Oooh Shiny

For those not familiar with it (why are you reading this?? ) splunk (www.splunk.com) is an IT search engine. It indexes anything from log files to performance metrics in your infrastructure, and allows you to work with the results in a very slick user interface. Think of it (warning: highly simplified statement) as Google for IT data. In this regard it is way beyond anything the traditional IT management vendors offer. I personally really like it and the company behind it (they’ve been very responsive and helpful when I talked to them a few months back).

Like any IT management application you normally use splunk from your desktop for administrative, troubleshooting and management purposes. However, every now and then you do run into situations where you are on the road, in a meeting, buried somewhere under a raised server room floor, or (admit it!) in the privacy of your bathroom and really need to access some of the data that splunk manages for your.

This is where splunk2go comes in. It is basically a simple UI for accessing splunk data on your iPhone, allowing for free form search and access to saved searches.

As you launch splunk2go you are presented with a simple tab-based user interface. If you have used splunk before, you’ll feel right at home:




The “Free splunk” tab allows you to freely enter splunk search commands. So let’s say you want to look for error messages from any of your systems. Simply enter “error” in the search bar, and the application will return them to you. By default it will display events from the last hour, but you can configure this to your liking.

As you can see in the screenshots, splunk2go gives you the timeline of the number of event, allows you to filter the results by tapping on the timeline or by host, event source and event type, and the gives you access to the raw event results.
By tapping on any of the events you can view the event details.

If you switch over to the Saved Searches tab, you have access to the saved searches on the splunk server, and can run them directly. This is helpful for complex queries that might be tedious to type in on the iPhone. You can still refine the search queries, as they are available from the search bar for you.

This is the current state of the application. I created it a while back when I was teaching myself iPhone programming. Let me know if there are additional functionalities that you might be interested in.