PostFinance banks on Splunk to improve fraud detection

When I’m thinking about Switzerland, I often think of the Swiss Alps, great chocolate and the famous Swiss army knife. The flexibility of the Swiss army knife reminds me how Swiss bank PostFinance is using the Splunk platform in multiple ways.

We say that Splunk is a SIEM and can fulfill all SIEM use cases but also Splunk is so much more – and PostFinance has proved it once again.

MFO20091022-004

Splunk as a Fraud Platform

PostFinance is using Splunk for compliance and regulation, but beyond those traditional SIEM use cases they also use Splunk as fraud platform, using the insights to protect their customers’ bank accounts and digital payments. In their online banking portal alone they have over 1.6 million customers they have to …

» Continue reading

High Performance syslogging for Splunk using syslog-ng – Part 2

As I mentioned in part one of this blog, I managed a sizable deployment of Splunk/Syslog servers (2.5TB/day). I had 8 syslog-ng engines in 3 geographically separate data centers. Hong Kong, London and St. Louis. Each group of syslog-ng servers was load balanced with F5. Each group was sending traffic to their own regional indexers. Some of the syslog servers processed upward of 40,000 EPS (bursts traffic). The recommendation that I am about to describe here is what worked for me; your mileage may vary of course. I tried optimizing the syslog-ng engines to get as much performance as possible out of them. If you feel, however, that it is over kill or if you don’t have the manpower to …

» Continue reading

High Performance syslogging for Splunk using syslog-ng – Part 1

Today I am going to discuss a subject that I consider to be extremely critical to any Splunk’s successful deployment. What is the best method of capturing syslog events into Splunk? As you probably already know there is no lack of articles on the topic of syslog on the Internet. Which is fantastic because it enriches the knowledge of our community. This blog is broken into two parts. In part one, I will cover three scenarios of implementing syslog with Splunk. In part two, I will share my own experience running a large Splunk/Syslog environment and what can you do to increase performance and ease management.

When given the choice between using syslog agent (ex: http://sflanders.net/2013/10/25/syslog-agents-windows/ ) or UF (Universal …

» Continue reading

Coca-Cola North America Named to InformationWeek Elite 100

elite-100-logoToday, we are pleased to announce that one of our valued customers, Coca-Cola North America Information Technology, has been selected as a Business Innovator in the Productivity category in this year’s InformationWeek Elite 100 ranking of the top business technology innovators in the United States. Honored for its marketing transformation initiative, Coca-Cola Information Technology is using Splunk solutions to tackle real business issues and increase efficiencies with data.

Today’s successful marketing campaigns are multi-faceted, spearheaded by creativity and supported by various technologies. The Coca-Cola North America Information Technology application of Splunk solutions is an exemplary showcase of talented IT and marketing professionals transforming the way marketing gets done in an increasingly digital world.

The company’s IT department is collaborating with …

» Continue reading

Splunk Light – Laguna College of Art and Design’s Log Masterpiece

LCAD_Logo_2008When I say “log masterpiece” I am not talking about totem poles although you might be surprised at how they factor into this story. Actually what I’m talking about is what you can do when you use the right tools to manage all of your logs, especially when you have a very small IT team. But humor me for a minute and let me to go back to totem poles to give a little relevant history. According to Wikipedia, “The word totem derives from the Algonquian (most likely Ojibwe) word odoodem , ‘his kinship group’.” In many respects an IT group, especially a small one, is a form of kinship (AKA, family or, more aptly, clan). The IT infrastructure support …

» Continue reading

Women in Technology: Meet Synchrony’s Jennifer Middleton

Jennifer Middleton Splunk Operations Manager Synchrony Financial

Jennifer Middleton
Splunk Operations Manager
Synchrony Financial

On the heels of Women’s History Month, it’s a great time to honor women’s contributions and launch our Women in Technology (#SplunkWiT) Q&A blog post series. I’m excited for our inaugural post, which features my conversation with Jennifer Middleton, Splunk Operations Manager at Synchrony Financial and a valued Splunk customer.

Middleton attended a Splunk Women In Technology panel at .conf2015, which included women leaders and Splunk customers from Comcast and Zappos. When we heard Middleton’s question to the panelists regarding women supporting other women, we knew we wanted to stay in touch.

Tell us about your background and how you got into technology.
I sat down at a computer for …

» Continue reading

SplunkLive! Arrives in the Nation’s Capital

SplunkGov LogoLast week we hosted one of our largest SplunkLive! events of the year. More than 1,100 people came together in downtown Washington, DC to learn how more than 11,000 companies, federal agencies, universities and service providers worldwide use Splunk software and platforms to mitigate cybersecurity risks, prevent fraud, improve performance, reduce costs and deepen business insights and customer understanding.

With 16 breakout sessions to choose from, attendees were able to hear from a wide range of different customers and Splunk experts, and learn how our platforms help address and solve challenges in any environment. From sessions on Operational Security Intelligence and how to take Splunk to the next level for management, to hands-on tutorials on Splunk User Behavior Analytics (UBA

» Continue reading

Operational Intelligence – Manufactured in Germany | SplunkLive! Germany events 2016

Hello,

Spring has only just begun and yet we have already finished our SplunkLive! 2016 Tour across Germany. We began in Munich with further stops in Frankfurt and Hamburg. We had a fantastic tour and achieved our goal of getting Splunk Ninjas together to learn from one another how to achieve operational intelligence. We heard how a botnet is using hacked e-mail mailboxes for malicious activities, we saw how Splunk sends out Excel sheets to individuals across a business and learned what could be done with 10bn events and machine learning for business application monitoring.

Let’s get started on the highlights with Datev, the 4th largest German software company and Computerwoche’s second best

» Continue reading

Splunk and Moviri – driving Italian Operational Intelligence at UniCredit, Yoox/Net-A-Porter & Saipem

SplunkLiveMilanLast week we ran SplunkLive! Italy in Milan and Rome. I was lucky enough to be in Milan and spend some time with the Splunk team but also one of our key partners, Moviri. We’ve been working with Moviri for many years and together we have delivered some outstanding examples of Operational Intelligence using machine data. Moviri is a leader in IT optimization in Italy, focusing on security, analytics, and monitoring operations. The customer speakers in Milan were UniCredit, Yoox/Net-A-Porter and Saipem. UniCredit presented their excellent story on delivering IT Operational Analytics, Yoox presented real-time security intelligence and Saipem presented on how they use the platform for multiple use cases in Oil and Gas. All three customers have gained significant …

» Continue reading

Building add-ons has never been easier

Speaking from personal experience, building add-ons had never been the easiest task for me. There are numerous steps required, and each step may come with its owns challenges. Worse, I might spend time on a solutions just to hear it wasn’t best practice.

Wouldn’t it be great if there was a way to make this process easier by equipping developers, consultants, and Splunk Admins with the right tool to build their own add-ons? To take it a step further, wouldn’t it be even better if this tool actually helps you build the add-on by following tried and true best practices?

Allow me to introduce you to the Splunk Add-on Builder that helps to address the challenges highlighted above. Splunk Add-on …

» Continue reading