Register and ask questions here. This thread is for the Community Office Hours session on Getting Data In (GDI) to Splunk Platform on Wed, March 15, 2023 at 1pm PT / 4pm ET. Join our bi-weekly Office Hour series where technical Splunk experts answer questions and provide how-to guidance on a different topic every month! This is your opportunity to ask questions related to your specific GDI challenge or use case, like how to onboard common data sources (AWS, Azure, Windows, *nix, etc.), using forwarders, apps to get data in, Data Manager (Splunk Cloud Platform), ingest actions, archiving your data, and anything else you’d like to learn! There are two 30-minute sessions in this series. You can choose to attend one or both (each session will cover a different set of questions): Wednesday, March 15th – 1:00 pm PT / 4:00 pm ET Wednesday, March 29th – 1:00 pm PT / 4:00 pm ET Please submit your questions below as comments in advance. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions with upvotes will be prioritized. After that, we will go in order of the questions posted below, then will open the floor up to live Q&A with meeting participants. If there’s a quick answer available, we’ll post as a direct reply. Look forward to connecting!
Register here and ask questions below this thread for the Community Office Hours session on Getting Data In (GDI) to Splunk Platform on Wed, March 29, 2023 at 1pm PT / 4pm ET. This is your opportunity to ask technical Splunk experts questions related to your specific GDI challenge or use case, like how to onboard common data sources (AWS, Azure, Windows, *nix, etc.), using forwarders, apps to get data in, Data Manager (Splunk Cloud Platform), ingest actions, archiving your data, and anything else you’d like to learn! There are two 30-minute sessions in this series. You can choose to attend one or both (each session will cover a different set of questions): Wednesday, March 15th – 1:00 pm PT / 4:00 pm ET Wednesday, March 29th – 1:00 pm PT / 4:00 pm ET Please submit your questions below as comments in advance. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions (with upvotes) will be prioritized. After that, we will go in order of the questions posted below, then will open the floor up to live Q&A with meeting participants. If there’s a quick answer available, we’ll post as a direct reply. Look forward to connecting!
[1pm PT / 4pm ET] - Register here and ask questions below. This thread is for the Community Office Hours session on Getting Data In (GDI) to Splunk Platform on Wed, August 9, 2023 at 1pm PT / 4pm ET. Join our bi-weekly Office Hour series where technical Splunk experts answer questions and provide how-to guidance on a different topic every month! This is your opportunity to ask questions related to your specific GDI challenge or use case, including: How to onboard common data sources (AWS, Azure, Windows, *nix, etc.) Using forwarders Apps to get data in Data Manager (Splunk Cloud Platform) Ingest actions, archiving your data, and anything else you’d like to learn! Please submit your questions below as comments in advance. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will go in order of the questions posted below, then will open the floor up to live Q&A with meeting participants. If there’s a quick answer available, we’ll post as a direct reply. Look forward to connecting!
[EMEA-friendly: 8am PT / 4pm UK time] - Register here and ask questions below. This thread is for the Community Office Hours session on Getting Data In (GDI) to Splunk Platform on Wed, September 6, 2023 at 8am PT / 11am ET / 4pm UK time This is your opportunity to ask questions related to your specific GDI challenge or use case, including: How to onboard common data sources (AWS, Azure, Windows, *nix, etc.) Using forwarders Apps to get data in Data Manager (Splunk Cloud Platform) Ingest actions, archiving your data, and anything else you’d like to learn! Please submit your questions at registration or as comments below. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will go in order of the questions posted below, then will open the floor up to live Q&A with meeting participants. If there’s a quick answer available, we’ll post as a direct reply. Look forward to connecting!
Register here. This thread is for the Community Office Hours session on Splunk Enterprise Security (ES) on Wed, October 25, 2023 at 1pm PT / 4pm ET. This is your opportunity to ask questions related to your specific Enterprise Security (ES) challenge or use case, including: What’s new in Enterprise Security 7.2 Enterprise Security Content Update (ESCU) app and the latest security content Implementing use cases like RBA, incident management, threat hunting, etc. Implementing threat detections (including 6 new ML-powered detections) Enhancing notable events (e.g., using threat intelligence feeds) Adding adaptive response actions Recommended Splunkbase apps and add-ons for ES use cases Anything else you’d like to learn! Please submit your questions at registration or as comments below. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will go in order of the questions posted below, then will open the floor up to live Q&A with meeting participants. If there’s a quick answer available, we’ll post as a direct reply. Look forward to connecting!
