Recently, my colleagues Ryan Kovar and Lily Lee created TA-covidIOCs, which is a Splunk TA designed for ingesting IOCs related to COVID-19. Per usual, I immediately saw this as an opportunity to hitch a ride on their coattails and benefit from their hard work. The product of this effort is a Splunk Phantom playbook uncreativly titled, "COVID-19 Indicator Check." The playbook is a simple, self-contained set of actions that takes MD5 file hashes, IPs, domains, and URLs as input.

Analyze both metric and event data on the same platform regardless of source or structure. With Splunk metric indexes, you can quickly and easily ingest, store, and analyze metrics — whether in the Analytics Workspace or with SPL — so you can deliver positive business results. Get the most value out of your data with Splunk.

We are excited to announce that Splunk has partnered with AWS in launching a new AWS Service Ready program – Lambda Ready. This designation recognizes that Splunk provides proven solutions for customers to build, manage and run serverless applications. AWS Lambda Ready designation establishes Splunk as an AWS Partner Network (APN) member that provides validated integrations and proven customer success with a specific focus on observability and monitoring of Lambda Functions.

For many of us, the sudden en-masse work-from home revolution has been an unexpected challenge. Our normal work patterns have been upended, and we’ve traded our perfectly tailored ergonomic office setups for kitchen tables and sofas. Our routines and patterns have been thrown out the window. We may start feeling distant, isolated, and disconnected.

Google Cloud recently expanded the list of GSuite audit logs that you can share with your Cloud Audit Logs, part of your organization’s Google Cloud’s account. This is awesome news and allows administrators to audit and visualize their GSuite Admin and Login activity in Splunk real-time via the same method used to stream Google Cloud logs and events into Splunk, using the Google-provided Pub/Sub to Splunk Dataflow template.

In most of our blogs, we spend a TON of time going on about protecting our endpoints, looking at sysmon, checking the firewall, correlating IDS data and the like… Today, we're going to shift gears a bit and look at security from a different angle. Recently, there has been a tremendous focus on the shifting paradigm of a workforce that primarily resides in corporate offices, to a highly virtual workforce sitting at their kitchen tables.

If you hadn't heard the term “this is the new normal” yet today, then you haven't been listening. While right now is not normal, current events have us all wondering how the work environment is going to change once we get there. There are a few things that we can expect: Having pipelines and applications that are observable is key to all of this.

The "Q1 2020: Splunk Ideas" blog is officially live! This blog post is the first in a quarterly series that aims to educate and deliver status updates on "Splunk Ideas." In this post, I will cover the history and goals of Splunk Ideas and supply some information about our initial success. Next quarter’s post will focus on the lifecycle of an Idea, with details on our internal process of reviewing, considering, and prioritizing your ideas.