icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

We are working on something new...

A Fresh New Splunkbase
We are designing a New Splunkbase to improve search and discoverability of apps. Check out our new and improved features like Categories and Collections. New Splunkbase is currently in preview mode, as it is under active development. We welcome you to navigate New Splunkbase and give us feedback.
Splunkbase will be undergoing a scheduled migration and will be unavailable on Saturday, Oct 1, 2022, from 11AM to 3PM PDT

Accept License Agreements

Thank You

Downloading Eventgen
SHA256 checksum (eventgen_801.tgz) acefa87996fd9f20464185816b74a387aef39162c274f5b8abc57b1407930259 SHA256 checksum (eventgen_722.tgz) 2a97776864b9dd2fb949bfcfef9bb3ce1b5d8c9fa66ce6ee4be63144c40ec777 SHA256 checksum (eventgen_721.tgz) 6c52349b6ed41f6ef2a51ea93380d8edb7801fc92beb39efb03d52ee0809ce0c SHA256 checksum (eventgen_720.tgz) 5d9107305e4eeb24aa646cda754002004f5994db155bb43a800e095989b61c32 SHA256 checksum (eventgen_653.tgz) 90394ca839d28f9c52a4f8e795dfa3bafd35b5e79bec55a502e5e79d97a1ab02 SHA256 checksum (eventgen_711.tgz) 41c52e594b7a499c70778eead9c35b7f7c29ae6ce7ce18b034fe21cbb3186e07 SHA256 checksum (eventgen_710.tgz) 351f5280e03be43c05ec57d802c2202b779d27aaf209c7c779a5d57cd7506eb7 SHA256 checksum (eventgen_700.tgz) 14544c6df8b015139afcc2ced16aab15886795ef81308e0e526ba2f60678555e SHA256 checksum (eventgen_652.tgz) 13e2fa67404e7b65482e12e102963aa3532d0092f1640112fd4a32b13182509a SHA256 checksum (eventgen_651.tgz) 6fe825f9296c8f427cfb008f9dfad9bfb3aa146c3f9b6f90fb8026bbb3e58844 SHA256 checksum (eventgen_640.tgz) 76b03f4b175776a80ee7889124ce84023eb66903e8612f86028732b907cbc8ca SHA256 checksum (eventgen_636.tgz) 34159530d4268dedf9869ee1a37ba6ccf7c044f70c2174467c2a4ccc5740d898 SHA256 checksum (eventgen_634.tgz) a8e433fde5f7c0ac1b6b4014d47308ad17247f163278f0af4267a269fe805e8b SHA256 checksum (eventgen_633.tgz) 65117e6cf3d7d519a1526a48876df172cb1e23938b3642dce7987d48dc61964c SHA256 checksum (eventgen_632.tgz) 9096922fdda79e90b26a848fcf86348bacef1b8874e8f2d22fc822b67ef1f2ac SHA256 checksum (eventgen_631.tgz) 0cbf61dc2e2623739e74160be8a9ad3f02ff64f865ccb0f7a0b6e4b6f2f0921e SHA256 checksum (eventgen_630.tgz) 69f5dd8109386474474849a1e57c01c4dd100f8838dbf27d7eae7b46891ae851 SHA256 checksum (eventgen_621.tgz) c72fa72204f937c4621d6451c9ce71b79a4b2968493f733da7e9a79f24f57ff3
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate



Splunk Cloud
Splunk Built
The Splunk Event Generator (Eventgen) is a utility which allows its users to easily build real-time event generators.

Eventgen allows an app developer to get events into Splunk to test their applications. It provides a somewhat ridiculous amount of configurability to allow users to simulate real data.

To join the development community, please go to https://github.com/splunk/eventgen.
For documentation, please go to the Eventgen Documentation(http://splunk.github.io/eventgen/).

The Splunk Event Generator

The Splunk Event Generator is a utility which allows its user to easily build real-time event generators.
The current maintainers of this project are Jack Meixensperger (jackm@splunk.com), Nicholas Good (ngood@splunk.com), and Martin Luo (haolel@splunk.com).

The goals of this project:

  • Provide a single data generation solution that all Splunk Apps can leverage
  • Enable portable and re-usable configurations that can be quickly adapted between use cases
  • Allow every type of Splunk event or transaction to be modeled inside Eventgen


Documentation is hosted at Eventgen Documentation.

For more information, please go to Eventgen Github Repository.

