Smart AnSwerS #80

Hey there community and welcome to the 80th installment of Smart AnSwerS.

The Splunk Pledge was announced last month, which is our commitment to research, education, and community service. Through Splunk4Good, a minimum of $100 million will be donated over the course of 10 years in software licenses, training, support, and education to nonprofit organizations and educational institutions. If there are any nonprofits or academic institutions engaging in positive social change that you feel could benefit from a free 10GB Splunk Enterprise license,  standard support, and Splunk eLearning access, please do encourage them to apply!

Check out this week’s featured Splunk Answers posts:

Is there documentation comparing the features of Splunk User Behavior Analytics (Splunk UBA) and

» Continue reading

Can you SPL?

splbee_scoreA couple of weeks ago at .conf2016 we conducted our 2nd annual SPL’ing Bee and it was just as exciting as the year before.  We had over 30 contestants, close to 100 spectators and a whole new set of challenging questions.

Here is a little background on how the SPL’ing Bee works.

During the SPL’ing Bee, contestants compete by using SPL to answer questions of a specific data set.  To do this, contestants download and install the “Add-on for SPLBee App” on Splunkbase.  This app allows each contestant to write a SPL query on a specific data set and submit their results to a master judging instance using a macro and a Splunk custom command called sendjobmeta created by …

» Continue reading

My Journey at Splunk and Chairing the Women in Tech (#SplunkWiT) group

In the four years that I have been at Splunk one thing has been constant – growth. Both for Splunk and for me in my career. Through the years I have personally developed and learned a tremendous amount. I am now the Vice President of the Program Management team for our Product Development organization, leading our product delivery efforts. This year I also took on the chair role of our Splunk Women in Technology committee, a position which brings me great satisfaction. I’m lucky to work with a fantastic committee of leaders at Splunk and with truly engaged executives to support and drive forward our mission: to broaden the diversity of Splunk to reflect the community we operate in.

The …

» Continue reading

#SplunkWiT blogs: Key Relationships to Drive Your Career

Oprah Winfrey – Maya Angelou
Yves St Laurent – Christian Dior
Mark Zuckerberg – Steve Jobs
Henry David Thoreau – Ralph Waldo Emerson
Sheryl Sandberg – Larry Summers

These are just a few examples of some famous mentee – mentor relationships. When you read about the careers of famous leaders and innovators, you often learn about the significant impact a mentor had on the mentee’s career. Modern media even praises the role of mentors with TV shows like The Voice built around this concept.

A well-constructed mentor relationship provides a mentee with valuable career advice to navigate complex environments and tackle specific challenges. In spite of this, recent studies have shown that even though women have the same number of …

» Continue reading

UNLV boosts student achievement and experience with Splunk

UNLV-186On the heels of the best Splunk .conf yet, I was excited to see the news we shared this week with the University of Las Vegas, Nevada (UNLV). The story is very similar to the many we heard at .conf2016, where customers showcased how they started using Splunk for either IT Operations or Security and moved on to solve strategic business and mission critical challenges using the same data. This directly speaks to the versatility and the true nature of Splunk as an enterprise data fabric for educational institutions.

As Cam Johnson, Associate Director of the IT Operations Center there attests, UNLV started using Splunk largely to solve IT problems, bringing disparate logs together to troubleshoot network issues. One …

» Continue reading

Some “Swede” use cases from SplunkLive Stockholm 2016

I have a fondness for Stockholm. I lived there for three months and asked my wife to marry me there (luckily she said yes or this blog post would start a lot less happy). I love going to all the cities in EMEA where we run SplunkLives but Stockholm is always one of my favourites.


At last year’s SplunkLive Stockholm we were lucky enough to have IKEA talking about why they replaced their SIEM with Splunk, Klarna talking about using Splunk in their SOC and Statnett talking about IT Troubleshooting and IT Service Management.

This year we had an equally strong line up of customers with some really “Swede” speakers (sorry), covering a variety of Splunk use cases in a …

» Continue reading

Important information for customers using Splunk Enterprise 6.2 or earlier

Do you use SSL to secure Splunk Enterprise? Are you still using Splunk Enterprise version 6.2 or earlier? If you answered yes to both of these questions, please read on.

Securing communication with your Splunk instance can be essential in today’s digital environment, especially if it is collecting sensitive information. If communication to/from your Splunk instance can be easily intercepted (e.g. public access to SplunkWeb, Forwarders outside firewall) then this communication should be encrypted using SSL. Additionally, security functionality is constantly being enhanced to combat the evolving threat landscape so you should stay on as current a version of Splunk as possible.

You may have heard that the OpenSSL Software Foundation will cease support for OpenSSL version 1.0.1 as …

» Continue reading

Splunk takes a flexible approach to license enforcement with Splunk Enterprise 6.5

I can’t believe that Splunk .conf2016 is already behind us. If you joined us in-person in Orlando or watched the keynote on, you know an important theme for Doug Merritt, Splunk President and CEO, is making it easier to do business with Splunk. In his keynote, Doug announced an important change to Splunk Enterprise – the removal of metered license enforcement.

We know that Splunk plays a mission-critical role for your business. With metered enforcement, unanticipated data growth or bursts of new data during an incident investigation could cause disruption in your Splunk operations. So starting with version 6.5, Splunk Enterprise no longer disables searches when you exceed your licensed data ingestion quota.

table summary viewThis will be standard for any …

» Continue reading

Splunk4Good Helps Fund Computer Science Summer Course at UNLV


The following is a guest blog post by Molly Marks, director of special events and PLTW affiliate director, UNLV, Howard R. Hughes College of Engineering…

At the University of Nevada, Las Vegas (UNLV) Howard R. Hughes College of Engineering we were thrilled to host our fifth annual Project Lead The Way STEM (PLTW Science, Technology, Engineering and Math) summer training program for middle and high school teachers from July 11 to August 6. This year, thanks to a grant from Splunk4Good, we were able to offer a new Computer Science Principles course, adding to a range of offerings like Green Architecture, Automation and Robotics.

The $25,000 Splunk4Good donation funded startup program costs, instructor fees and enabled us to sponsor …

» Continue reading

Haiyan Song Celebrated as one of the 50 Most Powerful Women in Tech

B8D0DA9F-EDB5-4E54-BF2F-B1942EB678F6Breaking barriers and setting high standards for themselves and others. That’s how the National Diversity Council’s President and CEO, Dennis Kennedy, described the 50 women who were celebrated for their achievements and contributions to technology. A dinner reception was held at the Hyatt Regency, Santa Clara, last week to honor these women and among the 50 included our own Haiyan Song, SVP of Security Markets. In her introduction video, Haiyan spoke about her early childhood dream of becoming an astronaut after watching a moon landing documentary. From a young age this freedom to roam in space inspired her to break barriers and become a leader.

Haiyan’s view on leadership includes a lifelong quest “to be a student of life …

» Continue reading