Operations | Monitoring | ITSM | DevOps | Cloud

November 2020

Causal Inference: Determining Influence in Messy Data

When analysing data one of the biggest questions you may often face is: what is causing this situation? In this blog, we’re going to look at how causal inference can be used to understand in more detail what the biggest influencing factors are across a dataset. Traditionally in Splunk, we talk about correlation; does metric x go up or down in accordance with metric y or is there a relationship between x and y?

Introducing Inputs Data Manager on Splunk Cloud

Splunk Cloud’s ecosystem of apps and technical add-ons boasts a comprehensive set of input sources that enrich customer data insights. Many of these inputs reside in Cloud contexts, such as AWS, Salesforce, Azure, GCP, and many others. The Inputs Data Manager was introduced to aid the ingestion of these cloud data sources. As a result, in many cases, customers no longer need to host their own infrastructure to run scripted and modular inputs.

How to Define Your Security Posture, and Why it Matters

Not only do cybersecurity organizations need to deliver the level of security required to protect corporate assets, they also need to align with the strategic goals and objectives of the business. By defining, establishing and managing your organization's cybersecurity posture, you can deliver the results needed for the business to be successful.

Splunk AR: Taking Remote Collaboration To The Future is Already Here

The Splunk Augmented Reality (AR) team had an amazing experience developing all the new features we launched at .conf20. If you haven’t seen it, we highly encourage you to watch the AR .conf session and see the new features in action. After, you’ll probably share it with your colleagues because of how cool it was! :) Today we want to highlight Remote Collaboration in Splunk AR — we’ve taken “collaboration” to the next level.

7 High-Risk Events to Monitor Under GDPR: Lessons Learned from the ICO's BA Penalty Notice

Hello Security Ninjas, Today's IT world is complex and can be challenging for security operations teams. Nowadays, more apps are being integrated and interconnected than ever before. Cloud services and SaaS solutions purchased all throughout the organization outside of the IT department add even more complexity. Communicating to application and service owners the kind of activities that need to be logged and sent to the SOC can be a daunting task.

Better Detections and Cloud Coverage with Splunk Enterprise Security 6.4

Security teams are in a difficult position: they continue wrestling with persistent problems, such as overwhelming alert volumes and staff shortages, while confronting new ones driven by the abrupt shift to remote work. For instance, attaining real-time, deep visibility into cloud environments may have been on SOC roadmaps before 2020, but the capability is now a pressing need.

Splunk Named Launch Partner of AWS Network Firewall

Today, AWS has announced AWS Network Firewall: a new managed service that makes it easy to deploy essential network protections for Amazon Virtual Private Clouds (VPCs). As a launch partner, Splunk has worked closely with AWS to provide customers an integration to AWS Network Firewall. In today’s blog, co-authored by my esteemed colleague Anush Jayaraman, we’ll first detail the data flow architecture and your options to ingest the AWS Network Firewall data.

Why Cybersecurity Depends on the CDM Integration Layer

When you take a close look at the Continuous Diagnostics and Mitigation (CDM) function at the heart of a successful cybersecurity program, you quickly realize that it all depends on integration. It isn’t that the individual components of the program aren’t absolutely essential. But with cyber-attacks gaining in number and sophistication, the true power of CDM is in the ability to overlay multiple datasets to create a single lens for tracking, assessing, and responding to threats.

6 Myths of DevOps

Have you ever heard someone say "no one has the same definition of DevOps." While the definitions of DevOps principles and DevOps practices are pretty clear, there is a lot of myths and subjectivity in how the principles play out in the real world. In this episode of Dissecting DevOps, Dave and Chris debunk six common DevOps Myths. Dave McAllister and Chris Riley are DevOps Advocates at Splunk. Follow them on Twitter at @dwmcallister​ and @hoardinginfo.

Get The Most Out of Splunk Infrastructure Monitoring and Splunk ITSI

SignalFx was founded in 2013 to enable customers to gather and monitor key information for both their application code and infrastructure. The efficient metrics storage technology enables both high cardinality of metrics as well as the no-sample method of gathering every APM trace. This combination of efficiency and standardization is exposed through the SignalFlow language to allow access and manipulation of the vast amount of metric data.

