The Splunk Security Team is excited to share some of the new and enhanced capabilities of Splunk Phantom, Splunk’s security orchestration, automation and response (SOAR) technology. Phantom’s latest update (v4.10) makes automation implementation, operation and scaling easier than ever for your security team.

Modern IT & DevOps teams face increasingly complex environments — making it harder to quickly detect and resolve critical issues in real-time. To overcome this challenge, Splunk users can take advantage of ML-powered IT monitoring and DevOps solutions available in a scalable platform with state-of-the-art data analytics and AI/ML capabilities. In this blog, we deploy Splunk’s built-in Streaming ML algorithms to detect anomalous patterns in error logs in real-time.

If you’re new to the Splunk Dashboards app (beta) on Splunkbase and you’re trying to get started with building beautiful dashboards, this blog series is a great place to start. The Splunk Dashboards app (beta) brings a new dashboard framework, intended to combine the best of Simple XML and Glass Tables, and provides a friendlier experience for creating and editing dashboards.

In Part 1 and Part 2 of this series, we explored the design philosophy behind Splunk Connect for Syslog (SC4S), the goals of the design, and the new HEC-based transport architecture, as well as the rudiments of high-level configuration. We'll now turn our attention to the specifics of SC4S configuration, including a review of the local (mounted) file system layout and the areas in which you'll be working.

Previous installments of this series have given you the overview and configuration details you need to ingest any source that is supported by Splunk Connect for Syslog and configure customizations and overrides that match your enterprise. This leaves one key capability of SC4S that we have not yet covered, and that is extending the platform itself. In this installment, we'll walk through the configuration of an entirely new data source – one that SC4S does address out of the box.

With a turbulent year and 2020 coming to its end, I’d like to thank you for your continued interest in my blog posts. In my last .conf talks I received a lot of positive feedback combined with the ask to have more posts with such content, so thanks for motivating me and here we go! Recently, my colleague Dimitris wrote about how you can set up DLTK on a AWS GPU Instance.

The Splunk Augmented Reality (AR) team is excited to share more with you. In our first AR post, "Splunk AR: Taking Remote Collaboration To The Future is Already Here," from .conf20, we talked about our new Remote Collaboration feature, which helps field workers and remote experts collaborate in AR. In today’s post, we'll talk about our advancements in Object Detection. This new feature makes it even easier to deploy Splunk AR with your assets.

This blog is part two of Splunk's Sunburst Backdoor response aimed at providing additional guidance to our customers (you can read part one, "Using Splunk to Detect Sunburst Backdoor," by Ryan Kovar). In this blog, we’ll cover how to ingest threat indicators to combat Sunburst Backdoor in Splunk Enterprise Security (ES).

The news of the “Sunburst Backdoor” malware delivered via SolarWinds Orion software has organizations choosing to shut down Orion to protect themselves. This includes several U.S. government organizations following the recent CISA guidance. If you are considering a similar response in your own environment, a critical next step is quickly restoring the lost visibility to the health and operations of your infrastructure.

Genesys is one of the world’s leading Contact Centre platforms, offering their customers the ability to deliver superior experiences. Genesys offers a range of solutions which cover SaaS, multi-cloud, and on-premises options to cater for all of their customer requirements. Splunk is traditionally known for helping customers with challenges around IT monitoring and security requirements regardless of whether they are running an on-premises datacenter or have a cloud first approach.