Android ANR troubleshooting with MINT

Being involved with shippable software for mobile and desktop, I realize that there is a class of problems that are not easy to troubleshoot.

Crashes are probably the easiest to reproduce in QA and Engineering environments and so they are easier to fix. But one class of problems, that in many cases requires more time and possible code redesign, is application sluggishness. This problem usually falls into the gray area of software development that everybody tries to address during design and implementation stages. The problem of application sluggishness seldom shows up in QA or other controller environments, but always happens when the actual user is trying to use the app.

Modern mobile apps are complex creatures. A lot of things

» Continue reading

Winners of the 2016 Splunk Answers .conf Karma contest announced!

Those of you who have been around a while know that we have a Karma contest on Splunk Answers every summer.  This year, the contest took place from July 15th to August 15th, with the top 3* scorers getting free passes to .conf 2016 in Orlando!

Congrats to this year’s Answers Karma contest superstars:

These folks pushed hard to get as much Karma as possible in a single month, and their efforts helped a lot of people build their Splunk clue. Thank you, and CONGRATULATIONS!!! Might we suggest you apply for membership in the SplunkTrust? Applications close this Saturday!

Keep getting that Karma, and we’ll see you at …

» Continue reading

Splunk at Cardinal Health: Business Innovation Behind the Healthcare Supply Chain

cardinal-health-large-logoThe healthcare supply chain consists of multiple independent agents that include hospitals, doctors and many other stakeholders. The continued shift from volume-based reimbursement to value-based care is bringing the importance on the supply chain to the forefront.

Backed by nearly 100 years of experience, Cardinal Health connects patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Cardinal Health is an essential link in the healthcare innovation supply chain, supporting partners with more than 37,000 employees in nearly 60 countries worldwide.

For more than three years, Cardinal Health has trusted Splunk Enterprise to help ensure operational performance across its mission-critical e-commerce platform that customers depend on for health service and product purchases.

Splunk is excited to …

» Continue reading

Splunk Named a Leader in Gartner SIEM Magic Quadrant for the Fourth Straight Year

Gartner has published the 2016 Magic Quadrant for Security Information and Event Management and Splunk was named a leader for the fourth straight year.

In the report, Gartner placed Splunk in the Leaders quadrant and positioned Splunk furthest overall for completeness of vision.

MQ SIEM FINAL

Our security portfolio, including Splunk® Enterprise and the Splunk Enterprise Security solves basic, advanced and emerging SIEM use cases to dramatically accelerate the detection, investigation of advanced threats and attacks and to rapidly respond and remediate them by providing security intelligence from all security relevant data that is collected across IT, the business, and the cloud.

A growing number of organizations are using Splunk Enterprise Security to augment, replace and go beyond their legacy SIEM deployments.…

» Continue reading

Detecting early signs of compromise by splunking windows sysinternal

Splunk_Power_Banner

OVERVIEW

Traditional way of detecting of compromise in window environment using signature based anti-virus / malware product is very difficult to detect advanced malware or threats.  Most of anti-malware solutions that are signature based relies on known list of signatures :

  • Endpoint protection product, don’t have the perfect list of threats to detect all signatures that exist or known
  • Don’t apply to new type of threats that are executed as new executables at the endpoints because there is no known signature to compare against

This traditional approach is costing organization to constantly deal with security breaches hitting the headlines that ranges from incidents that deal with data exfiltration, service interruptions, ransomwares, etc.  all dealing with inability to protect and detect …

» Continue reading

Handling HTTP Event Collector (HEC) Content-Length too large errors without pulling your hair out

Once you start using HEC, you want to send it more and more data, as you do your payloads are going to increase in size, especially if you start batching. Unfortunately as soon as you exceed a request payload size of close to 1MB (for example if you use our Akamai app or send events from AWS Lambda) you’ll get an error status 413, with a not so friendly error message:

“Content-Length of XXXXX too large (maximum is 1000000) “

At this point you might feel tempted to pull your hair out, but fortunately you have options. The reason you are hitting this error is because HEC has a pre-defined limit on the maximum content length for the request. Fortunately …

» Continue reading

Secure Splunk Web in Five Minutes Using Let’s Encrypt

Configuring SSL for your public facing Splunk instance is time-consuming, expensive and essential in today’s digital environment. Whether you choose to go with a cloud provider or self-hosting; RTFM-ing how to generate the keys correctly and configuring how Splunk should use them can be quite confusing. Last year, a new certificate authority Let’s Encrypt was born in an effort to streamline the CA process and make SSL encryption more widely available to users (The service is FREE). In this short tutorial, we will cover how to make use of this new CA to secure your Splunk instance and stop using self-signed certs.  Using SSL will help you to secure your Splunk instance against MITM attacks. Let’s Encrypt utilizes all of …

» Continue reading

Smart AnSwerS #74

Hey there community and welcome to the 74th installment of Smart AnSwerS.

A Splunk Paper Aircraft Association was started up at HQ a couple weeks ago where each participant creates and launches their own paper aircraft every Friday afternoon. Weekly awards are given for longest distance traveled and duration in flight. There’s also a Splunker’s Choice Award for the most unusual, interesting, creative, or fun design. Last Friday, Director of Documentation ChrisG won top prize for his aircraft, winning in both categories of distance and duration. Congrats to the all-star!

Check out this week’s featured Splunk Answers posts:

Large lookup caused the bundle replication to fail. What are my options?

Support engineer rbal shared this Q&A with the …

» Continue reading

SplunkTalk – #76 – Buzzword Bingo

We're getting the hang of this now?!? Maybe? Today's episode we chat about some upcoming goodies like Hal's Developer Lounge and Wilde's Yoga Classes and much more at SplunkConf2016 at the Swan/Dolphin Hotel in Orlando. Clint has a new job at Splunk. Wilde celebrates his 10th year at Splunk and some funny stories about our bumpy time at 250 Brannan where we slowly took over that building — #pettingzoo. Splunk is in a fantastic new building next door, if you're in SF, come for a visit #thereisalegoroom. Listen now!
» Continue reading

My Summer at Splunk

Over the course of one summer, I became a Splunk Product Owner.

Goals: My main goal this summer was to answer the question, “What does a product manager do?” If you asked me this question now, I would laugh and say, “A better question is what does a product manager not do?” I was lucky enough to have the guidance and mentorship of the Data Solutions Group, (specifically Jack Coates, Elias Haddad, and Marian Reynova) who gave me an enormous amount of responsibility and answered my endless questions as I navigated through the product management cycle.

IMG_3895

Background: As a quick background, the Data Solutions Group makes add-ons. Every new type of data needs an add-on to normalize the input …

» Continue reading