you reading this?? 
) splunk (www.splunk.com) is an IT search engine. It indexes anything from log files to performance metrics in your infrastructure, and allows you to work with the results in a very slick user interface. Think of it (warning: highly simplified statement) as Google for IT data. In this regard it is way beyond anything the traditional IT management vendors offer. I personally really like it and the company behind it (they’ve been very responsive and helpful when I talked to them a few months back).
Launching Splunk2go
Like any IT management application you normally use splunk from your desktop for administrative, troubleshooting and management purposes. However, every now and then you do run into situations where you are on the road, in a meeting, buried somewhere under a raised server room floor, or (admit it!) in the privacy of your bathroom and really need to access some of the data that splunk manages for your.
This is where splunk2go comes in. It is basically a simple UI for accessing splunk data on your iPhone, allowing for free form search and access to saved searches.
As you launch splunk2go you are presented with a simple tab-based user interface. If you have used splunk before, you’ll feel right at home:

Default Application Screen

The “Free splunk” tab allows you to freely enter splunk search commands. So let’s say you want to look for error messages from any of your systems. Simply enter “error” in the search bar, and the application will return them to you. By default it will display events from the last hour, but you can configure this to your liking.
Search Results
Browse Search Results
As you can see in the screenshots, splunk2go gives you the timeline of the number of event, allows you to filter the results by tapping on the timeline or by host, event source and event type, and the gives you access to the raw event results.
By tapping on any of the events you can view the event details.
Event Details
More Event Details
If you switch over to the Saved Searches tab, you have access to the saved searches on the splunk server, and can run them directly. This is helpful for complex queries that might be tedious to type in on the iPhone. You can still refine the search queries, as they are available from the search bar for you.
Saved Searches
Saved Searches 2
Search Results 3
This is the current state of the application. I created it a while back when I was teaching myself iPhone programming. Let me know if there are additional functionalities that you might be interested in.
Tags: iphone, splunk, theres and app for that
[...] This post was mentioned on Twitter by Nils Heuer, Nils Heuer. Nils Heuer said: @michaelwilde Check this out. Some screenshots and descriptions around splunk2go for #splunk and #iphone http://bit.ly/4UMDnS [...]
Social comments and analytics for this post…
This post was mentioned on Twitter by pokeshot: @michaelwilde Check this out. Some screenshots and descriptions around splunk2go for #splunk and #iphone http://bit.ly/4UMDnS...
[...] the original: Splunk2go – an iPhone application for accessing splunk data « Oooh … No TweetBacks yet. (Be the first to Tweet this post)Tweet This!Share this on FacebookPost this to [...]
[...] post: Splunk2go – an iPhone application for accessing splunk data « Oooh … No TweetBacks yet. (Be the first to Tweet this post)Tweet This!Share this on FacebookPost this to [...]
Sweet app. Did you finish it? What are you planning to do with it? App Store?
Michael Wilde
Splunk Ninja
thewilde@splunk.com
http://splunkninja.com
Need to clean things up. Then beta test, then appstore. Hopefully won’t take too long
Nils - I was just thinking to myself that a SPLUNK iphone app would be useful, especially if I could save a search like “All SERVER DOWN messages in last 5 minutes”, etc. so I could check stuff in the DC without going back to my desk. I also like to check inbound message levels from various device groups (i.e. servers or switches) since a spike in messages is usually bad - your graph looks like what I want.
I will be waiting to see it in the app store!!