Results
Learn how Splunk Observability can help demystify challenges with monitoring distributed microservices. You’ll also view a demonstration on how to correlate application and infrastructure behavior to streamline troubleshooting and alerting on-premises and in the cloud.
Watch NowTune in to a technical demo and learn about automating the daunting task of restricting, revoking, and restoring access and leveraging Risk-Based Alerting in the automation process. See how to create playbooks that implement Auto-Containment using various Inputs, Data Types and Actions.
Watch NowLearn how to automate the daunting task of restricting, revoking, and restoring access, leverage Risk-Based Alerting in the automation process, and create playbooks that implement Auto-Containment using various Inputs, Data Types and Actions.
Watch NowJoin SOAR expert Phil Royer as he walks through building three simple playbooks that can be used to monitor misuse of account privileges, new account creations, and any other abnormal account behavior.
Watch NowIn this Splunk Tech Talk, DevOps Edition, we will use a basic NodeJS microservices based application deployment to learn how to instrument Javascript using the Splunk Distribution of OpenTelemetry JS. We will take a deep dive into the basic code changes and steps required to begin collecting telemetry and understand our customer’s experience.
Watch NowIn this Splunk Tech Talk, DevOps Edition, we will cover just how to create custom dashboards and alerts to achieve the best Mean Time to Detection for possible issues and mitigate service degradation.
Watch NowIn this tech talk, we will cover the most common Lateral Movement techniques affecting Microsoft environments and how to detect this behavior using Splunk.
Watch NowLearn how to structure your data and configure Splunk to enable these analytic tools and see an overview of how to use pivot tables and other no-code features.
Watch NowIn this IT Tech Talk, Splunk’s Travis Hall will show you how to quickly set up Risk Management Framework (RMF) monitoring and reporting in Splunk. Travis will also discuss how this process can be replicated for other compliance services and share some additional resources and documentation for you to leverage while getting started.
Watch NowThe future keeps getting faster — and it’s anything but simple. How can business leaders navigate through uncertainty in 2022? Staying ahead of trends in the business world, knowing what risks to prepare for, and where transformation is headed can set your organisation apart from the rest, especially in turbulent times.
In this three part series, our expert panels will deep dive into predictions for leadership, security, and observability in a bid to help you stay ahead of the curve.
Watch NowLeverage the power of Splunk Enterprise data in Splunk Observability Cloud with Log Observer Connect! Log Observer Connect is a new feature that lets observability users explore the data you’re already sending to your existing Splunk instances.
Watch NowOpenTelemetry offers vendor-agnostic APIs, software development kits (SDKs), agents, and other tools for collecting telemetry data from cloud-native applications and their supporting infrastructure to understand their performance and health. See how to make changes to the OpenTelemetry data pipeline and troubleshooting tips when deploying the OpenTelemetry Collector.
Watch NowHear from Splunk's Principal IT Strategists as they demonstrate Universal Alerting and other cool capabilities in the new and improved ITSI Content Pack for Monitoring and Alerting. See how ITSI can really transform and bring sanity to your alert and incident management.
Watch NowWatch this IT Tech Talk led by Splunk’s global IT Operations Technical Interlock Director, Thomas Booth, to see a demonstration of establishing custom entities, and learn the tips, tricks, and best practices that will set you up for success. We will also share additional documentation and support resources to get you started on your Splunk journey.
Watch NowWhile Splunk SOAR playbooks automate security actions, they become even more powerful and easy to use with the addition of Splunk Intelligence Management (formerly TruSTAR). Tune in to learn how to obtain prepared and normalized intelligence from internal and external sources for faster triage and more streamlined playbooks.
Watch NowData Manager is a new modernized, simplified, and automated experience for onboarding cloud-native data sources such as AWS. During this Tech Talk, you’ll gain insight into why we built this feature, challenges it addresses and the cloud data sources we support now and will support in the future.
Watch NowManual vetting and data from multiple sources cause analysts to waste much of their time data wrangling, taking time away from alerts that matter the most. Analysts need the ability to normalize and enrich multiple data sources for an objective view of security events.
The TruSTAR Unified App for Splunk Enterprise and Enterprise Security helps security professionals analyze notable events and leverage intelligence to quickly understand threat context and prioritize and accelerate triage.
