icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

We are working on something new...

A Fresh New Splunkbase
We are designing a New Splunkbase to improve search and discoverability of apps. Check out our new and improved features like Categories and Collections. New Splunkbase is currently in preview mode, as it is under active development. We welcome you to navigate New Splunkbase and give us feedback.
Splunkbase will be undergoing a scheduled migration and will be unavailable on Saturday, Oct 1, 2022, from 11AM to 3PM PDT

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading TrackMe
SHA256 checksum (trackme_1258.tgz) d3449d4d4f5a13c2d09ad1fc9af8634fd7f1e78de1df0ab38764dc646569969b SHA256 checksum (trackme_1257.tgz) 777109f547b2d364d504131360060a5fda6ea3766739eedc068d5775bbedbe99 SHA256 checksum (trackme_1256.tgz) 921d8b3499e75d2510497ca92821d737c00d8c2d5f94dd5adf9858e5934d9c10 SHA256 checksum (trackme_1255.tgz) ab1304cfff178df9c2791ce2ab75ca7e807af2d57412b7ae3d48e86429b49533 SHA256 checksum (trackme_1254.tgz) 2f4f9da4b0c3686bc0a3d2bb7b6c4c542be96168102d5c13248cd7f9548e6261 SHA256 checksum (trackme_1253.tgz) 2e10e97cace330763f3f1b1394b0642bc1256c82eec8da38d842337edc2f2411 SHA256 checksum (trackme_1252.tgz) 1e6bc7058041453f53c0b2f12dcaa736c9b0be2bf20bd3dd0e236e2e89a3dd95 SHA256 checksum (trackme_1251.tgz) 777c09d737eb5b16fb00f094f9a2874ea136cd981136acc6789ffe5d6294e4ca SHA256 checksum (trackme_1250.tgz) aa8e56b8727e605b0227ba9418a8c71db395ad7c180b6c45c1c0bd3c4ed7b014 SHA256 checksum (trackme_1249.tgz) 04655d6284b7993b0756970395989edcf683dae24de02d71950f739e90100673 SHA256 checksum (trackme_1248.tgz) eb4a88c099cec331a140a1d01bd50f80f1933e72dba070300be770b4ad10686b SHA256 checksum (trackme_1247.tgz) 028320f7b844ec7174dd3b0f7b6759c55e2fa81b38d5602f1203f1397ce833a8 SHA256 checksum (trackme_1246.tgz) dc49675ed78f0220f93831290f6264e9e72b769b2e0e034fe9e4bd84c73c6c6c SHA256 checksum (trackme_1245.tgz) dd486556c13546072a4c98e5d3de7637f0bec037d7409f57e8e44bb4e899bd9d SHA256 checksum (trackme_1244.tgz) 8dd8ce8341494d5bfe5dc56a58d3dd9aec7d325fc2a4e50db21972f22bf09760 SHA256 checksum (trackme_1243.tgz) e374c88b4eae86bcc316b0f8c644687d226f068c7ef5e370a60dbb6a5d0ca10e SHA256 checksum (trackme_1242.tgz) 3d38f397569904ae956b91ab57b96bf8c9c406cf6fb3a380858459918667708c SHA256 checksum (trackme_1241.tgz) 69b1091cf0d5ce0191f636605ce9a4211521c98f4c5459bb8662b69f3c972064 SHA256 checksum (trackme_1240.tgz) 7717f9b532f16274d817e23024232e780d28cffc871b41c7b0c7af4c7abfb748 SHA256 checksum (trackme_1238.tgz) b5af9d1568dd7aa221aa0e99c23c6640a75c08f19161a318808d6ab1922c0605 SHA256 checksum (trackme_1237.tgz) 43f3908eac73128854538557d80d81013ccb3bcab7aa03843583c136f30539cd SHA256 checksum (trackme_1236.tgz) 04245537a41766138bcf4a64e9a9fee0fd2be2ed4bbcb5cf01325f5728e79bca
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate



**TrackMe v2 is coming soon and will address HTML dashboards deprecation, keep on track!**

TrackMe provides automated monitoring and visibility insight of your data sources, with a powerful user interface and workflow for Splunk product owners to detect and alert on lack of availability, abnormal latency, volume outliers detection and quality issues:

