Splunk

splunk

Using Docker and Splunk to Operationalize the Splunk Machine Learning Toolkit

Configuring and maintaining a Splunk Dev environment can be challenging as new releases of apps and the software are made available. Leveraging the official Docker image, the newest versions of Splunk Enterprise and various apps can be made available without a time commitment or worries about future updates.

splunk

Leveraging External Data Science Stacks with Splunk Today

Are you a data scientist who wants to use the data in Splunk but without using SP? Maybe in a research or experimentation platform? Well, this blog should help. I’m going to assume using the Splunk Machine Learning Toolkit (MLTK) with the Python for Scientific Computing Add-on isn't the option you want to pursue. Maybe you’re not motivated to learn SPL or you want to leverage your established research / experimentation environment.

splunk

IoT and Cybersecurity: What Are We Protecting?

We kicked off RSA Conference 2019 last week with bold plans for the future, including our innovation to improve efficiencies in securing futures, combating the opioid crisis and protecting critical infrastructure. This year, we saw increased interest in operational technology (OT) security at our booth. Why connect this to the network? How can I identify the risk associated with it? Where would I get the data?

splunk

Wire Data, Huh! What Is It Good For? Absolutely Everything, Say It Again Now!

What IS Wire Data? I was going to come up with my own definition, but I think Wikipedia gave a fine, albeit academic, explanation. For me, wire data falls into two categories—verbose (like packet capture) and metadata. The easier of the two to operationalize (and which provide arguably the most bang for your buck) is metadata, which we'll focus on in this blog post!

splunk

Key Takeaways From the 2019 State of the CIO Report

If I asked you to describe the role of the modern CIO in one word, you might pick “challenging,” “dynamic” or “crucial.” But I’ll bet you wouldn’t say “boring.” For the last 18 years, IDG has conducted an annual State of the CIO survey. The 2019 survey is out, and if you think senior information technology leaders are due for a relaxing year, you’ll be disappointed.

splunk

A Blueprint for Splunk ITSI Alerting - Step 5

We’re officially in the home stretch of the "A Blueprint for Splunk ITSI Alerting" blog series; if you’ve made it this far, I’m going to assume you’re willing to finish out this last step. In this blog post, we’re going to focus on throttling our alerts. From the previous step, we’re now producing actionable alerts, but without throttling, we’re producing them way too often. Ideally we want to alert once per episode or maybe once an hour or day, but certainly not once per notable.