Release Notes

Version 8.0.1
June 13, 2022
  • Package size reduced to about 1/3 of original size
  • Updated version of golang module dependencies
Version 7.2.2
Aug. 9, 2021

For Splunk Cloud app certification

Version 7.2.1
Jan. 22, 2021
  • bugfix for perDayVolume
  • update dependency package versions
  • app is now cloud-vetted
  • app can be installed without restart
Version 7.2.0
Oct. 9, 2020
  • added support for “interval” option in replay mode
  • added new “splitSample” option
  • added new "counter" generator
  • added metrics logging
  • bugfix for logging verbosity
  • bugfix for replay mode threading and backfill generation
  • bugfix for csv file handling
  • bugfix for timeMultiple handling
    NOTE: this version does not support Splunk >= 8.0 on Windows 10
Version 6.5.3
July 22, 2020

Maintenance release with ujson version fix and updated userName samples

Version 7.1.1
July 21, 2020
  • fixed broken "fileRotator" config option
  • update to default "source" behavior: unless specified, the default source is set to the sample name
    NOTE: this version does not support Splunk >= 8.0 on Windows 10
Version 7.1.0
April 7, 2020
  • fixed oom error caused by ujson
  • added scp output plugin - use outputMode = scsout
  • added --multithread support for server/controller architecture
  • fix CI failures due to jinja in log config
    NOTE: this version does not support Splunk >= 8.0 on Windows 10
Version 7.0.0
Oct. 23, 2019
  • Python3 support on 8.0
  • Migrate to Python3 and 7.0.0 only supports Python3
  • Fix random token replacement bug
  • Enhance tutorial documentation
  • Add syslogAddHeader option
  • Fix timezone setting bug
  • Fix out of memory issue when using multiprocess mode
  • Remove some stale third party libraries

Please set "python.version = python3" in "server.conf" in $SPLUNK_HOME/etc/system/local in [general] stanza.

Version 6.5.2
Oct. 9, 2019
  • Fix zipfile bug
  • Fix random token replacement bug
  • Fix security vulnerability issue
  • Fix custom plugin stale docs
  • Fix timezone setting bug
  • Fix multiprocess OOM issue
  • Add syslogAddHeader config
Version 6.5.1
Aug. 1, 2019
  • Added metrics output mode
  • Fixed regex token replacement issue
  • Added test coverage information
  • Increased functional test coverage
  • Eventgen server complete revamp and standalone mode support
  • Added contributor license
  • Updated Dockerfile
  • Added documentation
  • Fixed bugs / stability / optimized speed
Version 6.4.0
June 5, 2019
  • Fix exception log error
  • Fix CircleCI status badage error
  • Fix navigation error for app if installed with Splunk Stream
  • Fix generatorWorkers not working error
  • Fix interval error when end = 1
  • Fix fileName in global stanza error
  • Add 3rd party libs in SA-Eventgen App
  • Add httpeventAllowFailureCount for httpevent
  • Add 3rd party libs in license credit
  • Disable logging queue in multiprocess mode
  • Change implementation of extendIndex for better performance
Version 6.3.6
May 10, 2019
  • Add functional tests for jinja template and modular input feature
  • Fix default jinja template directory is not correctly resolved when sampleDir is set issue
  • Fix verbose flag not working in splunk_eventgen command line issue
  • Fix index, source, sourcetype are not correct when using splunkstream mode issue
  • Fix ssh to container issue
  • Fix perdayvolume without end setting error
  • Update documentation for better reading and remove unrelated part
Version 6.3.4
March 15, 2019
  • Cleaned up documentation
  • Jinja template bugfix in SA-Eventgen app
  • Implementation of 'timeMultiple’ option
  • Templates for bugs/feature requests
  • Fixed Jinja test configuration stanzas
  • Fix for default behavior for 'count' edge cases
Version 6.3.3
March 5, 2019
  • Added performance metrics compared to Eventgen 5.x
  • New config option for generation-time metrics: outputCounter
  • Jinja template fixes
  • Timestamp parsing fix
  • Output queueing fix for outputMode splunkstream
  • Count rater fixes, now supports indefinite generation
Version 6.3.2
Nov. 20, 2018
  • Fixed verbosity bug from 6.3.1
  • Added documentation
Version 6.3.1
Nov. 16, 2018
  • Fixed Eventgen Volume APIs
  • Improved Eventgen Server Logging
  • Corrected Eventgen Server and Controller conf syncing issue
  • Adding verbosity options (ERROR, INFO, DEBUG) to Eventgen modinput
  • Implemented future event generation support in replay mode
  • Fixed Jinja template's missing default values
  • Adjusted logging message levels for less verbosity
  • Fixed event count off by 1 issue
  • Fixed unnecessary empty data generators being created
  • Updated dependency list
Version 6.3.0
Oct. 26, 2018
  • Bug fixes for the customer issues
  • Documentation upgrade
  • Code refactoring for version unification
  • Logging improvements
Version 6.2.1
June 1, 2018
  • Fixing SA-Eventgen Dashboard and log searching
  • Improving internal logging and fixing splunkd logging issue
  • Fixing timestamping in default generator
  • Fixing custom plugin integration
  • Fixing SA-Eventgen app settings
  • Supporting Eventgen 5 backward compatibility with additional features
  • Better modinput process management
  • Minor Bugfixes with various customer cases

Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.