Welcome to TrackMe - Data in motion tracking system

TrackMe has transitioned to a new licensing model.

• The Free Community Edition has been discontinued.

• What this means for you:

  • Existing licensed customers are not impacted. Your current license continues unchanged.

  • Community users are automatically upgraded to a Foundation Edition trial for 90 days, with full functionality enabled.

• After the trial period:

  • TrackMe remains active and fully usable for monitoring

  • The platform enters read-only mode

  • You can continue to view data, dashboards, alerts, and history

  • Creation of new tenants, trackers, or entities will be disabled

  • To continue using TrackMe with full capabilities after the trial, a Foundation license is required.

Buy Foundation Edition: https://trackme-solutions.com/get-foundation/

See all plans and pricing: https://trackme-solutions.com/pricing/

Contact us: contact@trackme-solutions.com

Important

TrackMe 2.3 - Documentation Update in Progress

We are excited to announce the release of TrackMe 2.3, our latest major version! As part of this significant update, we are actively working on refreshing our documentation to reflect the new user interfaces and features.

Please note that some screenshots and instructions in this documentation may be temporarily outdated due to the UI improvements in version 2.3. We are working diligently to update all content and appreciate your patience during this transition.

We apologize for any inconvenience this may cause and thank you for your understanding as we work to provide you with the most accurate and up-to-date documentation.

The PDF version of this documentation is available here.

TrackMe for Splunk is the ideal companion for your Splunk deployment, no matter the size of your environment. Its unique capabilities help you on a daily basis to get the best value from your Splunk investments:

• Discover and maintain Splunk entities at scale, track availability and quality of any kind of data in Splunk

• Virtual tenancy is a key concept in TrackMe which allows creating on the fly knowledge objects in a repeatable way: create and scope tenants, experiment, destroy and restart as needed

• TrackMe allows tracking your local Splunk deployment, or transparently any number of Splunk remote deployments (subject to licensing restrictions)

• TrackMe’s unique workflow combines best Splunk capabilities, from a comprehensive user interface to notable events generation, SLA tracking and many more

• Get the best from TrackMe components, using splk-feeds components provide deep Splunk feed tracking, splk-cim provides Common Information Model (CIM) compliance tracking, splk-flx (FLEX) adapts to any kind of Splunk magic query! (components are subject to license restrictions)

• Extend the visibility at any point in time with Hybrid and Elastic trackers, use Machine Learning outliers detection with deep and easy control, TrackMe is incredibly rich in features

Getting started with TrackMe

Quickstart Guide

Our quickstart guide covers all the steps needed to get TrackMe up and running, from installation to your first tracker configuration.

QUICK START - Starting with TrackMe: (feed tracking quickstart)

Installation

Step-by-step installation instructions for TrackMe on Splunk Enterprise and Splunk Cloud, including requirements and configuration.

Installation of TrackMe

Administration Guide

Comprehensive administration documentation covering configuration, virtual tenants, RBAC, alerts, and advanced features.

Configuration

User Guide

Learn how to use TrackMe’s interface, manage entities, understand monitoring states, and leverage all user-facing features.

TrackMe User Interfaces Design

Quickstart:

Quickstart

• QUICK START - Starting with TrackMe: (feed tracking quickstart)
• QUICK START - TrackMe Impact-Based Alerting (IBA)
• QUICK START - Design and automate through lookup knowledge
• QUICK START - Cross-tenant domain views with Virtual Groups

Use Cases Demo:

Use Cases Demo

• Use Case Demo: This is All About Feeds
• Use Case Demo: 360 Services Monitoring with TrackMe
• Use Case Demo: Fields Quality (CIM and non-CIM)
• Flex Objects - Adapt TrackMe to any monitoring use case (splk-flx)

License & support:

License, terms & conditions, support

• EULA License
• Terms & Conditions
• Support

Compatibility and download:

Compatibility & Download

• Compatibility
• Download

Requirements:

Requirements

• Requirements for TrackMe

Installation:

Installation

• Installation of TrackMe
• Upgrading TrackMe
• Migrating and Cloning TrackMe
• License registration

Administration guide:

Administration guide

• Configuration
• AI Assistant
• TrackMe theme for Tabulator
• Large Scale Environment and Best Practices Configuration Guide
• Creating Virtual Tenants
• Manage Virtual Tenants
• Operational Status Virtual Tenants
• Scheduling Virtual Tenants
• Personal user profile for Virtual Tenants
• Splunk Remote Deployments (splunkremotesearch)
• Role Based Access Control and ownership
• Alerting Architecture & Third-Party Integration
• Priority Management
• Outliers Anomaly Detection
• TrackMe Data Sampling - Events and Format Recognition for Quality Inspection in TrackMe
• Disruption Queue
• TrackMe Sourcetypes & Metrics
• TrackMe REST API
• splk-feeds - Creating and Managing Hybrid Trackers
• Workload (splk-wlk) - Manage Workload tenants and trackers
• splk-flx - Creating and managing Flex Trackers
• TrackMe Tags enrichment
• Feeds (DataSource - splk-dsm) - Documentation Notes & Links
• Injecting Expected Sources and Hosts into TrackMe
• CMDB Lookup Integration
• Elastic sources for feeds tracking
• TrackMe CI/CD management (TCM)
• Maintenance mode & knowledge database
• Bank Holidays management
• TrackMe App on SOAR: Automate and interact with TrackMe from Splunk SOAR

White papers:

White papers

• TrackMe’s White Papers
• Running a TrackMe Proof of Concept
• Use TrackMe to detect abnormal events count drop in Splunk feeds
• Analyse log messages logging level to detect behaviour anomalies using TrackMe’s Flex Object and Machine Learning Anomaly Detection
• Tracking Splunk Cloud SVC consumption in TrackMe
• Monitor Splunk Workload with TrackMe’s Workload component
• Monitor Splunk Indexer Clusters
• Monitor Splunk Search Head Clusters
• Backing up and Restoring TrackMe
• Auto deletion or management of TrackMe entities
• Performing mass operations in TrackMe
• Using SLA alerting to build a 2-tier monitoring system

User guide:

User guide

• TrackMe User Interfaces Design
• Entities Priority
• Entity Monitoring State
• Status Message
• Status Flipping Feature
• Notable Events
• Acknowledgments
• Splunk Feeds KPIs (splk-feeds)
• Splunk Feeds Thresholds (Delay and Latency, Machine Learning adaptive thresholding)
• Splunk Feeds Delayed & Inactive Entities (splk-feeds)
• Logical groups (entities ensemble association)
• Splunk Workload (splk-wlk)
• Splunk SOAR Cloud & on-premise monitoring and active actions in TrackMe
• Cribl Logstream monitoring in TrackMe

Troubleshoot & FAQ:

Troubleshoot

• Troubleshooting TrackMe
• Frequently asked questions (FAQ)

Versioning and build history:

Versioning

• Release notes

Third party integrations:

Third party integrations

• Palo Alto XSOAR Integration
• Cribl Stream & Edge API

Various

Various

• Third-party components credits

Archives

Archives

• Migrate from TrackMe V1 to TrackMe V2