Total Skills
23
Author Profile: chambear2809
Skills published by chambear2809 with real stars/downloads and source-aware metadata.
Total Stars
69
Total Downloads
0
Skills Performance
Comparison chart based on real stars and downloads signals from source data.
splunk-ai-assistant-setup
3
Stars
3
Downloads
0
cisco-catalyst-enhanced-netflow-setup
3
Stars
3
Downloads
0
cisco-dc-networking-setup
3
Stars
3
Downloads
0
cisco-product-setup
3
Stars
3
Downloads
0
cisco-secure-access-setup
3
Stars
3
Downloads
0
cisco-security-cloud-setup
3
Stars
3
Downloads
0
splunk-agent-management-setup
3
Stars
3
Downloads
0
splunk-asset-risk-intelligence-setup
3
Stars
3
Downloads
0
Published Skills
splunk-ai-assistant-setup
Install, validate, and help complete Splunk AI Assistant (`Splunk_AI_Assistant_Cloud`) setup on Splunk Cloud or Splunk Enterprise. Handles Splunkbase installation with the shared app installer, checks post-install health, and supports Enterprise cloud-connected onboarding, activation, and proxy configuration. Use when the user asks about splunk-ai-assistant, Splunk AI Assistant, Splunk AI Assistant for SPL, AI Assistant for SPL, or the `Splunk_AI_Assistant_Cloud` app.
Repository SourceNeeds Review
cisco-catalyst-enhanced-netflow-setup
Install and validate the Cisco Catalyst Enhanced Netflow Add-on for Splunk (splunk_app_stream_ipfix_cisco_hsl). Use when the user asks about the optional Enhanced Netflow add-on, Cisco HSL/IPFIX mappings, app ID 6872, or extra Cisco Enterprise Networking NetFlow dashboards.
Repository SourceNeeds Review
cisco-dc-networking-setup
Automate Cisco DC Networking TA setup and configuration on Splunk. Creates indexes, configures ACI/Nexus Dashboard/Nexus 9K accounts, enables data inputs, stores credentials securely, and validates the deployment. Use when the user asks about Cisco DC networking, ACI, APIC, Nexus Dashboard, Nexus 9K TA setup, Splunk TA automation, or cisco_dc_networking_app_for_splunk.
Repository SourceNeeds Review
cisco-product-setup
Resolve a Cisco product name from the SCAN catalog and route installation, configuration, and validation through the correct existing setup skill. Use when the user asks to set up Splunk for a Cisco product such as ACI, Nexus 9000, Duo, Meraki, or ThousandEyes.
Repository SourceNeeds Review
cisco-secure-access-setup
Install and configure the Cisco Secure Access App for Splunk (cisco-cloud-security) and required event Add-on (TA-cisco-cloud-security-addon). Supports org account creation, investigate index, private app index, and app discovery index provisioning. Use when the user asks about Cisco Secure Access, app IDs 5558/7569, cisco-cloud-security, or Secure Access dashboards.
Repository SourceNeeds Review
cisco-security-cloud-setup
Install and configure Cisco Security Cloud (CiscoSecurityCloud). Supports Cisco Duo, XDR, Secure Endpoint, Secure Firewall, ETD, Secure Network Analytics, CII, Secure Workload, and other Cisco Security Cloud inputs. Use when the user asks about Cisco Security Cloud, app ID 7404, or CiscoSecurityCloud.
Repository SourceNeeds Review
splunk-agent-management-setup
Render, preflight, apply, and validate Splunk Enterprise agent management assets for deployment-server style server classes, deployment apps, and deployment clients. Use when the user asks to manage universal forwarder or heavy forwarder fleets, create serverclass.conf, configure deploymentclient.conf, or prepare Splunk 10.x Agent Management / legacy Deployment Server workflows.
Repository SourceNeeds Review
splunk-asset-risk-intelligence-setup
Install, configure readiness, and validate Splunk Asset and Risk Intelligence (`SplunkAssetRiskIntelligence`, Splunkbase app 7180), including ARI indexes, KV Store readiness, ARI roles, and Enterprise Security Exposure Analytics handoff. Use when a user asks to set up ARI, Splunk Asset and Risk Intelligence, or ES Exposure Analytics readiness.
