SP6 Blog

Your Guide to Disk Migration

Many Splunk customers start with a single disk for storing Indexes and then want to make changes. In this guide we will discuss the steps to move hot/warm buckets onto faster disks and move cooler buckets to cheaper storage.

Read More

WLM: The Great, The Good, and The Gotchas

Splunk WLM (Workload Management) provides the ability to allocate compute and memory resource to search, indexing, and other processes such as scripted inputs. This allows you to allocate the right resources to your Splunk server depending on its role.

Read More

What Makes a Sourcetype?

Do you have a custom data source you’d like to import into Splunk? Welcome to the world of sourcetypes.
In this blog, we help you navigate the process of creating sourcetypes, from assessment to configuration.

Read More

Splunk ES Implementation Checklist

Congratulations! Your organization has had the foresight to purchase Splunk’s Enterprise Security along with expert Professional Services to assure a successful implementation. This guide will serve as a checklist to help ensure you are prepared for the most successful ES deployment possible.

Read More

Hardening Your Splunk Instance

According to the Ponemon Institute the average cost of data breach for a company is $3.8 million dollars. Regardless of whether you are operating in the cloud or on-premise taking steps to harden your operating system is an absolute must to limit potential security weaknesses.

Read More

CIM Compliance – A Simple Walkthrough

Making data CIM compliant can be a daunting and confusing exercise for new Splunkers and experienced ones alike. Often the biggest misconceptions have to do with the approach rather than the exercise itself. My biggest piece of advice – start with the end in mind.

Read More

CIM: What… Why… How…

During your SIEM journey there will be many terms thrown your way, understanding those terms is absolutely essential when it comes to your security environment. In this article, we will bring clarity to one of the more important terms in SIEM, CIM (Common Information Model) Lets Start with the Basics!

Read More

What is SOAR Technology?

There’s currently a major adoption occurring around SOAR products Security Orchestration, Automation and Response. What is SOAR? SOAR is next-generation security software products that are designed to automate the common, and fairly remedial tasks that Security Analysts face.

Read More