Community Blog
Get the latest updates on the Splunk Community, including member experiences, product education, events, and more!

New Year, New Splunk Lantern Articles - Featuring Splunk Partners!

KayeChapman
Splunk Employee
Splunk Employee

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data insights, key use cases, and tips on managing Splunk more efficiently.

We also host Getting Started Guides for a range of Splunk products, a library of Product Tips, and Data Descriptor articles that help you see everything that’s possible with data sources and data types in Splunk.

This month we’re focusing on a swathe of new articles written by fantastic Splunk partners. Our partners have a wealth of expertise in supporting use case implementation and delivering success to Splunk users, so we’re proud to have recently launched several new articles that allow you to use their knowledge for your benefit.

We’re also requesting help from Splunkers and partners to help us write articles on a range of hot topics requested by Splunk customers. If you’re a Splunker or partner with expertise to share, we’d love to hear from you! Read on to find out more.

Articles From Our Partners

Splunk’s partners are true experts in working with Splunk, so we’re excited to share these new articles with you. The insights and knowledge that our partners share through Lantern comes from valuable real-world experience working directly with customers like you. The topics our partners write about all contain actionable tips and useful best practices that you can apply to your own environment, helping you easily improve the way you work with Splunk. 

Identifying Lantern articles written by partners is easy - you’ll see the name of the partner who wrote the article at the top of the article, just underneath the article title - you can see this in the example image below. The partner’s name displayed here is a link that you can click to see everything else they’ve written in Lantern. You’ll also find more information about each partner at the end of each article.

KayeChapman_0-1673286606822.png

Let’s dive in and take a look at the new partner-written articles we’ve published over the past month.

If you’re looking to improve your data onboarding to make your Splunk deployment more efficient and to save money with workload pricing, check out Configuring new source types. This article shares ten key configurations that you need to be aware of when setting up a new source type, helping save the Splunk platform work when parsing events and sending data to indexers.

Getting Okta data into the Splunk platform and Enabling Okta single sign-on in the Splunk platform are must-reads if you’re interested in working with Okta. The articles share how to enable single sign-on, ingest Okta data, and report and audit on Okta with the Splunk platform, with step-by-step processes you can follow to achieve this.

On the topic of cloud migration, Selecting the best cloud migration approach explains some of the pros and cons of the different approaches available to customers when migrating to the cloud - whether you’re looking to start fresh in Splunk Cloud Platform without migrating historical data, running both environments before switching over, or performing a full migration of the on-premises deployment. This article is a great companion to our existing Splunk Cloud Platform Migration guidance.

Writing better queries in Splunk Processing Language is a great article for anyone writing SPL regularly. The examples here help you learn how to write queries that minimize the number of trips to the indexers, minimize the amount of data coming back from the indexers, perform calculations on the smallest amount of data, and use non-streaming commands as late in the query as possible. These tips help you write effective queries that lead to quick and efficient search performance.

Last but not least, Using the Splunk Enterprise Security assets and identities framework is useful for anyone looking to use the Assets and Identities Manager in Splunk Enterprise Security. It will help your analysts and incident responders get the information they need to work more effectively.

Experts Wanted!

While we’re already building a great base of partner content, we’re now looking for Splunkers and more partners to share their expertise with us and help us write articles on specific topics that have been requested by customers.

The topics that have been requested so far that would be a great fit for Lantern are:

  • Use cases relevant for retail organizations building pipeline or sales
  • Forwarding best practices
  • Azure Security use cases
  • Trend Micro Email Security use cases
  • Best practices for SPL2
  • CIM Validator information
  • Ingesting data from Spring Boot via API call

Do you have expertise in these areas? If so, we’d love to hear from you! If you’re not a natural writer, that’s not a problem, as the Lantern team contains great writers and editors who can help you create a high-quality article.

You can contact us via lantern@splunk.com, or comment on this article, and we’ll get in touch with you.

What Else?

We published several other articles and made lots of updates to existing content throughout December. Our Data Descriptors are also undergoing a major overhaul, so if you haven’t looked there lately, take a look and see if there’s a new data source or data type you’d be interested to learn more about.

Our new articles you might be interested to see include:

We hope you’ve found this update helpful. Thanks for reading!

— Kaye Chapman, Customer Journey Content Curator for Splunk Lantern

Get Updates on the Splunk Community!

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...

Security Highlights | January 2023 Newsletter

January 2023 Splunk Security Essentials (SSE) 3.7.0 ReleaseThe free Splunk Security Essentials (SSE) 3.7.0 app ...