It’s 2020, which means it’s time to look back at 2019 and reminisce about the good times – fun with family and friends, good food, travel, and memories to last a lifetime. Who am I kidding? Everyone remembers the bad stuff. The increasing impacts of climate change; relentless fires in the Amazon, California, and Australia; political and social unrest around the globe; and the last season of Game of Thrones. Jon Snow... you still know nothing.

With 2020 now well underway and the end of our financial year just around the corner, it’s a great moment to review some of the successes we have had in the EMEA Partner team over the past year. One particular highlight for us came in December when Orange Business Services, the digital transformation arm of Orange, named Splunk as its Digital & Data Partner of the Year at its annual awards in Paris.

Hey Everyone, We recently did a webinar with Christian Heger, technical head of the DATEV SOC, as well as Sebastian Schmerl, head of cyber defense of Computacenter. They shared their 6-month path of modernizing their security operations with help of Splunk technology and the MITRE ATT&CK framework. As we weren’t able to address all of the questions during the webinar, we discussed these afterwards and share them in this blog post as a Q&A follow-up.

Does one or more of the following personas describe you? If you fit one of those personas, you are in luck because I’m happy to tell you about some new Splunk integrations with Visual Studio Code in this blog.

AWS VPC Flow Logs record details about the traffic passing through your application, including requests that were allowed or denied according to your ACL (access control list) rules. It also has information about the IP addresses, and ports for each request, the number of packets, bytes sent, and timestamps for each request. This information brings deep visibility and the ability to improve your security posture over time.

Despite the hype around predictive maintenance, basic data collection and analysis are still high priorities for manufacturing companies and key criteria for the success of Industrial Internet of Things (IIoT) projects. It is crucial that people who are most familiar with industrial assets, like process or control engineers, have direct access to industrial data. That way inadequate situations such as breakdowns can be resolved quickly.

As I have mentioned in previous blogs use of AI can be challenging, but it can also deliver a lot of positive outcomes. Many of our customers believe that they have a skills and understanding gap when it comes to AI, which is why we are delighted to have been working with the World Economic Forum (WEF) to draft guidance on how these types of techniques can be used and assessed.

In Part 1 we’ve described what container monitoring is and why you need it. Because each container typically runs a single process, has its own environment, utilizes virtual networks, or has various methods of managing storage. Traditional monitoring solutions take metrics from each server and the applications they run. These servers and applications running on them are typically very static, with very long uptimes.

Even though containers have been around for ages, it wasn’t until Docker showed up that containers really became widely adopted. Docker has made it easier, faster, and cheaper to deploy containerized applications. However, organizations that adopt container orchestration tools for application deployment face new maintenance challenges.

Hey, there. This is part five of the Elastic SIEM for home and small business blog series. If you haven’t read the first, second, and third blogs, you may want to before going any further. In the Getting started blog, we created our Elasticsearch Service deployment and started collecting data from one of our computers using Winlogbeat. In the Securing cluster access blog, we secured access to our cluster by restricting privileges for users and Beats.