In this blog we’re sharing all the details on more than 30 new articles published on Lantern last month, with a particular focus on the newest best practices for scaling automation and security workflow design. From a comprehensive series on Splunk SOAR playbook architecture to a closer look at the workflow enhancements in Enterprise Security 8.4, we’re providing the blueprints to help you move from manual tasks to sophisticated, high-maturity operations. We’re also delivering new resources for observability and Splunk platform specialists, covering everything from AI-assisted thresholding in ITSI to essential best practices for managing platform certificates and app development. Read on to find out more! 

Join us at Splunk Go in Austin, NYC and Atlanta, where we will unveil new innovations that help you secure, observe, and optimize the entire AI stack.

Don't let downtime compromise your mission. Join us at GovSummit 2026 in D.C. to master AI-powered automation and SecOps modernization for the public sector.

The agentic AI era is moving threats at machine speed. Join our live Splunk Enterprise Security Premier demo on February 26 to learn how to unify your SOC workflows, leverage built-in AI, and accelerate response times across hybrid environments.

A new month is here! Stay ahead of the curve and in the know with our comprehensive list of upcoming Tech Talks, Community Office Hours, and webinars. From insightful discussions to hands-on workshops, there’s something for everyone eager to dive deeper and learn. Don’t miss out — mark your calendars now!

This month, we’re highlighting the arrival of Splunk Enterprise Security 8.3 and what the new Premier and Essentials tiers mean for your SOC. We’re also diving into a new Solution Accelerator designed to simplify data compliance for the financial services industry. Alongside these features, we have a packed list of new articles covering everything from Linux systemd troubleshooting to cloud ingestion best practices. Let’s get into it! 

Hands-On Learning and Technical Seminars 

Sometimes, you just need to see the code. For those looking for a deep-dive educational experience, we have Technical Seminars (note: these require an additional fee). You can purchase Technical Seminars on the re

Are you tired of being a manual alert responder? The security landscape is shifting, and at Cisco Live, we’ll show you how to become a proactive orchestrator. We’re moving into the era of the Agentic SOC, where defenders leverage intelligent, automated ecosystems that learn, adapt, and scale. 

Stop manually curating risk scores. Discover how Entity Risk Scoring (ERS) in Splunk ES 8.3 automatically weights event frequency and severity to surface your riskiest entities instantly.

This month, we’re excited to share powerful new resources that focus on two of the most critical areas for modern IT and Security teams: using artificial intelligence to solve problems faster, and mastering the complexities of cloud-native infrastructure. Whether you are looking to automate your threat analysis or fine-tune your Kubernetes environment, our latest articles give you the expert guidance you need to succeed. 

Stop treating PCI DSS compliance like an annual fire drill. Discover how leading security teams use Splunk to maintain continuous compliance visibility, automatically track all 12 requirements, and turn audit preparation from weeks of scrambling into hours of confident reporting.

Stay ahead of the curve and in the know with our comprehensive list of upcoming Tech Talks, Community Office Hours, and webinars. From insightful discussions to hands-on workshops, there’s something for everyone eager to dive deeper and learn. Don’t miss out — mark your calendars now!Stay ahead of the curve and in the know with our comprehensive list of upcoming Tech Talks, Community Office Hours, and webinars. From insightful discussions to hands-on workshops, there’s something for everyone eager to dive deeper and learn. Don’t miss out — mark your calendars now!

This month, we’re excited to share powerful new resources that will transform how you manage security operations across hybrid environments. From implementing money-saving Federated Search capabilities for Amazon S3 to monitoring Google Cloud SQL or integrating with the Australian Signals Directorate's CTIS platform, we're bringing you guidance straight from expert Splunkers that addresses the most pressing challenges facing security teams today. On top of that, we've got lots more use cases, industry-specific guidance and best-practice tips to help you close out 2025 strong. Read on to find out more. 

For Digital Forensics and Incident Response (DFIR) practitioners, Splunk is a core part of daily workflow. Its Schema on the Fly and powerful Search Processing Language (SPL) allow for iterative and flexible investigation—ideal for the nature of forensic analysis.

Discover how Splunk ES Premier’s built-in User and Entity Behavior Analytics (UEBA) helps SOC teams detect hidden insider threats, reduce alert fatigue, and accelerate investigations.

