Hello Splunk Community!

Welcome to the June edition of Splunk Answers Community Content Calendar!

This month, we’re excited to share Getting Started with Splunk Artificial Intelligence, a brand new guide that shows you how to use AI-driven insights with Splunk software no matter where you are in your AI adoption journey. We’re also showcasing how Splunk is transforming nonprofit operations with new guidance to help these organizations deliver services to their beneficiaries and stakeholders more securely, quickly, and efficiently. And as usual, we’re linking you to all the other articles we’ve added over the past month, with new articles sharing best practices and guidance for the Splunk platform, new data sources, and Splunk’s security and observability products. Read on to find out more.

This series provides practical, real-time examples demonstrating how to use the Splunk AI Assistant effectively in Splunk Observability Cloud. In this first post, you'll learn how the AI Assistant can quickly identify unknown issues in your environment.

Turning Your Financial Data Streams into a Comprehensive Fraud Defense System

Discover how Amazon EventBridge can seamlessly route AWS events and findings to Splunk, offering real-time insights and proactive monitoring. This article guides you through setting up API destinations and crafting EventBridge rules to ensure timely data delivery, leveraging services like Amazon GuardDuty and AWS CloudTrail. With EventBridge's robust event delivery system and Splunk's powerful analytics, transform your security and operational workflows into a scalable, resilient solution. Dive in to unlock the full potential of your AWS-Splunk integration today!

When it comes to getting data in, one of the earliest decisions made is what to use as a sourcetype. Often, this choice gets less thought, less consideration than any other detail in log onboarding. That's a mistake. Picking the right sourcetype often drives the right behavior throughout the log onboarding process.

Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a housekeeping update, it’s a critical step in ensuring long-term support, enhanced security, and compatibility with your Splunk apps and add-ons. R

In today’s fast-moving environments, getting alerts is only half the battle—what really matters is making them actionable. In this article, I’ll walk through how I integrated Splunk Observability Cloud alerts directly into Webex Teams to streamline collaboration and improve incident awareness. While we’re not running a full-scale SRE operation, staying informed about issues impacting our community projects—like splunkgames.com—is critical.

I’ll show you how to leverage Webex Adaptive Cards for clean, actionable notifications, use Splunk’s webhook helper functions to dynamically customize alert details, and add direct links for rapid investigation. Whether you’re looking for a lightweight way to stay informed or want to extend your existing observability workflows, this integration is simple, practical, and easy to customize to your team’s needs.

Get ready for the most useful (and fun) event you’ll attend this year — see you in Boston September 8 - 11!

When a fraudster spreads activity across multiple channels, they can fly under the radar of traditional detection systems. In this final part of our fraud detection series, I break down a real case where a bank caught a coordinated fraud scheme by connecting web traffic and account creation data that seemed innocuous when viewed separately. Find out how they used Splunk to spot the shared password that exposed the entire operation—and stopped a $250k loss before it happened.

Stay Ahead with the Latest from the Splunk App Dev Community!

Whether you're crafting new solutions, fine-tuning existing apps, or just beginning your developer journey, this roundup is packed with updates, expert insights, and growth opportunities to help you get even more out of the Splunk platform. In this roundup, we’re highlighting key updates—from expert-led sessions and hands-on SPL2 workshops to upcoming platform changes and a brand-new Developer Program. Let’s dive into what’s happening now and what’s coming next!

Stay ahead of the curve and in the know with our comprehensive list of upcoming Tech Talks, Community Office Hours, and webinars. From insightful discussions to hands-on workshops, there’s something for everyone eager to dive deeper and learn. Don’t miss out — mark your calendars now!

This month, we’re excited to feature a suite of articles that your Splunk Admin will love - how to get maximum performance from the Splunk platform on the indexing, forwarding, and search head tiers. We’re also sharing how you can use SPL2 templates to reduce log size for popular data sources, with guidance on how to implement these safely in production environments. And as usual, we’re sharing all of the other new articles we’ve added over the past month, with articles covering Cisco capabilities, platform upgrades, and more. Read on to find all the details.

We're excited to introduce our new Content Calendar, your go-to guide for spotlighted questions from key boards and a dedicated SME Day each month, featuring expert insights and community driven solutions. 

