Alert Manager – The Story Behind the Application

Back in November 2014, Splunk announced its first Apptitude App challenge. The concept of a KVStore was just added to Splunk and opened many new possibilities to develop complex Splunk Apps.

My former colleague Simon Balz and I were thinking about participating in the challenge with a simple idea in mind: an efficient way to manage Alerts within Splunk. That was when we decided to write an app that enabled us to do exactly that and “Alert Manager” was born.

The initial development took the form of a hackathon during Christmas time. Luckily, we met our goal of having an initial version ready for the closure of the Apptitude contest. Just a few weeks later, we got the fantastic news that our contribution was indeed the winner!

“Alert Manager” quickly became an essential part of my career as the interest in it only kept growing. Over the years, we added many features that we found helpful and received pull requests from other app users. Even some sponsors could be found to help develop new complex features that would not have been possible for a side project.

The user base has grown steadily and we estimate that the app has been installed about 2000 times by renowned companies worldwide. The 5-star rating on Splunkbase still makes us proud.

All these years, the app was open source and support / further development provided on best efforts basis. Everyone involved in the project invested much time into building an app that enabled many use cases in Splunk and is a staple for the whole community. But the success of “Alert Manager” leads to more and more requirements and an evergrowing backlog of features and bugs.

Keeping up with the high expectations is getting more challenging, and the question of how we can support our user base is more imminent.

But fear not; behind the scene, a lot has happened, and some exciting news is about to be revealed. Stay tuned for the next blog!