Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data insights, key use cases, and tips on managing Splunk more efficiently.
We also host Getting Started Guides for a range of Splunk products, a library of Product Tips, and Data Descriptor articles that help you see everything that’s possible with data sources and data types in Splunk.
This month we’re sharing some great new articles written by members of the SplunkTrust and Splunk MVP programs. We’re also excited to announce that Lantern now supports customers in more countries with our new instant translation feature. And as usual, we’re sharing all the rest of the new articles we’ve published this month. Read on to find out more.
Expert Insights from SplunkTrust and Splunk MVP Members
The SplunkTrust is a group of highly skilled and knowledgeable Splunk users who are trusted advisors to Splunk. Members of the SplunkTrust are selected based on their exceptional technical skills and suggestions which shape the future of Splunk’s products.
Splunk MVPs are members of the Splunk community who have been recognized for their contributions to community programs, like Splunk Answers or Splunk User Groups. Similarly to SplunkTrust, these are individuals who support and help the Splunk community as a whole with their helpfulness and knowledge.
We’re very proud to have started working with these groups to produce new Lantern articles that add to the quality and richness of information available on our site! Here are a few highlights from the first batch to go live.
We all know that Splunk can be used to monitor almost anything, but have you ever wondered how you might use Splunk to monitor unusual things, like plants or even animals? Our new article, Using the Splunk platform to monitor key horse-related data points, is a fun and interesting read not only for horse owners, but also for anyone who might be wondering how to monitor non-standard things with Splunk.
If you’ve ever struggled with getting data into the Splunk Platform, Avoiding common pitfalls for getting data in is a helpful article that lays out some of the common pitfalls to avoid. It includes guidance on correctly configuring HTTP Event Collector (HEC) unit timestamps, sharing configurations system-wide, and how to set up index-time versus search-time field extractions so you don’t end up with duplicate values in your search results.
Do you know the difference between the inputlookup and lookupcommands used in searches? If you use Splunk Answers for information on the commands, you might find that some of your peers confuse them, but they are not interchangeable. Using inputlookup and lookup commands correctly lays out the use cases for each with some examples of how you might use these commands in your searches.
Finally, Using contentctl to speed up your SOC shows you how you can use contentctl, otherwise known as the Content Control Tool, to get detections into Splunk Enterprise Security. Using contentctl with a detection-as-code approach provides a range of benefits that help you to operate your SOC more efficiently and consistently.
Instant Translation on Lantern
We’re very happy to announce that Splunk Lantern articles are now available in Japanese, Spanish, and Portuguese! To access these language options, click the person icon in the upper-right corner and log in using your Splunk account information.
After logging in, you will see a drop-down in the upper-left that allows you to switch any article (and many of the page elements) to the language of your choice.
As you navigate through the site, the content will remain in your chosen language until you select a new one.
At this time, screenshots, videos, and PDF downloads are still only available in English. Additionally, site content is only searchable in English. For a full list of limitations, click here. We hope to offer a more complete translated experience in the future.
As with all Lantern articles, these translations rely on feedback from users like you to improve it. On each article, you'll find a small tab on the right side where you can share your opinion on the quality of translation. If you’re a Japanese, Spanish or Portuguese speaker, please give this new feature a try and let us know your thoughts!
This Month’s New Articles
Here are all of the other articles we’ve published throughout July:
- Using service sandboxes in Splunk ITSI
- Supporting a cloud forensics workflow
- Monitoring common Operational Technology protocol ports
- Using ingest actions to filter Palo Alto Logs
- Configuring Splunk add-on for McAfee/Skyhigh Web Gateway
- Skyhigh Security
- Monitoring DNS queries and responses
- Using an Edge Processor to save Splunk Virtual Compute
- Monitoring removable media devices in Operational Technology environments
- Identifying indicators of fraud using geometric principles
- Monitoring remote access to Operational Technology environments
We hope you’ve found this update helpful. Thanks for reading!
Kaye Chapman, Senior Lantern Content Specialist for Splunk Lantern
