Event Hubs are a big data streaming PasS capability provided by Azure. Event Hubs can process data or telemetry produced from your Azure environment. They also provide us a scalable method to get your valuable Azure data into Splunk! Splunk add-ons like the Splunk Add-on for Microsoft Cloud Services and the Microsoft Azure Add-on for Splunk provide the ability to connect to, and ingest all kinds of data sources from your Azure environment.
The recent disclosure of CVE-2020-1472 vulnerability by Microsoft showcases the need for tools that allow defenders to quickly replicate published exploit code, register attack data, and create signatures or other mitigations against released exploits with a high likelihood of exploitation against popular infrastructure or operating systems.
What exactly is the Data Age? Well, there is no single definition of what this means - but my interpretation is that it refers to the fact that data can now be used as a foundation for decision making in every department of every business. And with the volume of data generated forecast to continue to grow exponentially up until 2025 according to IDC, the possibilities for using data to drive informed decision making are only going to increase.
Azure Network Security Groups (NSG) are used to filter network traffic to and from resources in an Azure Virtual Network. If you’re coming from AWS-land, NSG’s combine Security Groups and NACL’s. Splunking NSG flow log data will give you access to detailed telemetry and analytics around network activity to & from your NSG's. If that doesn’t sound appealing to you yet, here are some of the many things you could Splunk with your network traffic logs from Azure.
Splunk is happy to announce that we now have a Hashicorp verified Terraform Provider for Splunk. The provider is publicly available in the Terraform Registry and can be used by referencing it in your Terraform configuration file and simply executing terraform init. If you're new to Terraform and Providers, the latest version of Terraform is available here. You will need to download the appropriate binaries and have Terraform installed before using the provider.
If you’re new to the Dashboards Beta app on Splunkbase and you’re trying to get started with building beautiful dashboards, this "Dashboards Beta" blog series is a great place to start. The Splunk Dashboards app (beta) brings a new dashboard framework, intended to combine the best of Simple XML and Glass Tables, and provide a friendlier experience for creating and editing dashboards.
At Splunk, we understand that a secure platform is a trustworthy one. We strive to implement a protected foundation for our customers to turn data into action, and part of that effort is giving you more frequent insight into the security enhancements that we’ve made to the platform. In this blog series, we’ll share the latest enhancements to Splunk Enterprise, review our security features in depth, and explain why these updates are important for you and your organization.
As IT leaders, we are facing an era of unprecedented events. Not only are IT teams still adapting to working and living from home — with many companies now announcing their support for a remote workforce indefinitely — but they’re also facing a novel combination of heightened external pressures from family, friends and colleagues.
Splunk Phantom is a security orchestration, automation and response (SOAR) technology that lets customers automate repetitive security tasks, accelerate alert triage, and improve SOC efficiency. Case management features are also built into Phantom, including “workbooks,” that allow you to codify your security standard operating procedures into reusable templates.
Splunk has been recognized as a Value Leader in EMA’s latest research, Radar Report: AIOps, A Guide for Investing in Innovation. Vendors were evaluated across three categories, with Splunk listed as a Value Leader in both ‘Incident, Performance, and Availability Management’ and ‘Business Impact and IT-To-Business Alignment’, as well as Strong Value in ‘Change Impact and Capacity Optimization’.