Tune in to this Tech Talk to learn how to:
Machine learning (ML) can be applied to help companies leverage intelligence in their operations. In this webinar, we will discuss how the Splunk Machine Learning Toolkit (MLTK) can be extended to create domain-specific guided Assistants that can simplify workflows for users such as IT administrators.
Tune in to this Tech Talk to learn about:
Identifying issues in a microservices environment deployed with Kubernetes can become more challenging than with typical monolithic deployments. As requests traverse between different layers of the stack and across multiple services, modern monitoring tools must monitor these interrelated layers while efficiently correlating application and infrastructure behavior to streamline troubleshooting. Overall to get the most out of Kubernetes, understanding your deployment is key. This webinar will discuss how to maximize the performance of your Kubernetes deployment with Splunk Infrastructure Monitoring.
Tune in to this Tech Talks to learn more about:
In today’s world, monitoring must evolve into observability to support hybrid and cloud-native environments. The increasing complexity of data sources presents a significant challenge. As our customers accelerate their migrations, they need to evolve their monitoring strategies to keep pace with the dynamic demands of their increasingly digital business.
In this session you’ll learn how our customers use the entire Splunk Observability and IT Ops portfolio to decrease MTTR and improve customer satisfaction. We'll run the attendees through a deep dive into Splunk’s IT Portfolio with a fully integrated demonstration. From pipeline creation to value realization and everything in between, Splunk has you covered.
Tune in to learn:
In this Tech Talk we’ll go over the most important features of Splunk Enterprise that are required to run a healthy environment, as well as the indicators and reports you can use to diagnose and troubleshoot issues related to degraded user experiences.
Watch NowThe Splunk Threat Research team creates in-product security content that you can use right out of the box in Splunk Enterprise Security and Splunk SOAR! Watch this Tech Talk to learn the phases of the DevSecOps lifecycle, how to test detections and automated playbooks in a demo environment.
Watch NowAccess to high cardinality metrics provides important signals about the overall health and performance of our distributed systems. Tune in to learn how to modify your OpenTelemetry configuration to include the necessary metadata to identify your workloads. You'll also learn how span tags can reduce your Mean Time to Recovery (MTTR).
Watch NowTune in to the Tech Talk to learn how to increase your Splunk Core for IT Operations use cases, no matter your customer’s geography or business vertical (PBST included), ease adoption with prescriptive maturation journeys and out of the box content, ultimately accelerating customers towards ITSI, and successfully transition a heavy install base of SAI and other “App for Infrastructure” users to ITE Work, built on ITSI code base for improved customer experience. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn about how Splunk UBA allows you to identify blind spots in security event logging, troubleshoot logging right at the source and find advanced detections with available data sources. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn how to a build model with your Splunk data using machine learning, understand how Splunk can help detect anomalies in your IT and security data, see a demo of the Smart Outlier Assistant in the Splunk Machine Learning Toolkit, and get access to the latest resources on Machine Learning in Splunk See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn about Splunk Federated Search, efficiently search across Splunk data stores, easy configuration and setup with self-service intuitive interface, and maintain strong security controls. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn about a new community playbook for Splunk Phantom to help enrich suspicious email events. This playbook focuses specifically on domain names contained in the ingested email, and it uses Cisco Umbrella Investigate to add the risk score, risk status and domain category to the event in Phantom. When an analyst is assigned an event, this will allow faster recognition of the purpose of the email, and the domain enrichment will also provide a connection point to take further action on the output. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how ITSI helps provide business insights from technology services and key performance indicators, how to understand content packs and alert templates, and to see out of the box adaptive thresholding and anomaly detection. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn a new use case on how to use Splunk Phantom in your IAAS environment, how you can better monitor your AWS environment with automation and Splunk Phantom’s ability to turn AWS findings into action.. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to monitor license and resource utilization for cloud stacks, how to discover optimization opportunities and ensure upgrade readiness, and how the Cloud Monitoring Console app gets updated. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn more about how to set up accurate alerts using data-science algorithms to avoid alert noise, integrate with the event notification system of your choice, and plug and play with automation workflows. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how your organization can use attack datasets to evaluate the strengths and weaknesses of your SIEM correlation searches. Attack datasets consist of real datasets with real attacks generated by the attack_range. These datasets are broken down by techniques and tactics according to the MITRE ATT&CK matrix. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to download, and start getting value from this now, including gain insights into the performance and availability of your Microsoft 365 tenant(s), visualize critical Business, Executive, IT Operations, and Security metrics and KPI’s for real-time decision making, and deliver a complete end to end view in minutes, from an out of the box capability packaged as a Splunk ITSI Content Pack for Microsoft 365, saving valuable time and resources to focus on results. See more follow up resources on our community discussion site.
