Things I Wish I’d Known about Splunk Archives | Page 2 of 3

What to expect on a Splunk Cloud Initialization

June 26, 2020September 30, 2020Cedric Milan

You purchased Splunk cloud, the next questions is, what steps can I take to ensure a smooth experience. In this article, we will discuss key steps you can take to ensure you can use Splunk Cloud as quickly as possible.…Learn MoreWhat to expect on a Splunk Cloud Initialization

What Makes a Sourcetype?

June 9, 2020December 1, 2020Anthony Fecondo

Do you have a custom data source you’d like to import into Splunk? Welcome to the world of sourcetypes.
In this blog, we help you navigate the process of creating sourcetypes, from assessment to configuration.…Learn MoreWhat Makes a Sourcetype?

Splunk Attack Range Setup Guide

May 4, 2020September 21, 2020Bill Ouellette

Splunk Attack Range allows you to create vulnerable local or cloud environments, to simulate attacks and collect the data Into Splunk. In this on-demand video Bill Ouellette (Principal Splunk Security Engineer) will provide a Step by Step Guide on setting up the “Attack Range Framework” within your Splunk test instance. …Learn MoreSplunk Attack Range Setup Guide

Hardening Your Splunk Environment

March 19, 2020July 28, 2020Anthony Fecondo

According to the Ponemon Institute the average cost of data breach for a company is $3.8 million dollars. Regardless of whether you are operating in the cloud or on-premise taking steps to harden your operating system is an absolute must to limit potential security weaknesses.…Learn MoreHardening Your Splunk Environment

Should I Migrate my Splunk Environment to Python 3? Yes…No…Yes!!!

March 12, 2020October 27, 2020Pankaj Varjani

Now that Splunk’s newest release (8.0) supports Python3 we have fielded many questions from customers on what the practical approach for migration is. In this blog, we will discuss the steps you should make when migrating your environment to Python3.…Learn MoreShould I Migrate my Splunk Environment to Python 3? Yes…No…Yes!!!

CIM Compliance – A Simple Walkthrough

February 14, 2020July 8, 2020Ben Amare

Making data CIM compliant can be a daunting and confusing exercise for new Splunkers and experienced ones alike. Often the biggest misconceptions have to do with the approach rather than the exercise itself. My biggest piece of advice – start with the end in mind.…Learn MoreCIM Compliance – A Simple Walkthrough

CIM, What… Why… How…

February 3, 2020November 4, 2020Shawn Al-Atroshi

During your SIEM journey there will be many terms thrown your way, understanding those terms is absolutely essential when it comes to your security environment. In this article, we will bring clarity to one of the more important terms in SIEM, CIM (Common Information Model) Lets Start with the Basics! …Learn MoreCIM, What… Why… How…

Splunk 2020 Predictions

January 15, 2020July 28, 2020Aditum Marketing

In a this rapidly changing digitized world, data is at the root of everything, and essential to solving every problem. From basic business decisions to global crises, a panel of technology experts at Splunk has assembled more than a dozen predictions about how technology will transform business and daily life.…Learn MoreSplunk 2020 Predictions

AWS Lambda vs AWS Firehose

November 22, 2019July 8, 2020Cedric Milan

Splunk has multiple methods in regards to Getting Data In (GDI). One very popular method is the Http Event Collector (HEC). The use of the HEC allows data ingestion into Splunk via HTTP POST messages. Two popular methods that send POST messages out of AWS into Splunk are the AWS services: Lambda and Firehose.…Learn MoreAWS Lambda vs AWS Firehose

Troubleshooting Splunk Search Head Clusters

October 15, 2019July 8, 2020Nic Haag

There is always a sense of dread when your search head cluster (SHC) goes down. It’s the interface to Splunk, and for the analysts, it’s their window to the data world.…Learn MoreTroubleshooting Splunk Search Head Clusters