Digital Resilience Pays Off
Download this e-book to learn about the role of Digital Resilience across enterprises.
Last year's .conf2017 featured the most sessions in its history and the week was packed with educational offerings for users at all stages of their Splunk journey. As we gear up for .conf18, we are excited to launch the call for papers next week on March 6th to find the latest and greatest Splunk stories. As we prepare for this milestone, we like to look back and see why our highest rated sessions were so successful to determine how we can support a bigger, better .conf.
Out of over 300 presentations at .conf2017, "Best Practices for Deploying and Using Splunk for Security Use Cases" was rated one of the most popular by attendees. Earlier this month, we were able to interview speakers Jake McAleer, Senior Manager, IT Security at athenahealth, and Mike McGinnis, Information Security Engineer at athenahealth, about their experiences at .conf2017.
|Jake McAleer, Senior Manager, IT Security, athenahealth
|Mike McGinnis, Information Security Engineer, athenahealth
With the call for papers for .conf18 launching next week on March 6th, make sure to read Jake and Mike’s advice for future .conf speakers.
Mike has been using Splunk for a little under 4 years and Jake has been using it for about 3 years.
We presented “Best Practices for Deploying and Using Splunk for Security Use Cases,” a presentation focused on how we use Splunk at athenahealth for managing and investigating security events. It covered everything from architecture, managing data, experiences with ingesting new data, and building actionable security searches at our company, which is a SaaS provider for the healthcare space.
.conf is the largest arena for Splunkers, so having the ability to present our experiences in a relatable way was really exciting.
For those attending, pre-plan and sign up for talks that interest you because the good ones fill up and you don’t want to be stuck waiting in line. Also, network with other Splunkers; more often than not, they have similar experiences or questions.
For those speaking, Splunkers are a relatively forgiving audience so don’t take yourself too seriously and have fun with the presentation. Focus on making the topics relatable to the audience and share the details (queries, URLs, etc.) so people can benefit from your hard work.
The best thing about .conf was the quality and range of the presentations. We attended presentations ranging from Splunking performance BMWs to planning, planting and harvesting schedules based on Splunk’d weather and soil data. Regardless of the topic, the underlying Splunk concepts can be applied to almost any environment. It's fun to be able to go up and talk to someone after a talk about their topic and how it directly relates to what you're doing at your job.
athenahealth drew a lot of knowledge from attending the different sessions and recalling the presentations online after the event. It was also very beneficial to talk with others attending; talking with other Splunkers about their setup and how they have been successful with using Splunk in their environments.
We took advantage of scheduling 1:1 time with a Splunk Expert and was paired with one of the main developers behind the Splunk ES Content Update app. We discussed different approaches for using Splunk Enterprise Security to associate threat intel and security events to malware campaigns and let us provide feedback for the beta version of Splunk ES Content Update.
Attending presentations, hanging out with other Splunkers at after-parties, then waking up and doing it all over again.
.conf events would not be possible without the talent and insights our speakers provide. If you are interested in speaking at .conf18, sign up to receive notifications to get the call for papers on March 6th. If you would like to learn more about .conf events, check out our On-Demand Archive from previous years or e-mail the .conf team with any questions.