Watch NowIn today’s new Splunk SOAR (formerly known as Splunk Phantom) Community Playbook Tech Talk, we will show how a Splunk Enterprise search can trigger automated enrichment, an analyst prompt, and rapid response actions to prevent damage caused by malicious account access. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to hear about collecting and analyzing data from your Microsoft SQL Servers, set-up and out-of-the-box content in the TA, tuning your inputs and searching on the fly, and building custom visualizations and alerts. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn the power of Splunk Search, as we like to call “Schema on the Fly", a beginner’s level introduction to Search, SPL, and Pivots, and what you can do with your search results using reports, alerts, dashboards, and visualizations!. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how Phantom can dynamically add tasks to your workbooks, understand why workbooks might need to adapt during investigations, and see modular workbook development in action and utilize these examples in your organization. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to see an introduction the TA and demos showing set-up and available out-of-the-box content. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to incorporate threat indicators to your RBA strategy, build an extensible Phantom playbook framework for new use-cases, and automate analyst information gathering steps. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn about how to model your Splunk data using machine learning, engage in a live demonstration of the Splunk Machine Learning Toolkit and tet access to the latest resources on Machine Learning in Splunk. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to get started with OpenTelemetry, harnessing the power of OpenTelemetry in Splunk Observability Cloud, and the future of Observability. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to set up Splunk to receive data from your Apache and Microsoft IIS web servers, tune your inputs and searching on the fly, and basic data visualizations. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn about how to use Splunkbase to add new use cases by quickly finding new apps in the Splunk Cloud app browser, dive into a specific category of solutions using the Splunkbase website, and find and understand the most popular solutions used by Splunk customers. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn how to monitor ephemeral cloud workload instances in real-time for anomalies, detect, alert and auto-remediate Cryptojacking malware with Splunk’s SIEM/SOAR, and bolster SIEM security use cases with real-time observability metrics. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn common scenarios and how to address them with ITSI, how to use glass tables to deliver valuable insights at your org, and how deep dives help you reduce MTTI/MTTR for your key business services. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn how to easily troubleshoot an issue with Splunk Observability Suite, other important Observability use cases to help improve your monitoring, and how to leverage two new products, Splunk RUM and Splunk Log Observer in your workflow. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to see how ITE Learn provides an easier and faster onboarding experience for users new to Splunk for IT, with built-in content designed to help you get faster time-to-value and watch the app in action and see first-hand just how easy it is to get started with Splunk for IT and all the various features available to you. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn about the combination of Crowdstrike and Splunk Phantom that allows for a smooth operational flow from detecting endpoint security alerts to operationalizing threat intelligence and automatically taking the first few response steps – all in a matter of seconds. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to see a deep dive into the technology and use cases of Glass Tables, how glass tables can be used to articulate and visualize verticals, and best practices on how to get started with a service-oriented approach. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how Splunk delivers custom code blocks to you with Phantom, how to centrally manage and reuse your code so you never have to reinvent the wheel again, how you can use custom functions as building blocks to scale out automation within your organization, and how to action custom functions with a live demo.. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn about how AWS Lambda extensions work, automatic telemetry data ingestion with Splunk Lambda Extension, and pre-built visualization for monitoring Lambda functions. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to understand how Dashboard Studio opens up new dashboard use cases and makes current ones easier, cheaper, and faster to create and maintain, learn how this new dashboard builder empowers more dashboard creators and users to get hands on with no custom code required, and see it in action with a demo of how to quickly build a beautiful dashboard from start to finish in Dashboard Studio. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn how to reduce your MTT-Everything knock down silos, and link Security and ITO together to increase velocity, while increasing visibility, and becoming more security minded. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn about how the Content Library helps you gain access to content packs across common tools and services you already use, how to install Content Packs through the Content Library Best practices to gain the most out of ITSI, and bulk updating of content packs through Splunkbase. See more follow up resources on our community discussion site.
