I hope I’m not alone in starting 2021 with some sense of optimism. While several hard months remain ahead of us, I am hopeful and also expecting that some sense of normality will return by the summer months. Either way, this gives us an opportunity to reflect on the challenges we have faced. 2020 was testing. We learnt a lot about ourselves and our businesses in the most challenging of circumstances.

In early October 2020, the Department of Defense released its long-anticipated and much needed Data Strategy. This strategy is the latest installment under the Department’s Digital Modernization Strategy, which was released in July 2019, and focused on the key strategic pillars of enterprise cloud adoption, artificial intelligence, command, control, communications, cybersecurity, and IT reform.

Fraud rates for Unemployment Insurance Benefits (UIB) and Pandemic Unemployment Assistance (PUA) are out of control. In May 2020, Brian Krebs of Krebsonsecurity published two articles detailing fraud that was occurring in several different state’s UIB portals. These states had been warned by the US Secret Service to be on the lookout for this. Reading the articles, the common theme is that many states are missing rudimentary controls for combating fraud.

In our last blog, "What's New in Splunk Cloud: Part 1," we reviewed a host of new Splunk Cloud features that we have delivered through our accelerated releases since the beginning of 2020. A large part of this effort focused on empowering Splunk Cloud admins and making their experience as self-service as possible. In this blog, we will examine our latest effort to continue this empowerment: Splunk Cloud’s Admin Configuration Service (ACS).

From store shutdown to temporary closure and limited occupancy for non-essential retail businesses, 2020 was filled with many disappointments. America’s stores were in rough shape even before the pandemic, but COVID-19 has significantly compounded the challenging retail landscape, leaving behind businesses that could not adapt to the abrupt change in the operating environment.

The Splunk Security Team is excited to share some of the new and enhanced capabilities of Splunk Phantom, Splunk’s security orchestration, automation and response (SOAR) technology. Phantom’s latest update (v4.10) makes automation implementation, operation and scaling easier than ever for your security team.

Modern IT & DevOps teams face increasingly complex environments — making it harder to quickly detect and resolve critical issues in real-time. To overcome this challenge, Splunk users can take advantage of ML-powered IT monitoring and DevOps solutions available in a scalable platform with state-of-the-art data analytics and AI/ML capabilities. In this blog, we deploy Splunk’s built-in Streaming ML algorithms to detect anomalous patterns in error logs in real-time.

If you’re new to the Splunk Dashboards app (beta) on Splunkbase and you’re trying to get started with building beautiful dashboards, this blog series is a great place to start. The Splunk Dashboards app (beta) brings a new dashboard framework, intended to combine the best of Simple XML and Glass Tables, and provides a friendlier experience for creating and editing dashboards.

In Part 1 and Part 2 of this series, we explored the design philosophy behind Splunk Connect for Syslog (SC4S), the goals of the design, and the new HEC-based transport architecture, as well as the rudiments of high-level configuration. We'll now turn our attention to the specifics of SC4S configuration, including a review of the local (mounted) file system layout and the areas in which you'll be working.

Previous installments of this series have given you the overview and configuration details you need to ingest any source that is supported by Splunk Connect for Syslog and configure customizations and overrides that match your enterprise. This leaves one key capability of SC4S that we have not yet covered, and that is extending the platform itself. In this installment, we'll walk through the configuration of an entirely new data source – one that SC4S does address out of the box.