Repository SourceNeeds Review
splunk-attack-analyzer-setup
Install, configure readiness, and validate Splunk Attack Analyzer platform integration using Splunk Add-on for Splunk Attack Analyzer (`Splunk_TA_SAA`, app 6999) and Splunk App for Splunk Attack Analyzer (`Splunk_App_SAA`, app 7000). Use when a user asks for Attack Analyzer, SAA, phishing and malware analysis data ingestion, the `saa` index, `saa_indexes` macro, or Enterprise Security adaptive response readiness.
Repository SourceNeeds Review
splunk-cloud-acs-allowlist-setup
Render, preflight, apply, audit, and validate Splunk Cloud Admin Config Service (ACS) IP allowlists for all seven ACS features (acs, search-api, hec, s2s, search-ui, idm-api, idm-ui) with IPv4 and IPv6, AWS and GCP subnet limit enforcement, ACS lock-out protection, drift detection, and optional Terraform emission. Use when the user asks to manage ACS IP allowlists, search-api allowlist, HEC IP allowlist, s2s subnet allowlist, ACS access subnets, acs ip-allowlist, ipallowlists endpoint, ipallowlists-v6, or to audit current Splunk Cloud allowlist state.
Repository SourceNeeds Review
splunk-edge-processor-setup
Render, preflight, apply, and validate the full Splunk Edge Processor lifecycle for both Splunk Cloud Platform tenants and Splunk Enterprise 10.0+ data management control planes. Adds the EP control-plane object with TLS / mTLS, installs Edge Processor instances on Linux (systemd or no-systemd, plus optional Docker container), scales out to multi-instance with DNS-driven forwarder outputs.conf, manages source types, destinations (Splunk S2S, Splunk HEC, Amazon S3, syslog), SPL2 pipelines (with routing / mask / sampling templates), applies pipelines to Edge Processors via the operator-supplied control-plane API base, enforces the default-destination guard, runs sizing preflight, and emits an ACS allowlist hand-off stub for Splunk Cloud destinations. Use when the user asks to install Splunk Edge Processor, manage EP pipelines, configure EP destinations or source types, scale out an EP, or migrate forwarders to send through an Edge Processor.
Repository SourceNeeds Review
splunk-enterprise-host-setup
Install Splunk Enterprise packages on Linux hosts and configure them as a search-tier, indexer, heavy-forwarder, cluster manager, indexer peer, search head cluster deployer, or search head cluster member. Supports local or SSH execution, official URL or local package sources, role-aware forwarding, and single-site clustered topologies. Use when the user asks to bootstrap a Splunk host, install a heavy forwarder, build a search/index/forwarder tier, or configure clustered Splunk Enterprise nodes.
Repository SourceNeeds Review
splunk-federated-search-setup
Use when configuring Splunk Federated Search. Render, preflight, apply, and validate the full product surface: Federated Search for Splunk (FSS2S, type=splunk) in standard or transparent mode with multiple providers and federated indexes per render, Federated Search for Amazon S3 (FSS3, type=aws_s3, Splunk Cloud Platform only) via REST payloads with AWS prerequisites, file-based apply for Splunk Enterprise standalone search heads or SHC deployers, REST-based apply that works on Splunk Enterprise and Splunk Cloud, the global federated-search enable/disable switch, and a status helper that reports per-provider connectivityStatus.
Repository SourceNeeds Review
splunk-indexer-cluster-setup
Render, preflight, apply, validate, and operate Splunk Enterprise indexer clusters end-to-end: single-site multi-host bootstrap, multisite bootstrap (per-site explicit factors, site_mappings, search affinity), cluster manager redundancy (active/standby with manager_switchover_mode + LB or DNS), configuration bundle (validate / status / apply / rollback / skip-validation), rolling restart (default 10%, searchable with health checks, searchable forced), fast and enforce-counts peer offline, peer removal from manager list, maintenance mode, single-site to multisite migration, decommission a site, move a peer to a new site, migrate a non-clustered indexer into the cluster, pass4SymmKey rotation, manager DR backup, and forwarder indexer-discovery output snippets. Use when the user asks to bootstrap an indexer cluster, multisite cluster, configure site_replication_factor / site_search_factor, apply or rollback a cluster bundle, perform a rolling restart, take a peer offline, migrate single-site to multisite, or run
Repository SourceNeeds Review
splunk-itsi-setup
Install and validate Splunk IT Service Intelligence (ITSI) on Splunk Cloud or Splunk Enterprise. Handles installation from Splunkbase with local fallback, validates core ITSI components, and checks integration readiness for apps like Cisco ThousandEyes. Use when the user asks about ITSI, IT Service Intelligence, AIOps, service monitoring, SA-ITOA, or event analytics.