- Discover and store key states information of data sources, data hosts and metric hosts availability
- Provides a powerful user interface to manage activation states, configuration and quickly identify data availability failures
- Analyse and detect lack of data and performance lagging of data sources and hosts within your Splunk deployment
- Behaviour analytic with outlier detection based on machine learning outliers calculations
- Behaviour analytic with data sampling and event format recognition, monitor and detect anomalies in raw events to detect event format changes or misbehaviour based on builtin rules and extended with your own custom rules, detect PII data with custom models
- Create elastic sources for any kind of custom monitoring requirements based on tstats / raw / mstats / from searches to fullfill any requirements
- Record and investigate historical changes of statuses, as well as administrators changes (audit flipping and changes)
- Easy administration via graphical human interface from A to Z
- No matters the purpose of your Splunk deployment, trackMe will become an essential piece of your deployment, providing key value for PCI or compliance requirements
- Keep things under your control and be the first to know when data is not available, get alerted before your users get back to you!

TrackMe at .conf 2021!
- video: https://conf.splunk.com/files/2021/recordings/TRU1548B.mp4
- slides: https://conf.splunk.com/files/2021/slides/TRU1548B.pdf

Why this application?

Splunk administrators and engineers have to spend a good amount of time and energy to on-board and monitor data sources, which becomes more and more complex and time consuming with the explosion of volume and variety of data.

However, it is very frequent to realise after math that something went wrong, for some reason the sender stopped sending, an upgrade broke a configuration, a network rule was lost, an unexpected side effect of a change occurred, parsing issues are not detected...

No administrator should be informed of an issue in the data flow by the customer or the end users, this is why you need pro-activity, costless and scalable availability monitoring.

with the massive amount and variety of data sources, this becomes easily a painful and problematic activity, this application aims to drastically help you in these daily tasks.

Made by Splunk admins for Splunk admins, the TrackMe application provides builtin powerful features to monitor and administer you data source monitoring the easy way!

See: https://trackme.readthedocs.io

Python compatibility: TrackMe is fully compatible with Python3 only environments

TrackMe .conf 2021 video: https://conf.splunk.com/files/2021/recordings/TRU1548B.mp4

TrackMe .conf 2021 slides: https://conf.splunk.com/files/2021/slides/TRU1548B.pdf

Online Documentation: https://trackme.readthedocs.io

ITSI integration: https://trackme.readthedocs.io/en/latest/itsi_integration.html

Cribl Logstream integration: https://trackme.readthedocs.io/en/testing/cribl_integration.html

This project is hosted in GitHub: https://github.com/guilhemmarchand/trackme

Open an issue: https://github.com/guilhemmarchand/trackme/issues

REST API reference manual: https://trackme.readthedocs.io/en/testing/rest_api_reference.html


Since TrackMe 1.2.0, there are dependencies:


See instructions: https://trackme.readthedocs.io/en/latest/deployment.html

TrackMe runs on the search heads only (or monitoring console host if you decide to deploy TrackMe in this instance), the only indexer level dependencies is the definition of an event index and a metric index. TrackMe should not be deployed to the indexers or any level of forwarders.

Release Notes

Version 1.2.58
Dec. 20, 2021
  • Fix Issue #379 - urllib3 insecure error messages from custom endpoint when interracting with splunkd
  • Fix Issue #378 - backup and restore generate POST related warning messages
  • Fix Issue #377 - Typos in sample instructions in backup and restore user interface
  • Fix Issue #364 - The long term tracker can impact some data sources unexpectly in some specific conditions

SHA-256: d3449d4d4f5a13c2d09ad1fc9af8634fd7f1e78de1df0ab38764dc646569969b

Version 1.2.57
Nov. 5, 2021

Version 1.2.57

  • Fix Issue #375 - restore fails due to max document per batch API limit reached
  • Fix Issue #371 - typo in Data sampling error messages
  • Fix Issue #374 - missing shortcut to trackme_data_source_monitoring_blacklist_data_name in the nav menu

SHA-256: 777109f547b2d364d504131360060a5fda6ea3766739eedc068d5775bbedbe99

Version 1.2.56
Nov. 1, 2021
  • Fix Issue #372 - Non existing id section in app.conf was reported to cause trouble to Splunk Cloud internal automation

