Security Blogs

UBA, User Behavior Analytics, is a Premium Splunk App that leverages machine learning technologies, to secure an organization from insider threats while also providing outsider threat monitoring and alerting capabilities. In this blog we will cover frequently asked questions around UBA and its functionality.

In this article we will walk you through what post process searching is, how it can help you optimize your dashboards, and why it is important.

Transaction processing can involve transactions flowing from multiple sources. In that case, you can use Splunk ITSI to drill down to issues with specific transaction end points.

Did you know that all Splunk Knowledge Objects (KO) generated during a search are maintained in memory? Sure, any one KO in itself doesn’t take up a lot of memory, but run a search that returns 10 million events… You can do the math!

Did you know that Splunk has the capability to ingest non-log based data through multiple onboarding methods? In this blog, we will touch on API based data ingestion, as it is traditionally the most common method utilized.

Many Splunk customers start with a single disk for storing Indexes and then want to make changes. In this guide we will discuss the steps to move hot/warm buckets onto faster disks and move cooler buckets to cheaper storage.

Splunk WLM (Workload Management) provides the ability to allocate compute and memory resource to search, indexing, and other processes such as scripted inputs. This allows you to allocate the right resources to your Splunk server depending on its role.

You purchased Splunk cloud, the next questions is, what steps can I take to ensure a smooth experience. In this article, we will discuss key steps you can take to ensure you can use Splunk Cloud as quickly as possible.

Do you have a custom data source you’d like to import into Splunk? Welcome to the world of sourcetypes.
In this blog, we help you navigate the process of creating sourcetypes, from assessment to configuration.

Congratulations! Your organization has had the foresight to purchase Splunk’s Enterprise Security along with expert Professional Services to assure a successful implementation. This guide will serve as a checklist to help ensure you are prepared for the most successful ES deployment possible.