With IT Operations Analytics, Data Is Everything
DevOps. Machine learning. Faster decision making. The biggest trends in IT are helping us speed release cycles, get more insights, and improve operations like never before. But as IT begins adopting and optimizing these new strategies in their organization, there’s one critical piece that’s often overlooked: an IT operations analytics (ITOA) strategy. IDC recently authored some important research on the topic, which you can download here: IDC Special Report: Worldwide IT Operations Analytics Software Market Shares, 2015.
According to the report, “The key objective [of ITOA] is to optimize IT operational service levels in near real time for production application and infrastructure computing environments.”*
In other words, when you’re using ITOA solutions effectively, your organization simply runs better. According …
Improving Visibility in Security Operations with Search-Driven Lookups
Looking back on 2016, Splunk Enterprise Security added significant capabilities to its platform for security operations, including Adaptive Response, User & Entity Behavior Analytics (UEBA) integration and Glass Tables. Another capability that was added, but has received less attention is a new type of search that Splunk calls Search-Driven Lookups. Because there has not been as much attention put to this, I wanted to share a bit about this capability and how it can be used.
Search-Driven Lookups originated from a question that users of legacy SIEM providers often asked; how can Splunk dynamically create watchlists that can then be used in correlating new events against a watchlist? Enterprise Security has had the ability to correlate against a …
Dashboard Digest Series – Episode 5: Maps!
“A map does not just chart, it unlocks and formulates meaning; it forms bridges between here and there, between disparate ideas that we did not know were previously connected.” ― Reif Larsen, The Selected Works of T.S. Spivet
Welcome to Episode 5 of the Dashboard Digest series!
Maps play a critical role in visualizing machine data in almost any industry for thousands of use cases. We’ve been continuously adding more mapping functionality to Splunk and with the recent addition of Custom Visualizations in Splunk 6.4 you (the community) have too! This is exciting news as I’ve noticed many times the first panel on a dashboard that draws attention is a map. The best part is that each of these displays …
Gaze into Splunk’s Crystal Ball for What’s to Come in 2017
Last year, a team of Splunkers came up with several predictions for what 2016 would bring in the fields of IT, security, and big data. This year we’ve done it again, looking into our crystal ball (or industry experience) to share our prophecies for 2017.
But first, let’s look back at some of the hits and misses of what we predicted for 2016.
Behavioral analysis will shift from an emphasis on user credentials to machine-to-machine credentials.
Haiyan Song, our SVP of security markets, predicted that “anomaly detection will become less about analyzing users or entities and more about leveraging machine learning and data science.” While there’s still a way to go, this has begun to come true: As…
Splunk and AWS: Monitoring & Metrics in a Serverless World
Bill Bartlett (fellow Splunker) and I have recently had the distinct pleasure of moving some workloads from AWS EC2 over to a combo of AWS Lambda and AWS API Gateway. Between the dramatic cost savings, and wonderful experience of not managing a server, making this move was a no brainer (facilitated as well by great frameworks like Zappa). Both services are pretty robust, and while perhaps not perfect, to us they are a beautiful thing.
While we were using Splunk to monitor several EC2 servers with various bits of custom code via the Splunk App and Add-On for AWS, we realized (ex post facto) that while Lambda was supported out of the box by the Add-On, API Gateway was …
How Splunk Can Help You Prevent Ransomware From Holding Your Business Hostage
A group of hackers recently cost Madison County, Indiana $200,000 and another group demanded $73,000 from the San Francisco Municipal Transport Agency (SFMTA) over the Thanksgiving holiday to decrypt frozen data. What was the common factor connecting the two attacks? A popular form of malware known as ransomware.
Why You Should Care About Ransomware
Ransomware is often used to extort funds directly from victims. Ransomware literally takes systems hostage, requiring a “ransom” to free those systems back to a usable state. This can be a very lucrative business for cyber criminals.
Ransomware, like other malware, gets into your network via bad actors who figure out a way to deliver it into your environment without “sounding an alarm” – for example, …
SC16 Conference: Home of the The World’s Fastest Network
You don’t think of High Performance Computing (HPC) everyday but its use in a diverse set of applications such as climate prediction, nuclear labs, oil and gas discovery, defense and aerospace work, financial forecasting and other computational intensive activities touch us in our daily lives. And from November 13 – 18, 2016 Salt Lake City become the home for HPC enthusiasts at the SC16 conference.
What makes this conference different than any other? It happens to be the home for the world’s fastest network, SCinet. It is a high-performance, experimental network that is specifically built for the conference and connecting it to the broader internet. To give you a sense of its capacity, it provides more than 5 Tpbs(!) of internal …
Stop Security Threats With Real-Time Data Monitoring
Imagine having a vast library of books but not being able to see what words live on the page that you are reading or want to read. That would be like being able to ingest security relevant data from a diverse array of data sources but not being able to use that information to monitor your security posture in near real time.Real-time data monitoring is essential to secure an enterprise because it gives security practitioners the ability to monitor and manage the consumption and use of machine data across complex IT and security systems with visual insights into that data. The data can come from sources such as web logs, application usage to digital transactions. Why …
Women in Technology: Meet Kamisha Williams
Splunk Gains Young Talent Through Partnership With Year Up
I first heard about Kamisha Williams’ impressive leadership skills when she led a new-hire group in a volunteer Splunk4Good afternoon at San Francisco’s Buena Vista Horace Mann Community School. When I learned that she had participated in the Year Up program that guided her toward a contractor position at Splunk, I couldn’t wait to learn more from her. I had heard of Year Up before I met Kamisha and understood it was an incredible force in closing the opportunity divide so I was excited to learn that Splunk was involved in this program.
Tell me about your role at SplunkI’ve been …
Splunk Women In Tech: Making the Jump to the Executive and C-Suite
Research shows that women who have a sponsor are more likely to have better pay, advance more quickly, get more high-profile assignments and stay in the workforce once they have children. Yet, men are 45% more likely than women to have a sponsor.
On Monday, Dec. 12, Tracy Edkins, Chief Human Resources Officer at Splunk, shared this research and highlighted the importance of sponsorship as she kicked off Splunk’s Women in Technology event: Making the Jump to the Executive and C-Suite. The event brought together 50 senior-level Splunkers to engage in a conversation on this topic. The evening included networking and executive-facilitated discussions over dinner, followed by a fireside chat with Godfrey Sullivan, Chairman of the Board and former …