TA-Eventgen-Learning is a tool designed to assist Splunk users in obtaining training data for practicing their data manipulation skills in Splunk. This application provides various types of data that can be generated, some of which are pre-parsed, while others are not. In addition, we'll walk you through configuring EventGen to accept external sources.
Latest updated: See Changelog
Eventgen-Ready-to-learn offers the following features:
- Generation of synthetic event data in various formats (CSV, JSON, XML, etc.).
- Pre-parsed data samples for quick Splunk exercises.
- User-friendly configuration options for data generation.
- Easily extendable for additional data types.
Each source have dedicated documentation.
- Install Eventgen App.
⚠️ Download the latest version (not selected by default)
- Enable the SA-Eventgen modinput by going to Settings > Data Inputs > SA-Eventgen and by clicking “enable” on the default modular input stanza.
- Download & Copy/Move this App bundle into your ${SPLUNK_HOME}/etc/apps/ directory OR you can possibly install this App via Splunk WebUI normally.
- Creation of index
eventgen_eventsor replace index ineventgen.conf - Restart Splunk
- Search by
index=eventgen_events
- Splunkbase published
- New data sources
- Climate Sensor
- Splunk Web UI information page
- Parsing model for each sources
We welcome contributions to improve Eventgen-Ready-to-learn. If you have ideas for new features or find any issues, please submit a pull request or open an issue on the GitHub repository.
This project is the aggregation of several other EventGen projects (with possibly modifications):
Logo: Planning icon created by Freepik - Flaticon
Nicolas SAGOT
This project is licensed under the Apache License 2.0. Feel free to use, modify, and distribute it as needed while adhering to the terms of the Apache License 2.0.