Register here. This thread is for the Community Office Hours session on Security: SOAR on Wed, Nov 29, 2023 at 1pm PT / 4pm ET. This is your opportunity to ask questions related to your specific Splunk Security orchestration, automation, and response (SOAR) challenge or use case. Including: What's new in SOAR 6.2 (Logic Loops, CyberArk integration, etc.) Attack Analyzer Developing Playbooks, Workbooks and process workflows Integrating security, IT operations and threat intelligence tools Automatic incident response Automating threat hunting, penetration testing, etc. Applying configuration changes, app installation, and maintenance Success measurement Anything else you'd like to learn! Please submit your questions at registration or as comments below. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
[EMEA-friendly: 10am ET / 3pm GMT] - Register here and ask questions below. This thread is for the special 1-hour Community Office Hours session on Getting Data In (GDI) to Splunk Platform on Wed, December 6, 2023 at 7am PT / 10am ET / 3pm GMT This is your opportunity to ask questions related to your specific GDI challenge or use case, including: How to onboard common data sources (AWS, Azure, Windows, *nix, etc.) Using forwarders Apps to get data in How to filter, mask, enrich, and route your data Data Manager (Splunk Cloud Platform) Edge Processor, ingest actions, archiving your data, and anything else you’d like to learn! Please submit your questions at registration or as comments below. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Register here. This thread is for the Community Office Hours session on Splunk Search on Wed, Dec 13, 2023 at 1pm PT / 4pm ET. This special 1-hour session is your opportunity to ask questions related to your specific Splunk Search challenge, use case, best practices, or any new features/capabilities in search. Including: Tips & tricks for faster searches, scheduled searches, etc. Best practices for optimizing search performance Using SPL commands Federated search (e.g., for Amazon S3) Creating alerts, visualizations, and dashboards from searches How to translate your questions into SPL Anything else you’d like to learn! Please submit your questions at registration or as comments below. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
[1pm PT / 4pm ET] - Register here. This thread is for the Community Office Hours session on Getting Data In (GDI) to Splunk Cloud Platform and Edge Processor (Workshop Special) on Wed, Jan 17, 2024 at 1pm PT / 4pm ET. We will start this Office Hours session with a special workshop demo on Edge Processor. Then, we will address any pre-submitted (or live) questions related to getting data into Splunk Cloud Platform or using Splunk Edge Processor. Including: How to configure and deploy Edge Processor Building SPL2 pipelines in Edge Processor Use cases that Edge Processor can help with (reducing firewall logs, enriching events, making PII data, routing to S3 for low-cost storage, etc.) Getting syslog data in or getting data in via HEC How to filter, mask, enrich, and route your data Anything else you’d like to learn! Please submit your questions at registration or as comments below. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Register here. This thread for the Office Hours session on Dashboards & Dashboard Studio on Wed, Feb 14, 2024 at 1pm PT / 4pm ET. This is your opportunity to ask questions related to your specific Dashboard challenge or use case, including: Getting started with Dashboard Studio Basic dashboard designs (charts, buttons, etc.) How to use searches Advanced interactivity features (drilldowns, maps, dynamic coloring, etc.) Customization (background images, custom layout, colors, etc.) How to migrate your dashboards from Classic to Dashboard Studio Anything else you'd like to learn! Please submit your questions at registration or as comments below. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Register here. This thread for the Office Hours session on Dashboards & Dashboard Studio on Wed, Feb 28, 2024 at 1pm PT / 4pm ET. This is your opportunity to ask questions related to your specific Dashboard challenge or use case, including: Getting started with Dashboard Studio Basic dashboard designs (charts, buttons, etc.) How to use searches Advanced interactivity features (drilldowns, maps, dynamic coloring, etc.) Customization (background images, custom layout, colors, etc.) How to migrate your dashboards from Classic to Dashboard Studio Anything else you'd like to learn! Please submit your questions at registration or as comments below. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!