Discover how Amazon EventBridge can seamlessly route AWS events and findings to Splunk, offering real-time insights and proactive monitoring. This article guides you through setting up API destinations and crafting EventBridge rules to ensure timely data delivery, leveraging services like Amazon GuardDuty and AWS CloudTrail. With EventBridge's robust event delivery system and Splunk's powerful analytics, transform your security and operational workflows into a scalable, resilient solution. Dive in to unlock the full potential of your AWS-Splunk integration today!

Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a housekeeping update, it’s a critical step in ensuring long-term support, enhanced security, and compatibility with your Splunk apps and add-ons. R

When a fraudster spreads activity across multiple channels, they can fly under the radar of traditional detection systems. In this final part of our fraud detection series, I break down a real case where a bank caught a coordinated fraud scheme by connecting web traffic and account creation data that seemed innocuous when viewed separately. Find out how they used Splunk to spot the shared password that exposed the entire operation—and stopped a $250k loss before it happened.

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers creating a panel to show rates instead of counts for each status.

The Splunk Developer Program is now live in public preview! Access centralized tools, resources and community support to build innovative apps on Splunk. Learn more at preview.dev.splunk.com

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers creating another new panel which will drill-down to the events behind the charts. You can read previous posts on the Splunk Community Blog! 

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers creating a new panel to show details based on the selection made by the user. You can read previous posts on the Splunk Community Blog! 

This is a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers using pan and zoom to select areas of the chart to focus on. You can read previous posts on the Splunk Community Blog! 

This is part 4 in a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

This section covers using the results of a search to modify the colours used in the panel titles.

This is part 3 in a series of blogs demonstrating how to build a dashboard for analysing the web logs from the Splunk Enterprise Search Tutorial dataset, and starts from where the tutorial left off.

In this section, you will modify the dashboard to visualize how the success rate compares to a desired threshold level, or Service Level Objective.

This is part 2 in a series of blogs from a member of the SplunkTrust, demonstrating how to build a dashboard for analyzing the web logs from the Splunk Enterprise Search Tutorial dataset. This series assumes you have already completed that tutorial, as it uses the same dataset that you will have already downloaded and ingested into Splunk. If you have not, please go to the Tutorial and complete it (or at least download and ingest the dataset).

This section covers creating a panel to show rates instead of counts for each status.

We are excited to kick off a new series of blogs from a member of the SplunkTrust, demonstrating how to build a dashboard for analyzing the web logs from the Splunk Enterprise Search Tutorial dataset. This series assumes you have already completed that tutorial, as it uses the same dataset that you will have already downloaded and ingested into Splunk. If you have not, please go to the Tutorial and complete it (or at least download and ingest the dataset).

Splunk Platform has set a great foundation for your security operations. With the ever-evolving threat landscape and an expanding attack surface, Splunk’s SIEM solution- Enterprise Security is always here to enhance your security posture, saving you time and effort with its unified workflow for threat detection, investigation, and response.

Check out this newly launched video to see how the market-leading SIEM - Enterprise Security can empower your SOC efficiency.

The Splunk-based indexer workloads tested included around a million searches/day and ingestion of around 350GB data per indexer per day. The ext4 filesystem consistently outperformed XFS in terms of the introspection measure “avg_total_ms” on multiple indexer clusters.

The latest release of Ingest Actions expands its supported destinations with local and network file systems!

Introduction to routing logs using OpenTelemetry, with many real-life examples and scenarios.

Clayton Homes faced the increased challenge of strengthening their security posture as they went through rapid digital transformation. The challenge was further exacerbated by the hybrid cloud reality as Clayton Homes moved more deployments to the cloud. They wanted a better way to build a secure and more resilient digital world while migrating to the cloud.

App Assist monitors the apps in your Splunk Enterprise to ensure they are up-to-date and secure. Have you ever installed an app on your Splunk deployment, stopped using it, and as a result never upgraded? Well, these older versions may be missing critical security patches that the most up-to-date app provides.

Config Assist helps to keep your Enterprise environment safe. It identifies configurations that need changing and provides actionable (copy-paste) recommendations to fix those settings. Do you worry about when the newest vulnerability patch will come out, or when you should run another security check across all your nodes? Fret no more!

Remember those hundreds and thousands of forwarders that you have to manage and track certs for? No more! Now, admins can easily identify and mitigate issues related to certificates before they expire and prevent outages or missing data. 

Splunk Assist is a free, fully-managed cloud-connected service for Splunk Enterprise. It provides you with a single place to monitor your deployment and see recommendations to improve your security posture. 

This blog post will walk you through sending metrics data with the OpenTelemetry Collector to a Splunk Enterprise deployment.

Use Apache Camel to send data to Splunk over HEC - with an example to monitor Github releases!

Just enough SPL to highlight US states on a map.

Time to upgrade your Splunk? Read the new “Upgrading Splunk Enterprise” Lantern how-to article in order to get help during your upgrade process.