icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading TrackMe
SHA256 checksum (trackme_1236.tgz) 04245537a41766138bcf4a64e9a9fee0fd2be2ed4bbcb5cf01325f5728e79bca SHA256 checksum (trackme_1235.tgz) c025b596eb3fb1aaec79299f1c73664523233ded8aafab5716a5097af1087f43 SHA256 checksum (trackme_1234.tgz) 644843ebd65fc2b6bdc71f1b57882383dc03a38cdac439782a579b1c6b86d78b SHA256 checksum (trackme_1233.tgz) 480934e579c428365f661d87c4e60d3ae23309185567027ff9a5932b98c313e4 SHA256 checksum (trackme_1232.tgz) e2517f5fb8faaa33957494a6fa65e504cd1db515bf08b86d145dda1fb5b62e23 SHA256 checksum (trackme_1231.tgz) 338ec6ff9190d3dbe11551885dba90dfc40d9a5e72331a23569e8f307612d044 SHA256 checksum (trackme_1230.tgz) 8dbcc00a905db2511a4f8cb28713ade163eae6771cf1543e8ab28de1d389c621 SHA256 checksum (trackme_1229.tgz) 7b19f8ae57f93981ad668225ad277dff0bee49cc5b257b76fff3fd70861320e0 SHA256 checksum (trackme_1228.tgz) f9a3e3189882fd1069bb08f50af77f48caa80474af3f708080de95be6bc66d56 SHA256 checksum (trackme_1227.tgz) 8736d52bb690d7597fed77036708d13f7cd9649a8339a50c9a52d5f46f28c044 SHA256 checksum (trackme_1226.tgz) 5e48d054a60c063e94da553d826beb4e6b3edb117b6ad90b986950c3fc564a52 SHA256 checksum (trackme_1225.tgz) 50bd629c07f38fb4ae8527cc15c89cccebba1eadda2736d6db63e33ec184be69 SHA256 checksum (trackme_1224.tgz) fac7f268b943297d842c8589bb6fb98ebd79c4047b60fe72f59c1fdb7538eb32
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate


Admins: Please read about Splunk Enterprise 8.0 and the Python 2.7 end-of-life changes and impact on apps and upgradeshere.
TrackMe provides automated monitoring and visibility insight of your data sources, with a powerful user interface and workflow for Splunk product owners to detect and alert on lack of availability, abnormal latency, volume outliers detection and quality issues:

- Discover and store key states information of data sources, data hosts and metric hosts availability
- Provides a powerful user interface to manage activation states, configuration and quickly identify data availability failures
- Analyse and detect lack of data and performance lagging of data sources and hosts within your Splunk deployment
- Behaviour analytic with outlier detection based on machine learning outliers calculations
- Behaviour analytic with data sampling and event format recognition, monitor and detect anomalies in raw events to detect event format changes or misbehaviour based on builtin rules and extended with your own custom rules, detect PII data with custom models
- Create elastic sources for any kind of custom monitoring requirements based on tstats / raw / mstats / from searches to fullfill any requirements
- Record and investigate historical changes of statuses, as well as administrators changes (audit flipping and changes)
- Easy administration via graphical human interface from A to Z
- No matters the purpose of your Splunk deployment, trackMe will become an essential piece of your deployment, providing key value for PCI or compliance requirements
- Keep things under your control and be the first to know when data is not available, get alerted before your users get back to you!

Why this application?

Splunk administrators and engineers have to spend a good amount of time and energy to on-board and monitor data sources, which becomes more and more complex and time consuming with the explosion of volume and variety of data.

However, it is very frequent to realise after math that something went wrong, for some reason the sender stopped sending, an upgrade broke a configuration, a network rule was lost, an unexpected side effect of a change occurred, parsing issues are not detected...

No administrator should be informed of an issue in the data flow by the customer or the end users, this is why you need pro-activity, costless and scalable availability monitoring.

with the massive amount and variety of data sources, this becomes easily a painful and problematic activity, this application aims to drastically help you in these daily tasks.

