Tips & Tricks

Tips & Tricks

Hands on Lab: Sandboxing with Splunk with Docker (from .conf2017)

Accept it. You're afraid to take risks with Splunk. So was I. That is, until Docker changed my life. Join the cult and learn how to rapidly create disposable Splunk sandboxes in mere minutes!

Tips & Tricks

Finding NEW Evil: Detecting New Domains with Splunk

This post discusses how to use Splunk (and Splunk Enterprise Security) to find domains that are "new" to your organization and why you should care (HINT: YOU SHOULD! THEY ARE VERY OFTEN NAUGHTY). It uses basic Splunk statistics along with some more exciting (and faster) tstats.

Tips & Tricks

Ensuring Success with Splunk ITSI - Part 3: Adaptive Thresholding

Advanced threshold and alerting guidance to produce trusted alerts from ITSIs machine learning adaptive thresholds configuration

Tips & Tricks

10 Years of Listens: Analyzing My Music Data with Splunk

Analyzing 3 different sources of music data in Splunk.

Tips & Tricks

Ensuring Success with Splunk ITSI - Part 2: Alerting Basics

Configuring Splunk IT Service Intelligence to produce accurate and trusted alerts

Tips & Tricks

Ensuring Success with Splunk ITSI - Part 1: Thresholding Basics

Practical step-by-step guidance to configure ITSI to produce accurate and trusted alerts