Skip to main content

vast limits GmbH and uberAgent are now part of Citrix, a business unit of Cloud Software Group. Learn more at


Getting Started with uberAgent & Splunk

  • by Dominik Britz
  • December 6, 2017

A new hire’s journey into the world of user experience monitoring.

Hi, my name is Dominik Britz. I’m from Cologne, Germany and the latest team member of vast limits, the uberAgent company. I’d like to introduce myself, tell you why I’m here and what I’m going to do.


I started my career as a consultant in the end user computing space, building Citrix, Microsoft and VMware implementations from small to big. My focus was the automation of these deployments with PowerShell (you should always automate your environments, of course! Only automation guarantees quality and reproducibility). I also worked as a Citrix administrator for some time.

A few weeks ago I started as a customer success engineer at vast limits. I’ll do support, partner onboarding, webinars and pretty much anything that will make our customers’ and partners’ implementations successful.

This Is Why I Am at vast limits

Two things have to fit for me when I start a new career path: the people and the technology. As I know most of my new colleagues from my former consultant life, they aren’t “new” colleagues per se. They are all awesome and brilliant people, and I’m thrilled to work with them, again.

On to the second point: technology. uberAgent is such a great product! It collects all the relevant metrics from your endpoints without drowning you in numbers. And that’s not what marketing is saying, that is what our customers are telling me and what I am hearing from our partners as I am getting in touch with them in my first days at vast limits.

Learning Splunk as an EUC Guy

We use Splunk to visualize the data collected by uberAgent (we have experimental support for Elasticsearch and Microsoft OMS Log Analytics, too). As an end user computing guy, I had not worked with Splunk before. It is better known in the security space, e.g., to collect firewall logs. However, it can do so much more, and one learns it fast. My PowerShell obsession helped me a lot because the principle of piping was known to me.

Here is an example of how piping works. You want to know the top five hosts where Mozilla Firefox is crashing.

Top five hosts were firefox.exe is crashing

You start a search in the data collected by uberAgent (index=uberAgent) but you only want application error information (sourcetype=uberAgent:Application:Errors). In addition, you only want data for Mozilla Firefox (ProcName=firefox.exe).

In the next step, you pipe the resulting data from the previous commands to the Splunk top command, which displays the most common values of a field. You limit the output to five results (limit=5) and group it by the host field. The timeframe for the search is configurable with the time picker next to the search field.

Easy, isn’t it?

That was my two cents about my first weeks at vast limits. I’m happy to get in touch with you to talk about user experience monitoring with uberAgent and to discuss, how to make our product even better.

About uberAgent

The uberAgent product family offers innovative digital employee experience monitoring and endpoint security analytics for Windows and macOS.

uberAgent UXM highlights include detailed information about boot and logon duration, application unresponsiveness detection, network reliability drill-downs, process startup duration, application usage metering, browser performance, web app metrics, and Citrix insights. All these varied aspects of system performance and reliability are smartly brought together in the Experience Score dashboard.

uberAgent ESA excels with a sophisticated Threat Detection Engine, endpoint security & compliance rating, the uAQL query language, detection of risky activity, DNS query monitoring, hash calculation, registry monitoring, and Authenticode signature verification. uberAgent ESA comes with Sysmon and Sigma rule converters, a graphical rule editor, and uses a simple yet powerful query language instead of XML.

About vast limits

vast limits GmbH is the company behind uberAgent, the innovative digital employee experience monitoring and endpoint security analytics product. vast limits’ customer list includes organizations from industries like finance, healthcare, professional services, and education, ranging from medium-sized businesses to global enterprises. vast limits’ network of qualified solution partners ensures best-in-class service and support anywhere in the world.


Your email address will not be published. Required fields are marked *


Thank you... I'm excited