TrackMe provides a handy user interface associated with an efficient data discovery, state and alerting workflow.

Made by Splunk admins for Splunk admins, the TrackMe application provides builtin powerful features to monitor and administer you data source monitoring the easy way!

See: https://trackme.readthedocs.io

Online Documentation: https://trackme.readthedocs.io

ITSI integration: https://trackme.readthedocs.io/en/latest/itsi_integration.html

This project is hosted in GitHub: https://github.com/guilhemmarchand/trackme

Open an issue: https://github.com/guilhemmarchand/trackme/issues

REST API reference manual: https://trackme.readthedocs.io/en/testing/rest_api_reference.html


Since TrackMe 1.2.0, there are dependencies:


See instructions: https://trackme.readthedocs.io/en/latest/deployment.html

TrackMe runs on the search heads only (or monitoring console host if you decide to deploy TrackMe in this instance), the only indexer level dependencies is the definition of an event index and a metric index. TrackMe should not be deployed to the indexers or any level of forwarders.

Release Notes

Version 1.2.36
March 1, 2021

- Feature - Issue #266 - ID cards - Wildcard matching for ID cards allowing matching any number of entities for the same card using wildcards and your naming conventions
- Enhancement - Issue #268 - Backup and Restore - Perform an additional get call in the Backup operation to automically discover any missing backup files
- Fix - Issue #267 - Backup and Restore - Python2 compatibility issues with Splunk 7.x
- Fix - Issue #261 - SLA - SLA reporting should honour allow/block list and not monitored entities #261
- Fix - Issue #266 - ID cards - Updating an existing card within the UI removes other associations with the card that is updated
- Fix - Issue #270 - REST endpoint resources groups wrong exposure for Splunk Web proxied behaviors

SHA-256: 04245537a41766138bcf4a64e9a9fee0fd2be2ed4bbcb5cf01325f5728e79bca

Version 1.2.35
Feb. 24, 2021

- Feature - Issue #249 - CRIBL native integration - TrackMe can now be configured to be transparently reliying on the Cribl pipeline concept to discover and track data sources based on the cirbl_pipe to provide an easy and performing integration
- Feature - Issue #250 - new blocklisting capabilities based on the data_name for data sources

And many more.

See: https://trackme.readthedocs.io/en/latest/releasenotes.html

SHA-256: c025b596eb3fb1aaec79299f1c73664523233ded8aafab5716a5097af1087f43

Version 1.2.34
Feb. 15, 2021

- Enhancement - Issue #241 - KVstore backup and restore - Improved workflow with Metadata recording of backup archives, new dashboard providing insights on the workflow and its features
- Fix - Issues #242 - UI - interfaces like lagging classes, allow and block listing should not remove the search input form if there are no results found

SHA256: 644843ebd65fc2b6bdc71f1b57882383dc03a38cdac439782a579b1c6b86d78b

Version 1.2.33
Feb. 9, 2021

- Fix - Appinspect failures due to CSV lookup files not referenced as lookups (non Cloud failure)

Version 1.2.32
Feb. 9, 2021

- Enhancement - Issue #230 - data host over time and single search performance improvements
- Enhancement - Issue #222 - Automatically Backup Main KV Store collections, provide endpoints for backup and restore operations
- Enhancement - Issue #232 - REST API and tooling - Provide a new app nav menu and a new dashboard to demonstrate the REST API endpoints and the usage of the trackme API in SPL commands
- Fix - Issue #231 - UI - reduce the max number of entries in the tag policies screen (goes beyond the modal limitation)
- Fix - Issue #233 - Smart Status - orange state due to week days monitoring is not properly handled
- Fix - Issue #235 - Data sources - Week days monitoring rules are not honoured if triggering due to dcount host
- Fix - Issue #236 - Data sources - status message is inaccurate if data source is in data sampling alert but week days monitoring rules are not met

Version 1.2.31
Feb. 2, 2021

- Feature: Introducing the trackme REST API wrapper SPL command, allows interracting with the TrackMe REST API endpoints within SPL queries!
- Feature: Introducing the smart status REST API endpoints, performs advanced status correlations and investigations easily and automatically, within the UI, as part of an alert action or within your third party automation!
- Feature: REST API endpoint for Data Sampling - allow reset and run sampling
... And more!

