Sizing is difficult. Any miscalculations could prove time-consuming and expensive. As the volume of generated data inevitably grows, Enterprise Security deployments potentially face additional infrastructure costs to meet the increased demand. Before you bust out the checkbook, let’s determine if you have sufficient visibility into your ES deployment and ensure you are using all available resources. In this Tech Talk we will present seven tips—indexing scoping, scheduling skew, data model acceleration parallelization, verifying TAs, key performance indicators in the Monitoring Console, assets and identities optimization, and capacity planning—to boost search times and ES infrastructure scalability. No hardware left behind!
Tune in to learn how:
To optimize CPU and Memory usage to achieve considerable costs savings
The built-in monitoring console and Enterprise Security auditing page can provide better visibility into how your SIEM is performing
To empower your team with bottleneck root cause analysis and performance tuning skills to scale your ES operations
Tech Talk discussions will be open for two weeks after the live Talk. To continue the conversation, follow the Splunk Answers tag of Splunk Enterprise Security.