/awesome-itsi

A collection of awesome resources for Splunk IT Service Intelligence

Creative Commons Zero v1.0 UniversalCC0-1.0

Awesome ITSI Awesome

A curated list of awesome resources for Splunk IT Service Intelligence.

Contents

Basics

Resources for getting started with Splunk IT Service Intelligence.

Education and Training

Professional Services

Need to get the experts involved in an ITSI implementation, or seeing guidance.

Modules

ITSI Module for Application Performance Monitoring

The Module for Application Performance Monitoring (APM) does not ship with ITSI by default. It can be downloaded from Splunkbase. If you are using ITSI on Splunk Cloud, request it to be installed from Splunk Cloud Ops.

Support Add-Ons

Application Server Module

Support Add-Ons

Splunk ITSI Module for Continuous Delivery The Module for Continuous

The Splunk ITSI Module for Continuous Delivery does not shop with ITSI by default. It can be downloaded from Splunkbase. If you are using ITSI on Splunk Cloud, request it to be installed from Splunk Cloud Ops.

Support Add-Ons

Database Module

Support Add-Ons

End User Experience Monitoring Module

Support Add-Ons

Load Balancer Module

Support Add-Ons

Operating System Module

Support Add-Ons

Storage Module

Support Add-Ons

Virtualization Module

Support Add-Ons

Web Server Module

Support Add-Ons

Content Packs

ITSI currently still supports modules. Modules were introduced in version 2.0 as a way to deliver out-of-the-box content to customers.

Like content packs, modules include KPI base searches, KPIs, and entity auto-discovery searches, but not the other elements that content packs provide. One key difference is that all module content is immutable, so you can't tailor KPI base searches for maximum performance.

Due to the limitations of modules, the current best practice is to use the content packs instead.

Further details on ITSI Content Packs can be found at https://docs.splunk.com/Documentation/ITSICP/current/Config/About

Content Pack for Monitoring Microsoft Windows

Support Add-Ons

Content Pack for Monitoring Unix and Linux

Support Add-Ons

Splunk ITSI Content Pack for Shared IT Infrastructure Components

Support Add-Ons

Notable Event Aggregation Policy

Integrations

  • Phantom
  • VictorOps
    • Splunk Integration Guide - VictorOps - The VictorOps and Splunk integration allow teams to schedule queries or alerts in Splunk to monitor system health. The VictorOps integration with Splunk can be leveraged to collect data about the overall release tool chain and deployment success to allow teams to collaborate around that information in the timeline.
    • Create ticket in VictorOps - Splunk - You can create an incident in a VictorOps incident management system for an (ITSI) episode.

.Conf Presentations

Selected .conf presentations related to various aspects of ITSI.

Contribute

Contributions welcome! Read the contribution guidelines first.

License

CC0

To the extent possible under law, Simon Duff has waived all copyright and related or neighbouring rights to this work.