Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data insights, key use cases, and tips on managing Splunk more efficiently.

We also host Getting Started Guides for a range of Splunk products, a library of Product Tips, and Data Descriptor articles that help you see everything that’s possible with data sources and data types in Splunk.

This month, we’re focusing on our exciting new articles related to the Solution Accelerator for OT Security and Solution Accelerator for Supply Chain Optimization, which are both designed to enhance visibility, protect critical systems, and optimize operations for manufacturing customers. In addition, for Amazon users, we’re exploring the wealth of use cases featured on our Amazon data descriptor page, as well as sharing our new guide on sending masked PII data to federated search for Amazon S3 - a must-read for managing sensitive data securely. Plus, we’re sharing all of the other new articles we’ve published over the past month. Read on to find out more.

Enhancing OT Security and Optimizing Supply Chains

Operational Technology (OT) environments pose unique security challenges that require tailored solutions. Traditional IT security strategies often fall short when applied to OT systems due to these systems' reliance on legacy infrastructure, critical safety requirements, and the necessity for high availability.

To address these challenges, Splunk has introduced the Solution Accelerator for OT Security, a free resource designed to enhance visibility, strengthen perimeter defenses, and mitigate risks specific to OT environments. Our Lantern article on this new Solution Accelerator provides you with everything you need to know to get started with this helpful tool. Key capabilities include:

• Perimeter monitoring: Validate ingress and egress traffic against expectations, ensuring firewall rules and access controls are effective.
• Remote access monitoring: Gain insights into who is accessing critical systems, from where, and when, so you can safeguard against unauthorized access.
• Industrial protocol analysis: Detect unusual activity by monitoring specific protocol traffic like Modbus, providing early warnings of potential threats.
• External media device tracking: Identify and manage risks from USB devices or other external media that could bypass perimeter defenses.

With out-of-the-box dashboards, analysis queries, and a dedicated Splunk app, this accelerator empowers organizations to protect their critical OT systems effectively.

For businesses navigating the complexities of supply chain management, real-time visibility is crucial to maintaining efficiency and meeting customer expectations. The Lantern article on the Solution Accelerator for Supply Chain Optimization shows how organizations can use this tool to overcome blind spots and optimize every stage of the supply chain.

This accelerator offers:

• End-to-end visibility: Unified insights from procurement to delivery, ensuring no process is overlooked.
• Inventory optimization: Real-time and historical data analyses to fine-tune inventory levels and forecast demand with precision.
• Fulfillment and logistics monitoring: Tools to track order processing and delivery performance, minimizing delays and costs.
• Supplier risk management: Assess supplier performance and identify potential risks to maintain a resilient supply network.

Featuring prebuilt dashboards, data models, and guided use cases for key processes like purchase order monitoring and EDI transmission tracking, this accelerator simplifies the adoption of advanced analytics in supply chain operations.

Both accelerators are freely available on GitHub and offer robust frameworks and tools to address the unique challenges of OT security and supply chain optimization. Explore these resources to drive better outcomes in your operations today.

Working with Amazon Data

Do you use Amazon Data in your Splunk environment? If so, don’t miss our Amazon data descriptor page! Packed with advice and one of the most often accessed sections in our site library, it covers everything from monitoring AWS environments to detecting privilege escalation and managing S3 data.

This month, we’ve published a new article tailored for S3 users: Sending masked PII data to the Splunk platform and routing unmasked data to federated search for Ama.... It guides you on how to:

• Mask sensitive data like credit card numbers for Splunk Cloud ingestion.
• Store unmasked raw data in S3 for compliance and use federated search for cost-effective access.

   

Explore this article and more on our Amazon data descriptor page to enhance your AWS and Splunk integration!

Everything Else That’s New

Here’s everything else we’ve published over the month:

• Monitoring and logging MQTT topic messages using Eclipse Mosquitto
• Configuring and monitoring NETSCOUT Omnis AI Streamer data
• Netscout
• Classic dashboard export deprecation FAQ
• Monitoring electronic data interchange transmission and acknowledgement
• Monitoring purchase order lifecycles

We hope you’ve found this update helpful. Thanks for reading!

Kaye Chapman, Senior Lantern Content Specialist for Splunk Lantern