No matter the size of your organization, deploying Splunk in your environment is a big decision. After all, it can scale from very small to very large. Furthermore, it can be used as an on-premise hardware, or as a service to run within the Cloud. Perhaps you’re wondering if you should go with Splunk Enterprise […]
In a Splunk environment, Splunk operations are controlled by configuration files (conf files). Configuration of the file settings are essential to the proper running of the Splunk instance. In this article, we walk through how to properly configure the file settings to ensure that your Splunk instance is running optimally.
UBA, User Behavior Analytics, is a Premium Splunk App that leverages machine learning technologies, to secure an organization from insider threats while also providing outsider threat monitoring and alerting capabilities. In this blog we will cover frequently asked questions around UBA and its functionality.
In this article we will walk you through what post process searching is, how it can help you optimize your dashboards, and why it is important.
There are countless blogs, articles, and Splunk ‘answers’ regarding the optimization of Splunk queries (and here’s another one). In this article, we are going to share a few tips to improve the performance of your Splunk queries…
Transaction processing can involve transactions flowing from multiple sources. In that case, you can use Splunk ITSI to drill down to issues with specific transaction end points.
Did you know that all Splunk Knowledge Objects (KO) generated during a search are maintained in memory? Sure, any one KO in itself doesn’t take up a lot of memory, but run a search that returns 10 million events… You can do the math!
Did you know that Splunk has the capability to ingest non-log based data through multiple onboarding methods? In this blog, we will touch on API based data ingestion, as it is traditionally the most common method utilized.
What is Summary Indexing? Summary indexes, as the name implies, allows for the storage of summarized data over time. This allows us to take these bite-size calculations of our data, and store those results in separate indexers.
Many Splunk customers start with a single disk for storing Indexes and then want to make changes. In this guide we will discuss the steps to move hot/warm buckets onto faster disks and move cooler buckets to cheaper storage.