Watch NowSOCs need to evaluate their technological strengths and weaknesses to position themselves for success. The ability to proactively use your tools to identify discrepancies in your environment helps ensure that someone else won’t identify them for you. In this Tech Talk learn how to identify the necessary data sources to ingest to cover essential use cases. You’ll also learn about our risk reduction framework and how it can accelerate your maturity level and accelerate time to value. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn how Slash Commands speed up investigations, how to quickly pivot and execute actions, all within the CLI, and to see how Slash Commands and Phantom save you time and effort. See more follow up resources on our community discussion site.
Register NowTune in to this Tech Talk to learn how easy it is to both onboard sources utilizing the default syslog port or sources that are on a custom port, to learn all about a new Repeatable, Concise, Scalable, and Prescriptive Splunk solution for syslog GDI, to understand how removal of the UF reduces configuration and management effort, and to see how easy turnkey deployment via the SC4S container architecture is. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn key components of ITSI, what solutions ITSI provides, and concepts needed to begin using ITSI. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn about search Syntax and Filtering, Eval and Stats Commands, and data outputs including Lookup Tables and KVStore collections. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn about normalizing data from different cloud vendors, the difference between perimeter and cloud security posture, and Splunk tools to achieve vendor wide security monitoring, detection and defense. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn more about workload and infrastructure pricing and how they are measured, discover if this pricing model is a good fit for you and see the potential other customers have discovered with this value-oriented pricing metric. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn an overview of pre-built, out-of-the-box dashboards for hundreds of integrations, how to create charts and dashboards from scratch, apply in-stream analytics functions to monitor not only raw metrics but also the patterns and trends, and how to share newly created dashboards with your colleagues and teams. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn about how Splunk Risk Based Alerting allows you to scale existing analysts to include more data/analytics, increase your true positive rates, and improve the effectiveness of your SOC. See more follow up resources on our community discussion site.
Watch NowJoin the Splunk Enterprise Security product team to learn more about the newest capabilities available in Enterprise Security 6.6. Check out the latest enhancements in Risk-Based Alerting, an innovative way to detect and respond to advanced threats that greatly reduces alert fatigue. And we’ve also added new Cloud Security Monitoring capabilities to support shared storage service. See how the latest improvements in Enterprise Security 6.6 can help you drive productivity and efficiency in your SOC while securing your cloud infrastructure. Tune into this Tech Talk for a short demo of the new RBA and Cloud Security Monitoring enhancements available in ES 6.6. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn about how Splunk’s new release of the ODBC connector allows you to enable your business users to analyze and visualize mission critical machine data, expose Splunk data collected from your app and services in a consumable way to a non technical audience, and create high quality visualizations of your Splunk data in Tableau. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to get started with Splunk Cloud and get your organization’s Slack data in Splunk, the value of Slack audit logs, and how to use the Splunk add-on & application for Slack. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn how and when to use Tag Spotlight, how to explore the distribution of span tags and values to find trends, and how to engage with your reps at Splunk for next steps. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn how ITSI helps provide business Insights from technology services and key performance indicators, how content packs and alert templates, how to use glass tables to deliver value at your org and how deep dives help reduce MTTI/MTTR for business services. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn about the ability to gather data from any Linux or Windows hosts, the best practices to create lossless syslog ingress from practically any number of sources, how to create TCP data ingress over any port from any custom application or use case, and using APIs to send or receive data, including data collection over HTTPS Event Collector (HEC). See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn what may cause a playbook to stop running unexpectedly and how to fix it, how to use the join logic effectively, and how to properly use Phantom join logic in a live demo. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn more about Splunk Mobile: it’s really easy to get a mobile device connected to Splunk, building dashboards and configuring alerts for mobile is simple, and take comfort in knowing that your data is secure. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to make your organization’s web data accessible, actionable, and valuable by customizing your web server data visualizations and building custom alerts. See more follow up resources on our community discussion site.
Watch NowTune in for an introduction to the TA and a walk through demo showing set-up and available out-of-the-box content. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to enable your full organization to get hands on with their data, to free up your S PL experts to focus on the big issues, and to quickly create visualizations, correlate metrics, apply filters, and create dashboards or alerts. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how and when to use the App, how to interpret the results from the App, and how to engage with your reps at Splunk for next steps. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn about the Service and KPI threshold analytics dashboards you wished you knew about sooner, Splunk’s best practice approach for identifying poorly tuned Services and KPI across the environment, and an interactive process you can follow to tune a KPI from “zero to hero”. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn what kind of incident response metrics and insights can I gain with Splunk, what is Splunk On-Call, and how can I easily send on-call data into Splunk. See more follow up resources on our community discussion site.
