Blog
Question mark deck of cards on wooden table

What Makes a Sourcetype?

Do you have a custom data source you’d like to import into Splunk? Welcome to the world of sourcetypes.
In this blog, we help you navigate the process of creating sourcetypes, from assessment to configuration.

Blog
Pen checking boxes on checklist

Splunk ES Implementation Checklist

Congratulations! Your organization has had the foresight to purchase Splunk’s Enterprise Security along with expert Professional Services to assure a successful implementation. This guide will serve as a checklist to help ensure you are prepared for the most successful ES deployment possible.

Blog
Umbrella shattering wrecking ball

Hardening Your Splunk Instance

According to the Ponemon Institute the average cost of data breach for a company is $3.8 million dollars. Regardless of whether you are operating in the cloud or on-premise taking steps to harden your operating system is an absolute must to limit potential security weaknesses.

Blog
Arrow of animated people

CIM: What… Why… How…

During your SIEM journey there will be many terms thrown your way, understanding those terms is absolutely essential when it comes to your security environment. In this article, we will bring clarity to one of the more important terms in SIEM, CIM (Common Information Model) Lets Start with the Basics!

Blog
Superman flying through a city

What is SOAR Technology?

There’s currently a major adoption occurring around SOAR products Security Orchestration, Automation and Response. What is SOAR? SOAR is next-generation security software products that are designed to automate the common, and fairly remedial tasks that Security Analysts face.

Blog
Question mark in crystal ball

AWS Lambda vs AWS Firehose

Splunk has multiple methods in regards to Getting Data In (GDI). One very popular method is the Http Event Collector (HEC). The use of the HEC allows data ingestion into Splunk via HTTP POST messages. Two popular methods that send POST messages out of AWS into Splunk are the AWS services: Lambda and Firehose.