Brute force attacks are evolving beyond single-account targeting to coordinated, distributed campaigns that fly under traditional security radar. In this second installment of our fraud detection series, we examine how one financial institution used Splunk to uncover and halt a sophisticated attack targeting dozens of high-value accounts. Learn how connecting authentication data across accounts revealed attack patterns that would have remained invisible to conventional security tools, potentially preventing over a million dollars in losses.

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers creating a panel to show rates instead of counts for each status.

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers creating an alternative way of comparing hourly rates with the previous few days.

The Splunk Developer Program is now live in public preview! Access centralized tools, resources and community support to build innovative apps on Splunk. Learn more at preview.dev.splunk.com

2024 has been an exciting and transformative year for Splunkbase and our developer community. We've made significant strides in enhancing the Splunk App Dev Ecosystem, improving developer experiences, and driving innovations in app development. This review highlights our key achievements, major milestones, and the road ahead for 2025.

Meet Brett: Splunker, innovator, and all-around tech enthusiast. From building apps that solve real-world problems to geeking out over video games and home automation, Brett’s journey is as dynamic as the data he works with. Discover what drives this SplunkTrust star in our latest Spotlight feature!

In today’s evolving threat landscape, we understand you’re constantly bombarded with phishing and malware threats. You can say goodbye to manually analyzing phishing and malware threats with Splunk Attack Analyzer. Join us on May 13 for the Splunk Attack Analyzer Hands-on Workshop to see it in action. Our expert, Laura Blystone, will guide you through applying automated threat analysis to real-world attack scenarios.

Attention, Splunkers! We’re thrilled to announce that AppDynamics has officially made its way to the Splunk Ideas Portal. This means you can now submit, track, and collaborate on feature requests for AppDynamics alongside all your other favorite Splunk products. Wondering how to access the portal, find your previously submitted ideas, or share new ones? Don’t worry—we’ve got all the details covered in our latest blog post. Plus, learn how to connect with the Splunk Ideas team directly if you have any questions. Click through to discover how you can shape the future of Splunk and AppDynamics!

Discover how advanced analytics uncovered a fraudster using a simple Gmail trick to open 17 seemingly unrelated bank accounts. This case study reveals how Splunk's fraud detection capabilities connected the dots across multiple accounts, preventing $425,000 in immediate losses an potentially saving the bank over $2,000,000. See how email normalization and visual analytics transformed fraud investigation from looking at individual accounts to spotting sophisticated patterns.

This month, we’re sharing an exclusive look at some of the latest learning that Splunkers are sharing with each other by making insights from our internal Lunch ’n Learn sessions available to you. As well as this, we’re sharing some more use cases that show how you can integrate generative AI with Splunk to supercharge insights and value from popular GenAI tools. And if that’s not enough, we’re also sharing a pile of new use cases that have gone live over the past month. Read on to find out more.

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers creating another new panel which will drill-down to the events behind the charts. You can read previous posts on the Splunk Community Blog! 

Stay ahead of the curve and in the know with our comprehensive list of upcoming April Tech Talks, Community Office Hours, and webinars. From insightful discussions to hands-on workshops, there’s something for everyone eager to dive deeper and learn. Don’t miss out — mark your calendars now!

Join us for the “Automation for the SOC of the Future Hands-on Workshop” on April 10th to experience Splunk SOAR firsthand and see how easy it can pair to work with Splunk Enterprise Security. We have the amazing Solution Engineer, Amin Hamidi, walk you through the process of responding to incidents, automating the process, and standard operating procedures with a real-world scenario in 90 mins.

In this second edition of our Developer Spotlight, we’re shining the light on Cameron Schmidt, a Splunk app developer at Hurricane Labs. With over a decade of experience, Cameron has built dozens of Splunk apps, many of which you can find on Splunkbase.

Curious about his journey, his impact, and what fuels his passion for Splunk development? Let’s dive in!

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers creating a new panel to show details based on the selection made by the user. You can read previous posts on the Splunk Community Blog! 

Do you want to ask Splunk AI Assistant the same questions you ask ChatGPT—but for your daily SPL use? Now you can! The Splunk AI Assistant for SPL leverages Gen-AI to help you write, understand, and optimize SPL queries effortlessly. From data discovery to security investigations, just type your question, and let AI do the heavy lifting. Read the full article to see it in action and download the Splunk AI Assistant to get started today!