Watch NowTune into to dive a bit deeper into TA for tuning your inputs, searching on the fly, and building custom visualizations and alerts. See more follow up resources on our community discussion site.
Register NowTune in to this Tech Talk to hear about capturing MSSQL traffic using Splunk Stream and other Splunk portfolio options for collecting and analyzing Microsoft SQL Server data. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn about what makes a GREAT ITSI Service, and what doesn’t, practical guidance on how to design your first/next ITSI Service before you build it, and best practices to remember and pitfalls to avoid. See more follow up resources on our community disucssion site.
Watch NowTune in to this Tech Talk to learn how to determine your current maturity level and discover the required steps to reach the next level in maturity, see how Splunk Security Maturity Framework can accelerate time-to-value, and discover how to tie progress to outcomes in order to maximize value. See more follow up resources on our community discussion site.
Watch NowThis Tech Talk will walk you through the open source Phantom Test Harness you can use to greatly simplify the Phantom App building/testing process. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn typical data sources to ingest and analyze, how to detect warning signs in two major stages of account takeovers, and how to use visualizations to uncover unusual connections and relationships. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn what is a BOT?, What does a BOT do?, and what is the role of Machine Learning in distinguishing between good actors and bad actors? See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to improve true positive rates, detect complex threats faster, and streamline investigations with richer context. See more follow up resources on our community discussion site.
Watch NowEnsuring your SOC has the right folks in the right roles is critical to success. Our Splunk Professional Services team has determined the essential roles every SOC needs to stay ahead of threats. Providing your team with the right tools and training helps ensure continued success in the constantly changing security landscape. Join this Tech Talk to learn best practices to support the foundational piece of every SOC: its people. See more follow up resources on our community discussion site.
Watch NowTune into this Splunk Security Essentials Tech Talk and learn how to navigate the Security Content Library, bookmark and deploy security detections and playbooks, and create your own custom detection searches with metadata tags. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn how to download, and start getting value from this now...including: gain insights into the performance and availability of your Microsoft Exchange environments; visualize critical Business, Executive, and IT Operations metrics and KPI’s for real-time decision making; and deliver a complete end to end view in minutes, from an out of the box capability packaged as a Splunk ITSI Content Pack for Microsoft Exchange, saving valuable time and resources to focus on results. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn about how to access the Splunk Product Guidance (SPG) widget, what type of content is available in SPG, and how SPG articles lead you to more help on Splunk Lantern. See more follow up resources on our community discussion site.
Watch NowClear processes play a major role in the success of high-performing SOCs. Crystal clear governance and workflow communications are vital to ensuring your SOC can respond quickly in worst case scenarios. Join this Tech Talk to learn best practices about reporting and metrics for dashboards and visualizations. You’ll also learn how to integrate risk analysis into your overall strategy to elevate your security operations. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn about making more informed health score predictions using a guided workflow, identifying the right data for a given service, testing several models against the future health score to recommend the best one for your data, root cause analysis using causal inference, and graph analytics to generate even smarter episodes. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to dive a bit deeper into the TA as well as tuning your inputs, searching on the fly and building custom visualizations and alerts. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn how you can bridge infrastructure data and SAP data, resulting in reduction in downtime, ddvanced notice of potential outages, reduced incident investigation time -- we have customers seeing a 90% reduction, and less finger-pointing in the war room. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to manage workloads at scale, prioritize business critical searches, and prevent poorly written searches from impacting other users or apps. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn which types of data sources you can ingest (hint: any type!), determine the best way to get your data into on-prem Splunk Enterprise depending on your data source and data goals, and see a demo of Splunk’s “Guided Data Onboarding” workflow tool that provides a UI driven path for seamlessly getting data in. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn how to identify and prioritize performance improvements, new web best practices to optimize images, fonts, and cookies to improve UX, and synthetic integrations for uptime and incident response across the Splunk platform. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to discover how Splunk Operator for Kubernetes let’s you effectively and centrally manage your entire Splunk environment, learn about it’s scaling features for rapidly accommodating your demand, and see a demo of how you can install and set up Splunk Enterprise in minutes! See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn how to get started with an account monitoring use case, how our newest community playbook initiates a scheduled review of new accounts created in Azure Active Directory each week, and how your security team should have a good understanding of the frequency and common attributes of newly created accounts. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn how to connect with AWS using CloudWatch polling, CloudWatch Metric Streams and OpenTelemetry Collector, data ingestion from Kubernetes deployments such as Amazon EKS using OpenTelemetry Collector in Splunk Infrastructure Monitoring and Splunk Cloud, and automatic discovery and data-ingestion with hundreds of pre-built integrations. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn how to detect digital credit card fraud and protect your customers and data from theft effectively. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn how and when to use Business Workflows, how to set up and use new Business Workflows, and how to troubleshoot issues quickly using the Business Workflows capability. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to optimize CPU and Memory usage to achieve considerable costs savings, how the built-in monitoring console and Enterprise Security auditing page can provide better visibility into how your SIEM is performing, and how to empower your team with bottleneck root cause analysis and performance tuning skills to scale your ES operations. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn the challenges historically associated with Syslog data ingestion, see how easy it is to use Splunk Connect for Syslog in your organization, and get access to resources to help your team ingest syslog data. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to better prepare for a PCI DSS assessment, define your cardholder data environment, demonstrate compliance with controls within the cardholder data environment, remediate any gaps in compliance, report on that compliance, and continuously monitoring and remediating gaps to maintain compliance. See more follow up resources on our community discussion site.