Monitor AWS Outposts with Splunk Infrastructure Monitoring

AWS Outposts is a fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience. The rapid adoption of hybrid IT has driven the need for a more consistent and standardized availability of cloud resources and operations so IT teams can rapidly deliver services deployed either on the public cloud or on-premises.

Splunk with the Power of Deep Learning Analytics and GPU Acceleration

Splunk is a machine data platform with advanced analytic capabilities that allows anyone to get valuable insights from their data. With unlimited use cases, you can leverage SPL to run any analytics you want. SPL has been supporting native machine learning capabilities for some time now. All you have to do is install the Splunk Machine Learning Toolkit (MLTK) and you are good to start predicting !

Denmark's Largest Utility Company Accelerates Incident Response

As Denmark’s largest power, utility and telecommunications company servicing 1.5 million customers, Norlys understands the need for fast response to security alerts. When the company first started, the Norlys security team built their own log analytics and incident response capabilities from the ground up. This homegrown approach presented challenges, including manual workflows, too many repetitive tasks and difficult-to-maintain processes.

Performing Your Best in the Virtual Age!

Application performance monitoring is vital for keeping software and gaming companies at a level above with providing effective data and cloud usage for applications, software, and platforms for their employees and customers. The rise of remote working has coincided with a boom in streaming, gaming, and other virtual activities. This has led to increased usability, and performance management challenges for gaming and software organizations.

Splunk Data Stream Processor & Splunk Phantom - The Need For Speed

What is the benefit of combining the power of Data Stream Processor (DSP) and Splunk Phantom? I will give you a hint - the answer involves speed and extensibility. In today's security landscape, speed to detect and mitigate security attacks or outages is of the utmost importance. A slow response to a security incident can have a detrimental impact to your organization's bottom line.

Get Your Role On with the Splunk Platform

First of all, thanks to everyone for the great response we received on the revival of this blog series. It validates what we believed all along — our customers take a great interest in the security of our products, and you enjoy learning more about our security features. So we are on that vibe, and we’re going to continue the updates because we have a lot to talk about.

Detecting Data Exfiltration Via the Use of SNICat

I used to have a cat who loved ice cream. I think I may have given her some as a kitten, and from then on, anytime that she saw someone eating ice cream she would do her best to try and steal some from them. And even if she didn’t really seem to enjoy a particular flavor, she still seemed driven to try and steal that person’s ice cream. Like my cat stealing ice cream, bad guys are constantly trying to target organizations and their data for nefarious purposes.

SAP and Splunk: A Winning Combination

You’re running Splunk — you know how valuable end-to-end visibility saves you both time and money. But...what if you’re running an SAP solution? You’re likely using SAP's Solution Manager to keep an eye on its software, but if Solution Manager sees that HANA is not working, it really can’t tell you why, if the issue is beneath SAP. Splunk and SAP recognized that, and have a shared goal of helping our customers realize the full potential of their data.

Mind the Permission Gap

A few weeks ago, researching another topic, I posed a question - Which domain within the security ecosystem has struggled to move the needle over the past few years? After trawling through a multitude of annual breach analysts reports (Verizon Breach Report, M-Trends, et al., I concluded that “identities accessing cloud infrastructure” was an irritatingly tough nut to crack.

Click, Fulfill, Wrap, Repeat: Getting Retailers Ready for the 2020 Holiday Season

On Dasher, on Dancer, on Prancer to online. Even Santa’s reindeer don’t know what to expect in the coming months as we brace for a very different retail holiday season. The global pandemic continues to influence shopper behaviors as retailers acknowledge that a playbook doesn’t exist for what’s to come.

Turning Data into Proactive Security

With cloud computing growing at a phenomenal rate across the world, shifts in consumer behavior towards digital services are resulting in evolutionary changes for the banking, financial services and insurance industry. Cloud-based banking, for example, is regarded as a catalyst for business transformation and a turning point in financial services. Cyber safety, however, has become a key concern holding back cloud adoption in many organizations.