Skip to main content
Josh Cowling
Josh Cowling

Josh is a recovering academic, he's worked in Science and R&D. His passion is for making things and making things work. Prior to Splunk Josh did engineering and data science to do interesting things with dangerous lasers and x-rays for industrial and medical industry applications. At Splunk, he's been part of the Services team and is now a Solutions Engineer trying to address the bigger picture and bring the best value to our customers.

Tips & Tricks 5 Min Read

Text Vectorisation, Clustering and Similarity Analysis With Splunk: Exploring User Agent Strings at Scale

How do you make use of URI path and user agent data to understand what you users are doing or to find malicious behavior? Find out in this blog.
Industries 2 Min Read

Improvements to DSDL Container Build Process

We’re happy to announce that with the upcoming release of DSDL 5.1.1 we’re significantly overhauling the build process for containers in DSDL.
Security 2 Min Read

Visualising a Space of JA3 Signatures With Splunk

One common misconception about machine learning methodologies is that they can completely remove the need for humans to understand the data they are working with. In reality, it can often place a greater burden on an analyst or engineer to ensure that their data meets the requirements, cleanliness and standardization assumed by the methodologies used. However, when the complexity of the data becomes significant, how is a human supposed to keep up? One methodology is to use ML to find ways to keep a human in the loop!
Tips & Tricks 7 Min Read

A Splunk Approach to Baselines, Statistics and Likelihoods on Big Data

This machine is sending lots of logs. Is this normal? This user has logged in at 1 am. Is this normal? We've seen a network communication with this particular signature. Is this normal? Splunker Josh Cowling explores the answers to these and other questions.
Platform 3 Min Read

A Picture is Worth a Thousand Logs

Splunk can be used to ingest machine-learning service information from services like AWS recognition, what does that look like and how can you set it up?