Community Blog
Get the latest updates on the Splunk Community, including member experiences, product education, events, and more!

Announcing Splunk Lantern’s Use Case Explorers for Security and Observability

Splunk Employee
Splunk Employee

Hey Splunkers! We have an exciting update lined up for you this month focusing on two major new tools that have just been released on Splunk Lantern - the Use Case Explorer for Security, and the Use Case Explorer for Observability.

Why use the Use Case Explorers?

When you were new to Splunk, you likely started using our platform with one, two, or a handful of use cases you wanted to achieve. You'll have worked to get those use cases activated and to see value from your Splunk investment. 

But your needs, over time, will change as your function or organization grows and matures. The use cases you bought Splunk for initially might change or become less important, and you might find you need some help identifying where to focus next. Or you might find that the ways you accomplished your original use cases aren’t as effective as they were at the start, and you need to adopt more efficient processes that fit you better as you scale.

The Use Case Explorers for Security and Observability are designed to help in both of these scenarios - giving you a ‘color-by-numbers’ on how to grow and improve your Splunk usage throughout your journey to build a mature Security or Observability function.

The Use Case Explorers are the result of months of hard work by expert Splunkers with decades of industry experience, and who know first-hand what success in Security and Observability looks like. We’ve mapped out a journey based on how we know top customers use Splunk to grow, while also drawing on guidance from industry analysts such as Gartner and best-practice tools like the MITRE ATT&CK framework, to help you see how Splunk can partner with you throughout your journey.

So are you ready to take a look? Let’s explore how these tools work.

How to use the Use Case Explorers

Each of the Use Case Explorers uses a map to provide a framework for your Security or Observability journey. You’ll be able to use the map to identify where you are currently, as well as where you want to go. Different use cases are recommended at different stages of the map, and just like any other Lantern article, we give you the exact procedures you need to follow to get them implemented. We’ve developed SPL snippets, videos and step-by-steps that make it easy for you to get your use cases up and running quickly and efficiently.

Identifying new use cases is one thing, but implementing them in your organization can be a larger task. That’s why we’ve also created the Value Realization Cycle, a procedure you can follow to see continued success with new use cases, and the Use Case Registry, a tracking template you can use to help you roll out your new use cases. Select “Click here if it's your first time to learn how to use it” from the Use Case Explorers for Security or Observability to access them.

Finally, if you want to see how everything looks in action, you can follow along with the fictional organization CS Corp to see how they use the Use Case Explorer to implement new use cases and grow their business. Click through to see the examples for Security or Observability.

The Use Case Explorer for Security

Here’s the map for the Use Case Explorer for Security. Across the top are workflow stages (Ingest Data, Monitor, Analyze and Investigate, and Act), and below each are focal areas that contain use cases and best practice guidance which you can start to apply right away.


The Use Case Explorer for Observability

The Use Case Explorer for Observability aligns to Gartner's industry-defined AIOps framework that helps define your journey. The workflow stages are Observe, Engage, and Act, each containing focal areas with use cases and best-practice guidance.


What’s next?

Click into our Use Case Explorers and let us know what you think! If you’re logged into Lantern with your Splunk account, you can leave feedback at the bottom of each page.

We’re planning to continue building out the Use Case Explorers over the coming weeks, so keep checking back for more use cases and content. 

Finally, thinking about Lantern as a whole, we’re looking to get your ideas on the type of content you’d like to see on Lantern in the future. Click through to one or more of the following anonymous surveys to tell us what you want to see more content on:

We hope you’ve found this update helpful. Thanks for reading!

- Kaye Chapman, Customer Journey Content Curator

Get Updates on the Splunk Community!

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...

Admin Your Splunk Cloud, Your Way

Join us to maximize different techniques to best tune Splunk Cloud. In this Tech Enablement, you will get ...