SHA-256: 921d8b3499e75d2510497ca92821d737c00d8c2d5f94dd5adf9858e5934d9c10

Version 1.2.55
Oct. 27, 2021

.. warning:: Splunk 8.x and Python3 support only

- Starting from this release, only Splunk 8.x and Python3 are supported
- Some functions such as builtin alert actions are not compatible any longer with Python2 and Splunk 7.x
- For the latest version available for Splunk 7.x, see the release 1.2.51
  • Feature: Provides a new split by custom mode to allow defining a custom indexed field in the data source discovery and maintenance workflow
  • Feature: Notification bar and various UI improvements in the configuration UI

SHA-256: ab1304cfff178df9c2791ce2ab75ca7e807af2d57412b7ae3d48e86429b49533

Version 1.2.54
Oct. 22, 2021

Splunk 8.x and Python3 support only

- Fix - Issue #368 - Disable the KVstore to indexers replication for the kv_trackme_objects_summary collection

SHA-256: 2f4f9da4b0c3686bc0a3d2bb7b6c4c542be96168102d5c13248cd7f9548e6261
Version 1.2.53
Aug. 17, 2021

Splunk 8.x and Python3 support only

- Fix - Issue #362 - Windows based deployment reports ERROR JSON reply had no "payload" value in rest calls

SHA-256: 2e10e97cace330763f3f1b1394b0642bc1256c82eec8da38d842337edc2f2411
Version 1.2.52
Aug. 7, 2021

WARNING! Splunk 8.x and Python3 support only

  • Starting from this release, only Splunk 8.x and Python3 are supported
  • Some functions such as builtin alert actions are not compatible any longer with Python2 and Splunk 7.x
  • For the latest version available for Splunk 7.x, see the release 1.2.51

release notes:

  • Enhancement - Issue #360 - JQuery upgrade for Simple XML dashboards
  • Enhancement - migration to ucc-gen for the librairies management and the app generation
  • Change - Python2 and Splunk 7.x support is dropped starting from this release, TrackMe now only supports Splunk 8.x and Python3

SHA-256: 1e6bc7058041453f53c0b2f12dcaa736c9b0be2bf20bd3dd0e236e2e89a3dd95

Version 1.2.51
Aug. 5, 2021
  • Fix - Issue #356 - trackme.py endpoint check can be circumvented to perform REST calls to endpoints external to TrackMe
  • Fix - Issue #357 - In Splunk Cloud the UI manage and configure will not provide the right URL for quick access to the macro definition
Version 1.2.50
Aug. 2, 2021
  • Fix - Issue #352 - Splunk 8.2 regression in data sampling engine causes only 1 event to be stored in the sampling KVstore post execution due stats first(*) change in behaviour

SHA-256: aa8e56b8727e605b0227ba9418a8c71db395ad7c180b6c45c1c0bd3c4ed7b014

Version 1.2.49
June 22, 2021
  • Enhancement - Fix Issue #343 - REST CALL - use nobody context to optimize rest calls performance in large scale environments

SHA-256: 04655d6284b7993b0756970395989edcf683dae24de02d71950f739e90100673

Version 1.2.48
June 20, 2021
  • Enhancement - Issue #335 - addresses memory overhead of the metric trackers using span=1s by default
  • Fix - Issue #336 - Fix - SmartStatus - future tolerance macro is not taken into account by the endpoint
  • Fix - Issue #333 - Nav - Wrong search for metric hosts allow list collection
  • Fix - Issue #337 - Data sources - Short term tracker run via the UI should use latest=+4h, long term tracker should match savedsearch earliest=-24h latest=-4h
  • Fix - Issue #338 - Splunk 8.2 regression in rootUri for UI TrackMe manage drilldowns to macro due to a root URL change in manager
  • Fix - Issue #339 - Data sources - Data source overview chart tab should honor the trackme_tstats_main_filter macro
  • Change - Nav - remaining whitelist and blocklists terms

SHA-256: eb4a88c099cec331a140a1d01bd50f80f1933e72dba070300be770b4ad10686b

Version 1.2.47
May 26, 2021
  • Fix - Issue #328 - Data host - Regex based block lists are not honored as documented
  • Fix - Issue #329 - Data host - Splunk 8.2 regression with multivalue aggregation caused by a change in behaviour
  • Change: Update splunktaucclib to 4.2.0
  • Change: Update splunktalib to 1.2.1

SHA-256: 028320f7b844ec7174dd3b0f7b6759c55e2fa81b38d5602f1203f1397ce833a8

Version 1.2.46
May 9, 2021
  • Enhancement - Issue #327 - Smart Status - Add search history quick access button in Smart Status screens
  • Fix - Issue #324 - Lagging classes - lagging classes applying at the same level (all/data_source/data_host) for different types of objects and the same name are not honoured properly due to a logic default in the lookup mapping