Stay ahead of the curve and in the know with our comprehensive list of upcoming Tech Talks, Community Office Hours, and webinars. From insightful discussions to hands-on workshops, there’s something for everyone eager to dive deeper and learn. Don’t miss out — mark your calendars now!

Are you looking to bridge the gap between your operational technology (OT) and IT security monitoring? The Cisco Cyber Vision Add-on for Splunk makes it easier than ever.

Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are misattributed, investigations stall, and compliance reporting becomes unreliable. Yet practitioners face recurring challenges: inconsistent data across sources, missing attributes, schema drift, and conflicts between authoritative systems

Stay ahead of the curve and in the know with our comprehensive list of upcoming Tech Talks, Community Office Hours, and webinars. From insightful discussions to hands-on workshops, there’s something for everyone eager to dive deeper and learn. Don’t miss out — mark your calendars now!

This month, we’re excited to share a set of new articles that have been created from popular .conf 2025 sessions – from optimizing LLM RAG patterns to optimizing Enterprise Security 8, we’ve created articles that capture all the insights and lessons that our Splunk experts shared.  We’re also taking a look at a comprehensive new article series on scaling Splunk Edge Processor infrastructure, perfect for anyone who wants to take their data management practices to the next level. On top of that we’ve got lots of new articles to share with you, as well as all the details on our new website redesign! Read on to find out more. 

Interested in getting early access to our AI Playbook Authoring feature? Read this post to learn how to apply for our Alpha private preview program. 

Tool sprawl, context switching, and alert overload are slowing down SOCs—and giving attackers the upper hand. But good news -- Splunk Enterprise Security (ES) brings together your entire threat detection, investigation, and response (TDIR) process into one AI-powered platform, helping analysts work smarter and respond faster.

The Universal Configuration Console (UCC) Framework was built by passionate Technology Add-on (TA) developers to make TA development faster, easier and more consistent. Whether you’re a seasoned Splunk expert managing hundreds of data sources or just starting your journey, UCC provides a streamlined way to create add-ons with rich UI, full control over output quality, and a repeatable development process.

Explore why Splunk AI Search Assistant is better suited than ChatGPT for writing and explaining SPL. While general-purpose LLMs like ChatGPT are impressive, they often lack the context needed for accurate and reliable queries in your Splunk environment. This post breaks down how a domain-specific AI delivers better results through personalization, precision, and privacy.

Financial services organizations face an impossible security equation: maintain 99.9% uptime while defending against sophisticated attacks. With 78% of security tools disconnected and over 50% of financial firms experiencing major breaches, the solution isn't more point tools—it's integrated platforms. Discover how AppDynamics, Cisco Secure Application, Splunk Enterprise Security, and SOAR work together to transform reactive security into proactive defense for financial institutions.

Splunk Enterprise Security (ES) continues to be a leader in the Gartner Magic Quadrant, reflecting its pivotal role in modern security operations. Since the release of version 8, ES has delivered a revitalized user interface through Mission Control and in

Learn how financial institutions are building unified security from development to SOC operations using AppDynamics, Cisco Secure Application, and Splunk Enterprise Security. This integrated approach eliminates security silos by embedding vulnerability intelligence directly into developer workflows while providing security teams with rich context for faster threat response. See how one platform integration addresses regulatory compliance, business continuity, and advanced threat protection challenges specific to financial services.

Ready to build, code, and connect? The Splunk App Platform Developer experience at .conf25 is bigger and better than ever. Head to the Builder Bar in the Pavillion showfloor to learn about the latest tooling, get hands-on support, and connect with peers. Join the Splunk Developer Program and don’t miss these other key developer sessions at .conf25. Whether you're scaling solutions or squashing bugs, there's something here for every kind of builder. Get the inside scoop on what not to miss. 

Are you ready to take your threat hunting skills to the next level? As Splunk community members, you know the power of digging deeper—finding threats that fly under the radar of automated tools. But getting started with threat hunting can feel overwhelming with so many techniques and paths to choose from.

This month, we're diving into some brilliant community-driven fixes that simplify life for security practitioners, straight from the trenches of Splunk Answers.

Would you like to feature more solutions like this? Reach out @Anam Siddique on Slack in our Splunk Community Slack workspace to highlight your question, answer, or tip in an upcoming Community Content post! 💡 Our contributors who are highlighted for providing a solution will be given a $25 Cisco Store gift card for their contributions.