Repository SourceNeeds Review
splunk-license-manager-setup
Render, preflight, apply, validate, and audit a Splunk Enterprise license manager and its license peers, including license install, license group activation (Enterprise, Forwarder, Free, Trial), license stacks, license pools (with byte or MAX quota and per-peer slave lists), license peer configuration via splunk edit licenser-localpeer, license messages and violations, and license usage reporting. Use when the user asks about configuring a Splunk Enterprise license manager, license master, license peer, License-Master-URI, license slave, license pool, license group, or license usage reporting.
Repository SourceNeeds Review
splunk-mcp-server-setup
Install, configure, validate, and uninstall the Splunk MCP Server app (Splunk_MCP_Server / "Splunk MCP TA"). Configures mcp.conf server settings, rate limits, encrypted token issuance, and renders a shared client bridge bundle that works with Cursor, Codex, and Claude Code. Use when the user asks about Splunk MCP server setup, Splunk MCP TA, Splunk_MCP_Server, /services/mcp, Cursor MCP, Codex MCP, or Claude Code MCP connectivity to Splunk.
Repository SourceNeeds Review
splunk-observability-native-ops
Use when configuring native Splunk Observability Cloud operations beyond collection and classic dashboards, including detectors, alert routing, On-Call handoffs, APM service maps and traces, RUM session workflows, Synthetic tests and waterfall artifacts, and modern logs chart handoffs.
Repository SourceNeeds Review
splunk-security-essentials-setup
Install, configure readiness, and validate Splunk Security Essentials (`Splunk_Security_Essentials`, Splunkbase app 3435) on Splunk Cloud or Splunk Enterprise. Use when a user asks to set up SSE, Security Essentials, MITRE/Kill Chain content exploration, Security Content recommendations, or starter security posture dashboards.
Repository SourceNeeds Review
splunk-security-portfolio-setup
Resolve Splunk security products and associated security offerings to the correct local setup skill, install-only path, ES bundled workflow, or manual handoff. Use when a user asks for total Splunk security portfolio coverage, product gap analysis, or which Splunk security skill handles ES, SOAR, Security Essentials, UBA, Attack Analyzer, ARI, Mission Control, PCI, InfoSec, CIM, or related security apps.
Repository SourceNeeds Review
splunk-soar-setup
Render, preflight, apply, and validate the full Splunk SOAR lifecycle: Splunk SOAR (On-prem) unprivileged single-instance install, On-prem cluster install with external services (PostgreSQL local or AWS RDS, GlusterFS, Elasticsearch, HAProxy), SOAR Cloud onboarding helper (JWT capture, IP allowlist, REST automation user provisioning), Splunk SOAR Automation Broker on Docker or Podman with FIPS detection, Splunk-side apps (Splunk App for SOAR Splunkbase 6361, Splunk App for SOAR Export Splunkbase 3411), and ES integration readiness via the existing Mission Control wiring. Use when the user asks to install Splunk SOAR On-prem, build a SOAR cluster, onboard SOAR Cloud, install Automation Broker, install splunk-side SOAR apps, or wire up SOAR with Splunk Enterprise Security.
Repository SourceNeeds Review
splunk-uba-setup
Use when validating Splunk UBA / UEBA readiness, optional UBA Kafka ingestion app placement, and migration guidance to Splunk Enterprise Security Premier UEBA without installing standalone UBA servers.
Repository SourceNeeds Review
splunk-universal-forwarder-setup
Bootstrap Splunk Universal Forwarder runtimes on Linux, macOS, and Windows, resolve official UF downloads, render first-class enrollment assets for deployment servers, static Enterprise indexers, or Splunk Cloud credentials packages, and validate installed forwarders. Use when the user asks to install, upgrade, enroll, or check Universal Forwarders separately from full Splunk Enterprise host bootstrap or Agent Management server-class work.
Repository SourceNeeds Review