ElasticSPL 1.1 Community Edition Released

Today we are releasing version 1.1 of our ElasticSPL Add-on for Splunk. 

Most importantly, we made one connection to an Elasticsearch instance free to the community. For this, we switched the distribution of the app to a downloadable app on Splunkbase. 

Overall Improvements

• One Elasticsearch connection for free

• Various performance improvements

• Removed all Splunk Capabilities to a Role Based model for Splunk Cloud compatibility

• Configuration consolidation

• Added a link to Elasticsearch Builder

• Added License Management

Workbench Improvements

• Changed the name to Workbench (Formerly Explorer)

• Combined Lucene, Time Series, and Statistics Queries into a single view

• Possibility to update an existing query

• JSON Highlighting

• Input validation

• Progress and Error reporting

The new Workbench provides an easy-to-use interface to edit saved Elastic Queries or to test out new queries.

Performance

We have improved the add-on to get results faster from Elastic Search. Our performance test shows a threefold improvement in fetching data.

Summary

ElasticSPL is an easy-to-use integration to run queries against data residing in Elasticsearch environments. Try out our community edition, which contains one free connection.