SP6 Blog
Should I Migrate my Splunk Environment to Python 3? Yes…No…Yes!!!
Now that Splunk’s newest release (8.0) supports Python3 we have fielded many questions from customers on what the practical approach for migration is. In this blog, we will discuss the steps you should make when migrating your environment to Python3.
CIM Compliance – A Simple Walkthrough
Making data CIM compliant can be a daunting and confusing exercise for new Splunkers and experienced ones alike. Often the biggest misconceptions have to do with the approach rather than the exercise itself. My biggest piece of advice – start with the end in mind.
CIM: What… Why… How…
During your SIEM journey there will be many terms thrown your way, understanding those terms is absolutely essential when it comes to your security environment. In this article, we will bring clarity to one of the more important terms in SIEM, CIM (Common Information Model) Lets Start with the Basics!
What is SOAR Technology?
There’s currently a major adoption occurring around SOAR products Security Orchestration, Automation and Response. What is SOAR? SOAR is next-generation security software products that are designed to automate the common, and fairly remedial tasks that Security Analysts face.
AWS Lambda vs AWS Firehose
Splunk has multiple methods in regards to Getting Data In (GDI). One very popular method is the Http Event Collector (HEC). The use of the HEC allows data ingestion into Splunk via HTTP POST messages. Two popular methods that send POST messages out of AWS into Splunk are the AWS services: Lambda and Firehose.
Caught Red Handed…. Using Splunk to Catch Retail Theft Rings
According to The National Retail Federation, retail theft costs U.S. companies $30 Billion a year, with “professional/habitual shoplifters” responsible for 10% ($3b) of all retail theft. And the problem is only getting worse, with losses increasing at 7% year per year. How can you defend yourself against these losses?
Troubleshooting Splunk Search Head Clusters
There is always a sense of dread when your search head cluster (SHC) goes down. It’s the interface to Splunk, and for the analysts, it’s their window to the data world.
Key Considerations When Building a Splunk Dashboard
Splunk Dashboards bring meaning to your data in a way that is useful in troubleshooting and translating concepts to others.
Let’s Talk about your First Time…. Building a Splunk Dashboard
As Splunk consultants, it’s common to come across customers who have a Splunk license and are ingesting data, but have yet to learn or have taken the time to develop their own Splunk dashboards.
Splunk Data Onboarding – Wrestle with Tough Data… and Win
On-boarding data into Splunk is a fundamental skill and common place for a Splunk Admin. In this article, we will prepare you for situations where getting data into Splunk presents a political or technical tarpit you might not expect.
