Operations | Monitoring | ITSM | DevOps | Cloud

Latest Posts

Supercharged SOAR: Meet Splunk Phantom 4.9

The number of cyberattacks launched on organizations continues to rise every year. More attacks means more security alerts that security analysts have to triage each day. Many security teams have turned to a security orchestration, automation and response (SOAR) tool to help them automate the ever-increasing volume of security alerts, and respond to threats faster and more comprehensively.

SAI Something Linux: Monitoring Linux with Splunk App for Infrastructure

Metrics and logs go together like cookies and milk. Metrics tell you when you have a problem, and logs/events often tell you why that problem happened. But it’s always been harder than it needed to be to get both types of data onto a single screen, especially when the sysadmins using the tools aren’t necessarily daily experts in managing those monitoring platforms.

Bringing Data to Command & Control

It’s a metaphor that would have been impossible to decode even a decade ago: a Command and Control environment where essential data flows as quickly and intuitively as a map on Uber or Lyft. It’s a way of imagining efficient access to up-to-the-minute mission-relevant information, so that any sensor can make useful intelligence available to any device or effect, on a single screen, in time to make a difference.

React, Adapt, Evolve: Using Data to Navigate the 3 Phases of a Crisis

When the coronavirus pandemic hit Asia-Pacific back in January, no one knew what to expect. As the first region to grapple with the questions and uncertainties that the virus presented, leaders had to process the new reality and spring into action at record speed. While navigating the shifting landscape has been a unique journey for all organizations, a few things have proven to be consistent.

Data Culture: The Future of the Intelligent Organisation Starts Here

In today’s digital world, every transaction is logged to give businesses endless amounts of functional data, and there is near-universal agreement that data insights will be integral to the success of businesses in the future. There is undoubtedly a need for a more data literate workforce.

Data Will Keep Our Workplaces Healthier and More Productive - But There Must Be Trust and Transparency

In a post-pandemic world, we must use data in new ways. This in turn will require new discussions about, and practices creating, trust and transparency. The necessity of data and its benefits will be weighed against legitimate concerns of misuse of data.

Approaching Azure Kubernetes Security

The Splunk Security Research Team has been working on Kubernetes security analytic stories mainly focused on AWS and GCP cloud platforms. The turn has come now for some Azure Kubernetes security monitoring analytic stories. As outlined in my "Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk" blog post, when looking at Kubernetes security, there are certain items within a cluster that must be monitored.

The Splunk App for Infrastructure: Getting Started with Metrics & Logs Together for Easy Infrastructure Monitoring

If I asked you to describe Splunk, you’d likely reply with something about it being really good (the best!) at gathering and searching logs. You’re right! But while that’s true, you may not know Splunk is also tops at gathering and analyzing metrics. Putting the two together is very powerful; logs (events, more generically) and metrics go together like cookies and milk!

Trial by Fire: Making the Mobile Workforce Work

More people than ever are working remotely, and about one-third say the coronavirus pandemic was their first chance to do so. As companies return to a new normal, they are considering how to manage workers who are not in the office, and mobile workers add a unique challenge. The term “remote worker” includes work-from-home employees and mobile workers. Most employees who work remotely do both.