Watch NowTune in to the Tech Talk to learn about the importance of regularly checking inactive user accounts within your organization, how to automate the process of checking for these users, and how these Splunk Phantom playbooks work together to protect your AWS environment. See more follow up resources on our community discussion site.
Watch NowTune in to this Tech Talk to learn how to extend the Splunk platform by creating apps to support your unique data analysis needs and how to create configuration flows to make it easy for users to set up your app on first run, and after an update when additional configuration is needed. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn how to onboard and search for Threat Indicators in your Splunk environment to start detecting SolarWinds related malware, start detecting Sunburst malware activity using Splunk by reviewing and updating your log types ingested into Splunk, then examine DNS, network, and host traffic logs, and start detecting Supernova webshell malware by examining results of vulnerability scans, hashes and proxy logs. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn about the top 10 principles and best practices from UX and data visualization designers so you can see how to structure information, select the right visualization or chart, add context, and more. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn how to make the most of your infrastructure investments with Splunk, engage in a live demonstration of how to manage your Splunk environment with SmartStore, and get access to the latest resources on SmartStore in Splunk. See more follow up resources on our community discussion site.
Watch NowTune into the Tech Talk to learn how to get started with Splunk Cloud and getting your organization’s Zoom data in Splunk, to learn the value of service monitoring, and how to use the RWI & zoom related apps & add-ons on Splunkbase. See more follow up resources on our community discussion site.
Watch NowFor years, security practitioners have kicked and screamed about their reality. There are too many alerts to fully investigate and manually resolve every day. There is a massive talent shortage of qualified security professionals across the globe. Then couple that with analyst burnout and siloed security point-products. It’s time to stop working harder and start working smarter. Stop playing defense by just reacting to incoming threats. Go on the offensive, get empowered, and get in control of your security operations so you can achieve your strategic goals.
Splunk SOAR is now available as part of Splunk Security Cloud, further delivering on our promise to modernize security operations. Cloud-delivered security makes security operations easier, more agile, and more efficient, helping you stay one step ahead of threats.
Tune in to this Tech Talk to learn about:
Join this session to learn how to get rid of all that busy noise and simplify your AIOps journey by using Universal Alerting. We’ll walk you through installing the updated Splunk Content Pack for Monitoring and Alerting for ITSI and go through best practices for alerts and finish up with a demo of our latest content pack.
Watch NowThis webinar will discuss the various in-product configuration steps in detail on auto-instrumenting a basic Java application with Splunk APM. Configuration examples will include deployments of a basic Java application with and without Kubernetes and how the auto-instrumentation process is different with container orchestration.
Watch Now
The Splunk Security Research team has developed an analytic story targeting Trickbot TTPs to help you detect them in your environment and respond immediately. Tune in to learn how Trickbots, botnets, and webinjects work together in a malicious cyber campaign, how to utilize pre-built searches to detect Trickbots in your environment and how to utilize pre-built automated playbooks to respond to Trickbots.
Watch NowWatch this Splunk-led Tech Talk to discover how you can maximize cross-domain visibility with minimal effort and time by bringing your observability logs, metrics and traces into the Splunk platform with easy-to-see results and deep link into Splunk Observability Cloud with just two clicks.
