Often times I have clients who bring in Splunk to solve one problem. They desire to expand it, but aren't really sure how to go about it. In the area of Security, splunk has made this way easy now for the clients using the toolset. Introducing Security Essentials .
With over 3,000 installs and counting, this app allows a user to say "Hey, I have this problem (Splunkers call them "UseCases"), and I wonder if I can tackle it with Splunk. Or, the reverse, "What are others using Splunk for?" Either way you get to the use case, what you will find in the app is A) What data sources you need to ingest, B) What code string you need to build the search and correlations, and C) Some ideas on how to build out the dashboards.
This is all very cool. Alex Morrow has started to kick the tires of this toolset with some of our clients. So watch for more from him on feedback here. Additionally, from what I am hearing on the street, or the cave I guess (Splunk reference), is that there should be more of these simplification toolsets announced at .conf this year.