With M-21-31’s Advanced EL3 requirements now past due, many US Federal Civilian agencies are still looking to close gaps in their Enterprise Logging capabilities. As part of the EL3 requirements, agencies must be finished implementing user behavioral analytics (UBA) that enables: For many organizations that leverage machine learning (ML) to detect anomalous behavior across the network, UBA solutions have become a critical piece of the enterprise security and insider threat puzzle.

Welcome to the era of AI. It’s the technology advancement that motivates and excites me every day as a CTO. Generative AI is already transforming many areas of our lives, from helping us write emails to assisting us with customer service. What waits for us on the immediate horizon? Today, we released our annual predictions series. Splunk’s 2024 Predictions features three editions: Executive, Security and Observability.

Have you ever wondered why some once-prominent companies now find themselves less popular, even overshadowed by smaller competitors? A prime example of this shift is Facebook. Although Facebook was the heartthrob of the 2000s, major issues like internet privacy and possible leaking of user records have made users more suspicious. Only 18% of American Facebook users think the platform protects their data and privacy.

In Parsing Domains with URL Toolbox, we detailed how you can pass a fully qualified domain name or URL to URL Toolbox and receive a nicely parsed set of fields that includes the query string, top level domain, subdomains, and more. In this article, we are going to do some nerdy analytic arithmetic on those fields.

The transition to cloud-native architectures has led to an explosion in metrics data, both in volume and cardinality. This necessitates the development of monitoring systems capable of managing large-scale, high-cardinality data to achieve effective observability in these environments . In this blog post, we’ll explore the important role of cardinality in monitoring and observability.

Amazon Elastic Load Balancing (ELB) allows websites and web services to serve more requests from users by adding more servers based on need. There are several challenges to operating load balancers, as discussed in a previous blog post: Microservices Load Balancing: Navigating the Waves of Modern Architecture. An unhealthy ELB can cause your website to go offline or slow to a crawl.

The Splunk team is proud to announce the release of Splunk SOAR 6.2 (Security Orchestration Automation and Response). We’ve been hard at work developing the latest and greatest features for this update, several of which have come from requests and suggestions from our users over on Splunk Ideas.

Whether on the cloud or on-premises, visibility into the inner workings of our IT services and infrastructure is an essential ingredient of a well working IT system. The drive for digital transformation as a core strategic objective for most modern enterprises has meant that ensuring IT systems are working well, secured and delivering value for money is a critical endeavor.

Splunk Edge Hub device is a multi-component solution that includes a hardware device coupled with the Splunk platform and solutions that our partners build on top of both. It is a powerful tool that can help collect, distribute and act on data from edge devices and sensors, making it easier to capture and act on data that can be difficult to access physically or digitally.