Watch NowHow can teams eliminate analyst grunt work, resolve every security alert every day, and investigate and respond to security incidents faster than ever? A Security Orchestration, Automation and Response (SOAR) tool may provide solutions to these problems. And while it may not be a “silver bullet” solution capable of solving all these problems overnight, if implemented and managed properly, SOAR can drastically increase the speed and productivity of your SOC. Join Pete Shoard, Gartner VP Analyst, and Jane Wong, VP of Security Products at Splunk, on Thursday 9 December at 10:00 AM GMT /11:00 AM CET as they discuss strategies to successfully implement, manage, and get the most out of a SOAR solution.
RegisterSplunking the Endpoint is a modular, hands-on workshop designed to familiarize participants with different endpoint technologies and how to leverage Splunk to gain greater insight into the activities occurring on the endpoint. This workshop provides users a way to gain familiarity with various endpoint logging tools, including Microsoft Event Logs, Sysmon, PowerShell, osquery, CB and Cisco NVM, as well as introduces them to Splunk Security Essentials and ES Content Updates. A utility called Window Event Code Analyzer is also covered which is designed to assist users in determining which Windows events to log! The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises for each technology. Users will come away with a better understanding of the logging at the endpoint available to them and which events are important to collect to gain visibility into adversary actions on the endpoint.
Register NowThis is a scenario-based hands-on workshop designed for Splunk security customers already in or moving to Google Cloud Platform (GCP). The scenarios utilize different pieces of cloud-focused data and include an email investigation (using GMail), a key compromise against a custom Google Cloud Function, and a Storage Bucket investigation. The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises. Users will come away with a better understanding of the logging available to them from GCP and how cloud data can provide visibility into adversary actions in the environment.
Register NowWhen customers have a bad experience, we tend to see some angry tweets begin to surface. With the many options available to customers, it has never been more important for organizations to provide the best possible experience to their customers. In this webinar, we will discuss how observability is the key to helping IT and DevOps teams become more proactive in finding the precise cause of application problems all in one place without getting buried under mountains of data. See firsthand how you can gain insights such as cause of checkout failures, end-to-end application performance, and the overall customer experience.
Date(s) and time: Thursday, June 2nd, 2022 | 10am PT / 1pm ET
Register NowThis workshop is led by Splunk Solutions Engineers, ITOA Specialists and IT Subject Matter Experts. The purpose of this workshop is to expose customers and prospects to IT Service Intelligence and its capabilities for Business Service Monitoring.
The workshop is designed for IT Operations teams, including Tier 1 and Tier 2 Analysts. In addition, Line-of-Business Owners and Service Managers will also leave with a better understanding of how ITSI can help elevate monitoring to view business service health and detect business impacting outages.
Date(s) and time: Tuesday 7th June, 10:00 - 12:30 BST/ 11:00 - 13:30 CEST
Register NowThreat Hunting an APT with Splunk is a modular, hands-on workshop designed to provide a deeper dive into an Advanced Persistent Threat while providing an opportunity for participants to develop hypotheses and hunt.
Register NowWould you like to go from Splunk Zero to Splunk Hero in 3 hours, but can't get to one of our in-person sessions? Your wish has come true! Hosted by our SE team, our virtual #Splunk4Rookies sessions are a great opportunity for you to discover the value of Splunk hands-on in a matter of hours, courtesy of a virtual meeting room.
*This workshop is in German language.
EMEA only
All times are Central European Time Zone*
This workshop is designed to extend your knowledge into the AWS suite of solutions beyond EC2 and S3. During the workshop, hands-on investigations leveraging CloudTrail and CloudWatch data, as well as VPC Flow data, are provided. Data sets created by AWS security solutions, like GuardDuty and Security Hub, will be introduced as well. The workshop concludes with detections from ESCU and SSE to highlight the integration of AWS data sources into Enterprise Security. The workshop leverages the Boss of the SOC (BOTS) dataset with hands-on exercises throughout. Users will come away with a better understanding of the logging available to them from AWS and which events are important to collect to gain visibility into adversary actions in the environment.
Register NowWould you like to go from Splunk Zero to Splunk Hero in 3 hours? Your wish has come true! Hosted by our SE team, the in-person sessions #Splunk4Rookies are starting again in the Netherlands. These sessions are a great opportunity for you to discover the value of Splunk hands-on in a matter of hours.
