Blog

Getting Started with uberAgent & Splunk

A new hire’s journey into the world of user experience monitoring.

Hi, my name is Dominik Britz. I’m from Cologne, Germany and the latest team member of vast limits, the uberAgent company. I’d like to introduce myself, tell you why I’m here and what I’m going to do.

dominik

I started my career as a consultant in the end user computing space, building Citrix, Microsoft and VMware implementations from small to big. My focus was the automation of these deployments with PowerShell (you should always automate your environments, of course! Only automation guarantees quality and reproducibility). I also worked as a Citrix administrator for some time.

A few weeks ago I started as a customer success engineer at vast limits. I’ll do support, partner onboarding, webinars and pretty much anything that will make our customers’ and partners’ implementations successful.

This Is Why I Am at vast limits

Two things have to fit for me when I start a new career path: the people and the technology. As I know most of my new colleagues from my former consultant life, they aren’t “new” colleagues per se. They are all awesome and brilliant people, and I’m thrilled to work with them, again.

On to the second point: technology. uberAgent is such a great product! It collects all the relevant metrics from your endpoints without drowning you in numbers. And that’s not what marketing is saying, that is what our customers are telling me and what I am hearing from our partners as I am getting in touch with them in my first days at vast limits.

Learning Splunk as an EUC Guy

We use Splunk to visualize the data collected by uberAgent (we have experimental support for Elasticsearch and Microsoft OMS Log Analytics, too). As an end user computing guy, I had not worked with Splunk before. It is better known in the security space, e.g., to collect firewall logs. However, it can do so much more, and one learns it fast. My PowerShell obsession helped me a lot because the principle of piping was known to me.

Here is an example of how piping works. You want to know the top five hosts where Mozilla Firefox is crashing.

Top five hosts were firefox.exe is crashing

You start a search in the data collected by uberAgent (index=uberAgent) but you only want application error information (sourcetype=uberAgent:Application:Errors). In addition, you only want data for Mozilla Firefox (ProcName=firefox.exe).

In the next step, you pipe the resulting data from the previous commands to the Splunk top command, which displays the most common values of a field. You limit the output to five results (limit=5) and group it by the host field. The timeframe for the search is configurable with the time picker next to the search field.

Easy, isn’t it?

That was my two cents about my first weeks at vast limits. I’m happy to get in touch with you to talk about user experience monitoring with uberAgent and to discuss, how to make our product even better.

Leave a Reply

Your email address will not be published. Required fields are marked *