Home
Join the Community
Getting Started
Welcome Center
Join Slack
Be a Splunk Champion
SplunkTrust
Super User Program
Badges
Tell us what you think
Splunk Love
Community Feedback
Learn Splunk
Learning Paths
Training & Certification
Training + Certification Discussions
Training & Certification Blog
AppDynamics Knowledge Base
Share a Tip
Find Answers
Splunk Administration
Getting Data In
Deployment Architecture
Monitoring Splunk
Using Splunk
Splunk Search
Dashboards & Visualizations
Splunk Platform
Splunk Enterprise
Splunk Cloud Platform
Splunk AppDynamics
Apps & Add-ons
Splunk Development
All Apps and Add-ons
Premium Solutions
Splunk Enterprise Security
Splunk Observability Cloud
Splunk ITSI
Splunk SOAR
News & Events
Blog & Announcements
Community Blog
Product News & Announcements
Events and Contests
Tech Talks: Technical Deep Dives
Office Hours: Ask the Experts
User Groups
Resources
.conf25
SplunkBase
Developers
Documentation
Splunk Ideas
Splunk Events
Sign In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Show
only
|
Search instead for
Did you mean:
Community Office Hours
Community Office Hours
×
Join the Conversation
Without signing in, you're just watching from the sidelines.
Sign in or Register
to connect, share, and be part of the Splunk Community.
All community
This category
Events
Knowledge base
Users
Products
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Show
only
|
Search instead for
Did you mean:
Ask a Question
News & Events
:
Events and Contests
:
Office Hours: Ask the Experts
:
Community Office Hours
Options
Subscribe
Add Events to Calendar
Mark all as New
Mark all as Read
Community Office Hours
Showing events with label
Security
.
Show all events
Security: Data Management in Security
Wednesday, July 16, 2025
[Register Here] This thread is for the Community Office Hours session on Data Management in Security on Wed, July 16, 2025 at 1pm PT / 4pm ET. Ask the experts at Community Office Hours! An ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics. What can I ask in this AMA? What are the best practices for managing and optimizing security data ingestion in Splunk? How can I improve the efficiency of my security data pipelines? How do I properly map security logs to the Common Information Model (CIM)? How to ensure accuracy and consistency with large volumes of data across multiple security log sources? How should I structure my security data for faster investigations and threat hunting? What role does AI/ML play in managing and analyzing security data in Splunk? Anything else you’d like to learn! Please submit your questions at registration. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Labels
(2)
Labels
Labels:
Past Office Hours
Security
0 attendees
0
0
Security: Enterprise Security
Wednesday, August 20, 2025
[Register here] This thread is for the Community Office Hours session on Security: Enterprise Security on Wed, Aug 20, 2025 at 1pm PT / 4pm ET. Ask the experts at Community Office Hours! An ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics. What can I ask in this AMA? What are the latest updates in Splunk Enterprise Security? How can I implement Risk-based alerting (RBA)? How can I utilize Threat Intelligence Management and Cisco Talos for better context? How do I access the latest out-of-the box detections? Which Splunkbase apps and add-ons are recommended for Splunk Enterprise Security use cases? Anything else you’d like to learn! Please submit your questions at registration. You can also head to the #office-hours user Slack channel to ask questions (request access here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Labels
(2)
Labels
Labels:
Past Office Hours
Security
0 attendees
0
0
Splunk Enterprise Security - the AI Powered SecOps Platform
Tuesday, November 18, 2025
[Register Here] This thread is for the Community Office Hours session on Splunk Enterprise Security - the AI Powered SecOps Platform on Tuesday, Nov 18, 2025 at 11 am PT / 2 pm ET. Ask the experts at Community Office Hours! An ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics. What can I ask in this AMA? What is different in the latest Splunk Enterprise Security, the AI powered SecOps Platform? Why upgrade to Enterprise Security 8 and why now? What are upgrade considerations and prep work? What do I need to know as a SOC Analyst, Detection Engineer, or SOAR engineer before and after my upgrade to Enterprise Security 8? What is the difference between Enterprise Security Essentials and Enterprise Security Premier? Anything else you'd like to learn! Please submit your questions at registration. You can also head to the #office-hours user Slack channel to ask questions (sign in with SSO here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Labels
(2)
Labels
Labels:
Past Office Hours
Security
0 attendees
0
1
Security: Splunk SOAR
Wednesday, December 10, 2025
[Register Here] This thread is for the Community Office Hours session on Security: Splunk SOAR on Wednesday, Dec 10, 2025 at 11 am PT / 2 pm ET. Ask the experts at Community Office Hours! An ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics. What can I ask in this AMA? What’s new in the latest Splunk SOAR? Should I upgrade to this version, and what’s the easiest way to make the upgrade happen? How does the Splunk Attack Analyzer integration work? And how can playbooks be implemented to automate response processes for the malware and phishing attack? What are the practical ways to modernize legacy SOC workflows with Splunk Enterprise Security and build the TDIR workflow. How to use Wayfinder? How to measure the value of my SOAR investment? Real-world examples of how SOAR enhancements improved efficiency, security, and ROI? Anything else you’d like to learn! Please submit your questions at registration. You can also head to the #office-hours user Slack channel to ask questions (sign in with SSO here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Labels
(2)
Labels
Labels:
Past Office Hours
Security
0 attendees
0
1
Security: Splunk Threat Research Team - Security Content AMA
Wednesday, January 21, 2026
[Register Here] This thread is for the Community Office Hours session on Security: Splunk Threat Research Team - Security Content AMA on Wednesday, Jan 21, 2026 at 11 am PT / 2 pm ET. Ask the experts at Community Office Hours! An ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics. What can I ask in this AMA? What are the latest security content updates from the Splunk Threat Research Team? What are the best practices for implementing the Splunk Technology Add-on for Ollama? What tips and tricks can help leverage Splunk Attack Range, Contentctl, and other resources developed by the Splunk Threat Research Team? What new analytic stories and detections can surface AI-enabled workflows to help you detect and respond to emerging threats across critical enterprise platforms? How do the detections work across the integration between Cisco Talos and Splunk? Any specific questions you have when you leverage the out-of-box-detections? Any other questions about the team’s content and resources! Please submit your questions at registration. You can also head to the #office-hours user Slack channel to ask questions (sign in with SSO here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Labels
(2)
Labels
Labels:
Security
Upcoming Office Hours
0 attendees
0
0
Security: Insider Threats
Wednesday, February 18, 2026
[Registration Coming Soon ] This thread is for the Community Office Hours session on Security: Insider Threats on Wednesday, Feb 18, 2026 at 11 am PT / 2 pm ET. Ask the experts at Community Office Hours! An ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics. What can I ask in this AMA? What are the most common insider threats today, and what are the typical indicators associated with them? What are the key considerations when detecting and analyzing insider threats? What are the best practices for detecting and investigating insider threats using Splunk? How can I maximize the use of threat intelligence and contextual insights when investigating insider threats? How can I best leverage data from Splunk to understand insider threat trends? How can machine learning and AI be used to scale your analytics? Can you provide insights on how User and Entity Behavior Analytics (UEBA) helps detect insider threats? How does the risk scoring work? Any other questions about the team’s content and resources! Please submit your questions at registration. You can also head to the #office-hours user Slack channel to ask questions (sign in with SSO here). Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants. Look forward to connecting!
Labels
(2)
Labels
Labels:
Security
Upcoming Office Hours
0 attending
0
0