*This workshop is in English
Register NowSplunk’s most anticipated customer and partner event of the year! Join data champions from around the globe for empowering sessions, compelling keynotes and guest speakers, peer connection opportunities and tons of .conf fun!
Learn MoreJoin our security experts at the annual InfoSecurity Europe exhibition to learn how Splunk can quickly detect and respond to internal and external attacks, simplify threat management while minimizing risk, and help safeguard your business. Talk to Splunk technical experts to get answers to your toughest deployment and product questions and view our in-booth theater demos showcasing our security apps.
Register NowWould you like to go from Splunk Zero to Splunk Hero in 3 hours, but can't get to one of our in-person sessions? Your wish has come true! Hosted by our SE team, our virtual #Splunk4Rookies sessions are a great opportunity for you to discover the value of Splunk hands-on in a matter of hours, courtesy of a virtual meeting room.
*This workshop is in German language.
EMEA only
All times are Central European Time Zone*
Hosted by our Sales Engineering team, Splunk4Ninja sessions are a great opportunity for you to discover the value of Splunk IT Service Intelligence (ITSI) through a series of instructor led, hands-on activities. During the workshop customers will be exposed to the key capabilities of ITSI with an emphasis on when and how to use to deliver business outcomes and modernize their current IT Operations processes.
This workshop is designed for Service/Business owners who understand business problems.
Date(s) and time: Tuesday 28th June May, 10:00am - 12:30pm BST/ 11:00am - 13:30pm CEST
Register NowWe know that every organisation is on a journey to improve its resilience, whilst also needing to be agile in its business operations. As Splunk is already working with customers to achieve key business outcomes using data, we are ideally placed to bring traditionally disparate data together. And in doing this, we can support our customers throughout their resilience journey.
Join us on 29th June to hear Shaun Cooney and Charles Adriaenssens discuss key considerations for any financial services organisation looking to improve its resilience:
Splunk’s Operational Resilience principles
Why does every company need to think about Business
Agility alongside Operational Resilience?
It’s all about risk!
Getting started and building maturity
Date(s) and time: Wednesday 29 June 10:00am - 11:00am BST
Register NowThe Risk-Based Alerting (RBA) hands-on workshop is designed to guide Detection Engineers or other content creators with the RBA process used in Splunk Enterprise Security. Our journey will begin with a review of ES fundamentals as a foundation for RBA then proceeds through Risk Factors, Risk Rule creation, and Risk Notable creation.
Pre-requisites: Participants need to complete the Enterprise Security, hands-on workshop before doing the RBA workshop
Duration: Three hours
Register NowHunting in the Microsoft Cloud is a modular, hands-on workshop designed to familiarize participants with how to hunt using Splunk Enterprise and Enterprise Security in events generated from Microsoft Azure and Office 365. This workshop provides users an opportunity to gain familiarity with data collected within the Microsoft Cloud and then apply that knowledge to conducting a hunt using these same data sources. The workshop leverages the popular Boss of the SOC (BOTS) dataset and is laid out in an interactive format. Users will leave with a better understanding of how Splunk and Enterprise Security can be used to hunt within the Microsoft Cloud and how Splunk can be a single collection point for both on-premise and cloud-centric data sources.
Register NowWould you like to go from Splunk Zero to Splunk Hero in 3 hours? Your wish has come true! Hosted by our SE team, the in-person sessions #Splunk4Rookies are starting again in the Netherlands. These sessions are a great opportunity for you to discover the value of Splunk hands-on in a matter of hours.
*This workshop is in English
Register NowThe Security Products Hands-On is a modular, hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk Enterprise, Enterprise Security, UBA and Phantom. This workshop provides users an opportunity to walk through multiple scenarios and see first- hand how Splunk Security Products can be used to take notable events and investigate, hunt and orchestrate actions based on what is uncovered. The workshop leverages the popular Boss of the SOC (BOTS) dataset and is laid out in an interactive format. Users will leave with a better understanding of how Splunk, Enterprise Security, UBA and Phantom can be used within security operations to process notable events and investigate as they occur in the enterprise.
Register NowThe SOAR Hands-On workshop is designed to familiarize participants with how to respond to incidents, manage cases and artifacts, as well as automate your incident response and standard operating procedures. This workshop provides users an opportunity to walk through a real-world scenario and see first-hand how Phantom can be used from the creation of a notable event to enriching alerts by automatically gathering data, all the way to managing and resolving the incident.
Register Now