When analysing data one of the biggest questions you may often face is: what is causing this situation? In this blog, we’re going to look at how causal inference can be used to understand in more detail what the biggest influencing factors are across a dataset. Traditionally in Splunk, we talk about correlation; does metric x go up or down in accordance with metric y or is there a relationship between x and y?

Splunk Cloud’s ecosystem of apps and technical add-ons boasts a comprehensive set of input sources that enrich customer data insights. Many of these inputs reside in Cloud contexts, such as AWS, Salesforce, Azure, GCP, and many others. The Inputs Data Manager was introduced to aid the ingestion of these cloud data sources. As a result, in many cases, customers no longer need to host their own infrastructure to run scripted and modular inputs.

Not only do cybersecurity organizations need to deliver the level of security required to protect corporate assets, they also need to align with the strategic goals and objectives of the business. By defining, establishing and managing your organization's cybersecurity posture, you can deliver the results needed for the business to be successful.

The Splunk Augmented Reality (AR) team had an amazing experience developing all the new features we launched at .conf20. If you haven’t seen it, we highly encourage you to watch the AR .conf session and see the new features in action. After, you’ll probably share it with your colleagues because of how cool it was! :) Today we want to highlight Remote Collaboration in Splunk AR — we’ve taken “collaboration” to the next level.

Hello Security Ninjas, Today's IT world is complex and can be challenging for security operations teams. Nowadays, more apps are being integrated and interconnected than ever before. Cloud services and SaaS solutions purchased all throughout the organization outside of the IT department add even more complexity. Communicating to application and service owners the kind of activities that need to be logged and sent to the SOC can be a daunting task.

Security teams are in a difficult position: they continue wrestling with persistent problems, such as overwhelming alert volumes and staff shortages, while confronting new ones driven by the abrupt shift to remote work. For instance, attaining real-time, deep visibility into cloud environments may have been on SOC roadmaps before 2020, but the capability is now a pressing need.

Today, AWS has announced AWS Network Firewall: a new managed service that makes it easy to deploy essential network protections for Amazon Virtual Private Clouds (VPCs). As a launch partner, Splunk has worked closely with AWS to provide customers an integration to AWS Network Firewall. In today’s blog, co-authored by my esteemed colleague Anush Jayaraman, we’ll first detail the data flow architecture and your options to ingest the AWS Network Firewall data.

When you take a close look at the Continuous Diagnostics and Mitigation (CDM) function at the heart of a successful cybersecurity program, you quickly realize that it all depends on integration. It isn’t that the individual components of the program aren’t absolutely essential. But with cyber-attacks gaining in number and sophistication, the true power of CDM is in the ability to overlay multiple datasets to create a single lens for tracking, assessing, and responding to threats.

SignalFx was founded in 2013 to enable customers to gather and monitor key information for both their application code and infrastructure. The efficient metrics storage technology enables both high cardinality of metrics as well as the no-sample method of gathering every APM trace. This combination of efficiency and standardization is exposed through the SignalFlow language to allow access and manipulation of the vast amount of metric data.

AWS Outposts is a fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience. The rapid adoption of hybrid IT has driven the need for a more consistent and standardized availability of cloud resources and operations so IT teams can rapidly deliver services deployed either on the public cloud or on-premises.