Home
Join the Community
Welcome Center
Welcome Center
Join Slack
Be a Splunk Champion
SplunkTrust
Splunk MVP
Become a User Group Leader
Splunk Love
Share a Tip
Find Answers
Splunk Administration
Getting Data In
Deployment Architecture
Monitoring Splunk
Using Splunk
Splunk Search
Dashboards & Visualizations
Splunk Products
Splunk Enterprise
Splunk Enterprise Security
Splunk Cloud Platform
Splunk Observability Cloud
Splunk AppDynamics
Splunk SOAR
Apps & Add-ons
All Apps and Add-ons
Splunk Development
Events
User Groups
Tech Talks: Technical Deep Dives
Office Hours: Ask the Experts
From Data to Insight: The Splunk Dashboard Contest
Dashboard Contest Terms and Conditions
Blogs
Community Blog
Product News & Announcements
Training & Certification Blog
Learning
Learning Paths
Training & Certification
Training + Certification Discussions
AppDynamics Knowledge Base
Best of conf
Resources
.conf25
Splunkbase
Developers
Documentation
Splunk Ideas
Splunk Events
Voice of Customer
Sign In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Show
only
|
Search instead for
Did you mean:
Community Office Hours
Community Office Hours
×
Join the Conversation
Without signing in, you're just watching from the sidelines.
Sign in or Register
to connect, share, and be part of the Splunk Community.
Ask a Question
Events
:
Office Hours: Ask the Experts
:
Community Office Hours
Options
Subscribe
Add Events to Calendar
Mark all as New
Mark all as Read
Community Office Hours
View:
In Progress
Upcoming
Past
Status: In progress
Status: Upcoming
Ingest Only What You Need with S3 Promote
Thursday, May 21, 2026
Cut Costs, Not Capabilities: Ingest Only What You Need with S3 Promote What are Community Office Hours?: Ask the experts at Community Office Hours! Is an ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics. Topic: Cut Costs, Not Capabilities: Ingest Only What You Need with S3 Promote When: Thursday, May 21 | 11AM PDT / 2PM EDT Where: Register Here What to Expect: We will be hosting an "Ask Me Anything" (AMA) session to dive into the technical implementation and best practices. Bring your questions, including: Configuration: How do I configure AWS IAM roles and S3 bucket permissions to grant Splunk Cloud the necessary access to my data? Workflow: What are the steps to configure a new Promote job, and how can I monitor its progress and health within Data Manager? Compatibility: Which data formats does S3 Promote support, and can I use it for custom data types beyond standard AWS source types? Licensing: How does S3 Promote affect my Workload or Ingest-based licensing, and is there a specific SKU required for this feature? Retention: Does Splunk automatically manage the deletion of promoted data, or are there specific best practices for handling data retention? Integration: Can I use S3 Promote to re-ingest data that was originally routed to S3 via Splunk Edge or Ingest Processors? Register Now Please submit your questions at registration. You can also head to the #office-hours user Slack channel to ask questions (sign in with SSO here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants.
Labels
(2)
Labels
Labels:
Platform
Upcoming Office Hours
0 attending
0
0
From Alert Storms to Signal: Live Q&A on Reducing Noise Across Your Network
Wednesday, June 3, 2026
Register here. This thread for the Community Office Hours session on From Alert Storms to Signal: Live Q&A on Reducing Noise Across Your Network on Wed, June 3rd, 2026 at 11am PT / 2pm ET. Ask the experts at Community Office Hours! An ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics. What can I ask in this AMA? What are the top three indicators you recommend we prioritize when trying to identify which alerts are genuine service-impacting events versus standard "noisy" background telemetry? In ITSI, what is the best practice for balancing static thresholds versus adaptive thresholding to ensure we aren't missing anomalies while keeping noise levels manageable? What are the most effective strategies for configuring Notable Event Aggregation Policies to group related alerts without losing the critical context needed for troubleshooting? How can we better leverage ITSI to map alerts to the correct teams, especially when a single issue spans multiple domains like application, infrastructure, and network? What are your recommendations for integrating ITSI notable events with downstream tools (like PagerDuty or ServiceNow) to ensure that only truly actionable alerts trigger an on-call page? How can we use the data captured in ITSI after an incident to refine our correlation searches and prevent similar "alert storms" from recurring in the future? Please submit your questions at registration or as comments below. You can also head to the #office-hours Community Slack channel to ask questions (log-in with SSO here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Labels
(3)
Labels
Labels:
2026
Observability
Upcoming Office Hours
0 attending
0
0