See: https://trackme.readthedocs.io/en/latest/releasenotes.html

Version 1.2.30
Jan. 2, 2021

- Feature - Issue #210 - new REST API endpoints for Elastic Sources / Logical Groups / Data Sampling / Tags Policies / Lagging Classes / Lagging Classes Metrics
- Feature - Issue #212 - Data sampling - Allows defining exclusive rules for data sampling custom models, this can be used when a regex must not be matched, such as detecting PII data automatically
- Feature - Issue #214 - Data sampling - Allows defining a custom number of records to be sampled on a per data source basis
- Feature - Issue #215 - Data Hosts - Support for priority based lagging classes
- Fix - Data sampling - Clear state and run sampling action would fail if actioned on a data source which data sampling has not run yet at least once, fixes and UI improvements for Data sampling
- Change - Issue #213 - knowledge objects default permissions - Review of the app related KVstores default permissions, fixing missing collections and transforms

Version 1.2.29
Dec. 15, 2020

- Feature Issue #205 - Introduction TrackMe REST API endpoints for automation integration and future UI evolutions (https://trackme.readthedocs.io/en/latest/rest_api_reference.html)
- Feature Issue #209 - Feature - Provides a new mode for data sources to allow by index level analysis
- Fix Issue #208 - Fix - creating a rest based search causes regression in the data sampling and event recognition engine

Version 1.2.28
Dec. 7, 2020

- Feature Issue #201 - Elastic Sources - Support for lookup tracking with from commands
- Feature Issue #202 - Elastic Sources - Support for remote searches using rest
- Fix Issue #203 - Provides a macro based definition for first level span of Metrics trackers
- Change: Upgrade of splunklib Python SDK to latest release 1.6.14

Version 1.2.27
Nov. 30, 2020


Version 1.2.26
Nov. 1, 2020

- Feature: Issue #186 - Data sampling - during the creation of a custom rule, its scope can now be restricted to a list of specific sourcetypes to dedicate custom rules and avoid rules overlapping issues
- Feature: Issue #188 - SLA calculation migration from flipping statuses events to current statuses events for reliable results / SLA dashboard improvements / Drilldown from SLA single percentage in TrackMe main UI to SLA dashboard
- Feature: Issue #190 - UI improvements - provide quick access to data sampling custom rules in the main data sources tab, unify trackers manual run for data sources and hosts in a single button and window
- Feature: Issue #191 - UI improvements - Load spinner at TrackMe loading stage, Spinner design refresh globally in TrackMe

Version 1.2.25
Oct. 24, 2020

- Feature: Issue #181 - Disable data sampling on demande via the UI #181
- Fix: Issue #180 - Outliers detection impacts offline data such as low frequency batched data sources #180
- Fix: Issue #182 - Data sampling - Manual run, Clear state and run sampling UI period constraint is too short for cold data sources #182
- FIx: Issue #183 - Data Sampling - number of entities to process calculation can lead to no entities being processes #183

Version 1.2.24
Oct. 11, 2020

- Feature: Issue #153 - For ITSI and timeline integration purposes, generate and store last states information as summary events #153
- Feature: Issue #141 - Enhancement - ability to search for hosts in Data Hosts Tracking by Logical Group Name #141
- Feature: Issue #148 - Enhancement: Allow 'NOT' filter for Keyword filter name: #148
- Feature: Issue #166 - Enhancement - Provides a UI feature to allow reseting the list of metrics known for a given metric host
- Feature: Issue #174 - Enhancement - Adding the timeline viz view in the status tabs #174
- Fix: Issue #147 / Issue #161 Outliers management and configuration - fixes and improvements
- Fix: Issue #167 - Issue - Pressing "Manage: manual tags" displays dialog with ALL tags in "List of current tags for this data source" field #167
- Fix: Issue #170 - install_source_checksum should not be in app.conf (appinspect warning) #170


Subscribe Share

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.