Community Blog
Get the latest updates on the Splunk Community, including member experiences, product education, events, and more!

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New Articles

Splunk Employee
Splunk Employee

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data insights, key use cases, and tips on managing Splunk more efficiently.

We also host Getting Started Guides for a range of Splunk products, a library of Product Tips, and Data Descriptor articles that help you see everything that’s possible with data sources and data types in Splunk.

This month we’re focusing on a new feedback initiative. We want to hear from you what you’d like to see on Lantern, and we’ve got swag to give away at .Conf for your ideas! As usual, we’re also sharing the full list of articles published over the past month. Read on to find out more.

Share Your Use Case Ideas!

Did you know that Lantern holds more than 230 use cases in our Use Case Explorer for Security and Use Case Explorer for Observability and the Use Case Explorer for Splunk Platform? While that’s a lot of use cases, we’re always on the lookout for more!

So what exactly is a Lantern use case? Our use cases contain step-by-step guidance for applying Splunk software to a real business outcome to help you to self-serve and get to value faster. They might have wide interest or applicability, or they might serve more niche needs. What all of Lantern’s use cases have in common is that they contain practical guidance that you can pick up and use right away in your environment.

Here are some examples of use cases within Lantern:

Do you have an idea for a security, observability, or industry-specific use case that you’d love to see on Lantern? Share your ideas with us! All of your ideas will inform our article development strategy for the upcoming year, and your article could be written by a Splunk expert for all Splunk customers to benefit from.

To say thank you, we’re giving away some exclusive Lantern swag! Just submit an idea and be one of the first 50 visitors to the Splunk Lantern kiosk in the Success Zone at .Conf this year to claim your prize. You can submit your ideas using the form link above, or complete it at the kiosk, so start thinking about your use case ideas now!

Even if you won’t be at .Conf, we’re keen to hear what use cases will help you take your Splunk usage to the next level, so please share your ideas with us today!


Spotlight on Security

This past quarter, Splunk Lantern has had the pleasure of working with Professional Services (PS) Regional Security Architect David Goodin, who joined us for a job rotation. As an expert PS team member with lots of experience with working with customers, David has a lot of tips and tricks for getting the most out of Splunk software. Now, we’re happy to share them with you all through his articles! Here’s what David wrote for us this month.

Properly securing Splunk indexes shows you how you can use role-based access control (RBAC) to secure your indexes and data models. It goes through some of the pros and cons of using search filters versus index restrictions to secure your Splunk instance, and explains some of the performance considerations you’d expect to see.

There’s a lot of demand for articles covering federated search, and David’s article on Securing and monitoring federated search is an authoritative guide on how to ensure that federated search in your environment is properly secured and compliant.

Identifying non-defensible networks with Splunk details strategies for maintaining a complete asset and identity network inventory, with tips for finding rogue machines.



Using Splunk SOAR to find gaps in your containment strategy shows you how to use Splunk SOAR to automate the containment process through the use of playbooks. Incident responders and their teams might find this use case especially helpful to strengthen their containment strategies in line with best practices.

If you liked these use cases, you might also want to check out the rest of David’s articles:


This Month’s New Articles

Here are all of the other articles that are new on Lantern, published over the month of April:

We hope you’ve found this update helpful. Thanks for reading!

Kaye Chapman, Senior Lantern Content Specialist for Splunk Lantern

Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...