Is it week 6 or 8 of telework now? I can't keep up, and it's probably not worth counting anymore. By now, all agencies have a majority of their employees working remotely and adjusting to the new normal; and we, at Splunk, are as well. In a way — like our CIO, Steve McMahon, puts it — we did have an early start.
Many people are working from home (WFH) now and will be for at least the next few weeks. The VPN and TLS connections that remote workers rely on allow for secure access, and although these are not new connection types to monitor, the current WFH situation has created a significant increase in the number of these connections you must monitor. This new WFH scenario has made one thing easier: mobile users are no longer mobile.
As the responsibilities of the Security Operation Center (SOC) continue to increase, SOC teams are experiencing increased demand on their time and resources. Scaling a security team with little resources and funds can prove extremely difficult, especially when the incident response team spends most of their time chasing alerts.
Splunk is a tech company, which regularly gives us exposure to modern development practices, and the ability to implement them with our own technology. We want to share that with you. In this post, as part of a dogfooding series, I sat down with Ram Jothikumar, Head of Cloud Infrastructure & Operations for Observability at Splunk. Ram and I talk about how we support our SignalFx offering at scale, efficiently with resilience and reliability baked in.
It’s only taken me two years, but I’ve finally answered a question that I was asked by Derek King – “Can we use ML to detect botnets?” Thanks Derek, that was a pretty heavy question to be asked in your first week at Splunk, especially when you have no Splunk experience… You can judge the results here using the Botnet App for Splunk.
Recently, my colleagues Ryan Kovar and Lily Lee created TA-covidIOCs, which is a Splunk TA designed for ingesting IOCs related to COVID-19. Per usual, I immediately saw this as an opportunity to hitch a ride on their coattails and benefit from their hard work. The product of this effort is a Splunk Phantom playbook uncreativly titled, "COVID-19 Indicator Check." The playbook is a simple, self-contained set of actions that takes MD5 file hashes, IPs, domains, and URLs as input.
Analyze both metric and event data on the same platform regardless of source or structure. With Splunk metric indexes, you can quickly and easily ingest, store, and analyze metrics — whether in the Analytics Workspace or with SPL — so you can deliver positive business results. Get the most value out of your data with Splunk.
We are excited to announce that Splunk has partnered with AWS in launching a new AWS Service Ready program – Lambda Ready. This designation recognizes that Splunk provides proven solutions for customers to build, manage and run serverless applications. AWS Lambda Ready designation establishes Splunk as an AWS Partner Network (APN) member that provides validated integrations and proven customer success with a specific focus on observability and monitoring of Lambda Functions.
For many of us, the sudden en-masse work-from home revolution has been an unexpected challenge. Our normal work patterns have been upended, and we’ve traded our perfectly tailored ergonomic office setups for kitchen tables and sofas. Our routines and patterns have been thrown out the window. We may start feeling distant, isolated, and disconnected.
Google Cloud recently expanded the list of GSuite audit logs that you can share with your Cloud Audit Logs, part of your organization’s Google Cloud’s account. This is awesome news and allows administrators to audit and visualize their GSuite Admin and Login activity in Splunk real-time via the same method used to stream Google Cloud logs and events into Splunk, using the Google-provided Pub/Sub to Splunk Dataflow template.
