Learn three Splunk deployment best practices that will go a long way in saving you time and face, and allow you to spend your evenings unwinding in peace.
UBA, User Behavior Analytics, is a Premium Splunk App that leverages machine learning technologies, to secure an organization from insider threats while also providing outsider threat monitoring and alerting capabilities. In this blog we will cover frequently asked questions around UBA and its functionality.
There are countless blogs, articles, and Splunk ‘answers’ regarding the optimization of Splunk queries (and here’s another one). In this article, we are going to share a few tips to improve the performance of your Splunk queries…
Transaction processing can involve transactions flowing from multiple sources. In that case, you can use Splunk ITSI to drill down to issues with specific transaction end points.
Did you know that all Splunk Knowledge Objects (KO) generated during a search are maintained in memory? Sure, any one KO in itself doesn’t take up a lot of memory, but run a search that returns 10 million events… You can do the math!
Many Splunk customers start with a single disk for storing Indexes and then want to make changes. In this guide we will discuss the steps to move hot/warm buckets onto faster disks and move cooler buckets to cheaper storage.
You purchased Splunk cloud, the next questions is, what steps can I take to ensure a smooth experience. In this article, we will discuss key steps you can take to ensure you can use Splunk Cloud as quickly as possible.
Do you have a custom data source you’d like to import into Splunk? Welcome to the world of sourcetypes.
In this blog, we help you navigate the process of creating sourcetypes, from assessment to configuration.
During your SIEM journey there will be many terms thrown your way, understanding those terms is absolutely essential when it comes to your security environment. In this article, we will bring clarity to one of the more important terms in SIEM, CIM (Common Information Model) Lets Start with the Basics!
There’s currently a major adoption occurring around SOAR products Security Orchestration, Automation and Response. What is SOAR? SOAR is next-generation security software products that are designed to automate the common, and fairly remedial tasks that Security Analysts face.
- 1
- 2
