Congratulations are due to the winners of Splunk's first-ever Community Dashboard Challenge!! Read on on the details of these winning dashboards.
Alexander Romanauskas
This dashboard monitors the productivity of chickens in the coop. It includes daily weather and sunrise/sunset data input via REST API, along with records of the daily amounts of food and water consumed and the number of eggs collected.
Martin Hettervik
These dashboards are part of an app that Martin created to visualize Nessus security scans in Splunk. Inspired by the Tenable App for Splunk, Martin aimed to enhance visualizations for better data comprehension and navigation.
The first dashboard provides an overview of all vulnerability scans, using color coding to differentiate severity levels. It highlights environments and hosts with the most vulnerabilities, shows the types of prevalent vulnerabilities, the period of scan data, and the number of scanned networks.
The drilldown dashboards offer detailed views of vulnerabilities per host, with clickable tables for more information about specific hosts and direct links to the Tenable website for detailed vulnerability information. Users can filter vulnerabilities by severity and other criteria. The dashboards integrate with the Splunk ES asset list for sorting vulnerabilities by business group or environment and include a lookup feature for "ignored vulnerabilities," allowing users to exclude specific vulnerabilities from the dashboards.
Vijeta Galani
This dashboard is to monitor cyber and Infra critical cloud applications. This makes use of website ping and RSS feeds. It gives an overview of application status and also has drill down action which shows detailed timeline for each application.
The first panel shows if the website is up and running. It also captures slow response and displays it under Warning. If the website is down or returns status other than 200 it displays under Error count.
The 2nd panel is for displaying RSS feed within the given timeframe for certain applications that are critical for day to day operations.
Chris Kaye
This dashboard builds on the Splunk tutorial data set and uses pan and zoom to set timeframes for a drilldown into the state of request events allowing the user to easily investigate anomalies in response data, showing and hiding drilldown panels as the user pursues their investigation. It also uses hidden capabilities of standard charts to help visualise recent data compared to historic data. CSS is also used to enhance the visual impact of the dashboard.
Mike Wang
The Risky Signin Analytic Dashboard presents risky sign-in events from Azure AD (now known as Entra ID) in an easily understandable visual display. It correlates multiple valuable data in a risky sign-in event investigation, lists common sign-in attributes for comparison with rare sign-in attributes, and describes threat activities as clearly and systematically as possible. For example, highlighting risky accounts with both sign-in failures and successes and ordering sign-in events by time can help identify potential impossible travel activities, etc.
- The Risky Signin Analytic Dashboard can be used to:
- Monitor for unusual account risky sign-in activities.
- Analyze risky account events with both successful and failed sign-ins.
- Serve as an auxiliary tool for Entra AD incident/alert event analysis.
- Strengthen the security posture of identity verification by reviewing risky sign-in events, such as optimizing the settings of Conditional Access Policy and whether the account has enabled multi-factor authentication, etc.
Our Thanks & Feedback
Congratulations to all the winners! 🏆 Your outstanding work has not only earned you recognition but also contributed to the growth and knowledge of the entire Splunk Community.
We would also like to extend our thanks to our panel of judges for their time and effort in evaluating the entries, as well as to all community members for their support and engagement.
For folks who participated, as well as those who would like to participate in future challenges, submit your feedback here.