SHA-256: dc49675ed78f0220f93831290f6264e9e72b769b2e0e034fe9e4bd84c73c6c6c

Version 1.2.45
April 29, 2021
  • Feature - Issue #312 - Migration from Addon Builder based libs to Splunk Addon factory UCC based libs
  • Feature - Issue #316 - Provides day time filtering options when creating custom alerts

SHA-255: dd486556c13546072a4c98e5d3de7637f0bec037d7409f57e8e44bb4e899bd9d

Version 1.2.44
April 12, 2021
  • Fix Issue #310 - Alert actions - Dropdown object in Smart Status tab rendering errors

SHA-256: 8dd8ce8341494d5bfe5dc56a58d3dd9aec7d325fc2a4e50db21972f22bf09760

Version 1.2.43
April 12, 2021

This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:

TrackMe requires a summary index (defaults to trackme_summary) and a metric index (defaults to trackme_metrics):

  • Fix Issue #308 - Alert actions - extraction failure for Smart Status in the UI for rendering purposes

SHA-256: e374c88b4eae86bcc316b0f8c644687d226f068c7ef5e370a60dbb6a5d0ca10e

Version 1.2.42
April 12, 2021

This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:

TrackMe requires a summary index (defaults to trackme_summary) and a metric index (defaults to trackme_metrics):

  • Feature - Issue #306 - Alert actions - UI enhancements
  • Fix - Issue #305 - Custom alerts - created alerts should set alert.digest_mode

SHA-256: 3d38f397569904ae956b91ab57b96bf8c9c406cf6fb3a380858459918667708c

Version 1.2.41
April 9, 2021


This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:

See releases notes: https://trackme.readthedocs.io/en/latest/releasenotes.html

Version 1.2.40
March 30, 2021
  • Enhancement - Issue #297 - Performances - Long term tracker improvements

SHA-256: 7717f9b532f16274d817e23024232e780d28cffc871b41c7b0c7af4c7abfb748

Version 1.2.38
March 16, 2021
  • Fix - Issue #287 - Since version 1.2.37 most of interractions in the UI are made via TrackMe rest endpoints, however the capability list_settings is required for non privileged users and should be added to the trackme_admin role

SHA-256: b5af9d1568dd7aa221aa0e99c23c6640a75c08f19161a318808d6ab1922c0605

Version 1.2.37
March 14, 2021
  • Enhancement - Issue #279 - Decomission of the getlistdef custom command in favor of a simpler and cleaner pure SPL approach
  • Enhancement - Issue #280 - Add new REST endpoint to manage logical group associations
  • Enhancement - Issue #285 - Flipping statuses workflow improvements
  • Change - Issue #275 - permissions - provides a builtin trackme_user role to handle the minimal non admin access for TrackMe
  • Change - Issue #276 - User Interface - Migration of Ajax javascript REST calls made within the UI from splunkd to TrackMe based API endpoints
  • Change - Issue #278 - Upgrade of splunklib Python SDK to latest release 1.6.15
  • Fix - Issue #273 - User Interfaces - Several searches should not kick off start at TrackMe main UI loading time
  • Fix - Issue #274 - Data Sources - tags dropdown can render unwanted results when no tags are defined
  • Fix - Issue #277 - REST endpoint - the endpoint ds_update_min_dcount_host should allow any as the input
Version 1.2.36
March 1, 2021
  • Feature - Issue #266 - ID cards - Wildcard matching for ID cards allowing matching any number of entities for the same card using wildcards and your naming conventions
  • Enhancement - Issue #268 - Backup and Restore - Perform an additional get call in the Backup operation to automically discover any missing backup files
  • Fix - Issue #267 - Backup and Restore - Python2 compatibility issues with Splunk 7.x
  • Fix - Issue #261 - SLA - SLA reporting should honour allow/block list and not monitored entities #261
  • Fix - Issue #266 - ID cards - Updating an existing card within the UI removes other associations with the card that is updated
  • Fix - Issue #270 - REST endpoint resources groups wrong exposure for Splunk Web proxied behaviors

SHA-256: 04245537a41766138bcf4a64e9a9fee0fd2be2ed4bbcb5cf01325f5728e79bca

Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.