Splunk and the art of refrigerator maintenance.

Over the Australia Day long weekend here in sunny Brisbane, Queensland, a buddy of mine and I started noticing that his fridge didn’t seem very cold – meaning that the beer was not cold, clearly a drastic problem. No matter how far down we turned the thermostat, the fridge just wouldn’t cool down. He wasn’t sure if he was imagining it, or if it had always been that way. My buddy didn’t really want to go out and buy a new fridge and wanted to try and fix it himself, however had no idea if any of the changes we’d made to the fridge were making it better or worse.

My buddy works for a Splunk partner and IoT company

» Continue reading

Splunk and Cacti

Several options exist to bring SNMP into Splunk, with such examples as our SNMP Modular Input.  But what if you already have a SNMP collection built with Cacti?  You could consolidate, rebuild and reconfigure all the collection… but the easier option would be to take Cacti, and feed it into Splunk.  This is a great example of leveraging one tool to collect the data, but bringing all the information together into a single platform for analytics.…

» Continue reading

Top Technical Questions on Splunk UBA

With the acquisition of Caspida (now Splunk UBA) in July of 2015, we have been talking to many customers regarding user and entity behavioral analytics. Our customers have been asking questions about how this type of threat detection product works, and in this blog, I’m going to discuss some of the most common questions, along with answers and/or explanations from a security researcher and practitioner’s viewpoint.

 

What makes Splunk UBA unique compared to detection technologies?

Splunk UBA uses an unsupervised machine-learning based approach to determine whether events generated from multiple data sources are anomalies and/or threats. This is a turnkey approach that does not require customers to train the models, and does not require administrators to develop signatures in …

» Continue reading

Writing Actionable Alerts

Is your Splunk environment spamming you? Do you have so many alerts that you no longer see through the noise? Do you fear that your Splunk is losing its purpose and value because users have no choice but to ignore it?

I’ve been there. I inherited a system like that. And what follows is an evolution of how I matured those alerts from spams to saviors.

Let it be known that Splunk does contain a number of awesome search commands to help with anomaly detection. If you enjoy what you read here, be sure to check them out since they may simplify similar efforts. http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Commandsbycategory#Find_anomalies

Stage 1: Messages of Concern

Some of the first alerts created are going to be searches …

» Continue reading

My Splunk Origin Story

A World Without Splunk

In my pre-Splunk days, I spent significant time leading the vision for standards and automation in our company’s large distributed IBM WebSphere Network Deployment environment. Even though we used standard build tools and a mature change process, significant entropy and deviations were introduced into the environment as a product of requirements for tuning, business, infrastructure, security, and compliance.

As a result, we were unable to recognize the scope of impact when it came to security vulnerabilities or violations with 3rd party compliance. Even worse for us, we spent way too many staff-hours trying to replicate issues between production and quality assurance environments because we had no easy way to recognize the contributing configuration differences.

It’s a Bird, It’s a

» Continue reading

Cheers to Customer Growth: MindTouch Receives $12 Million in Funding

mindtouchBack in 2014 I wrote a blog post about an innovative new Splunk Cloud customer, MindTouch, that was increasing its customer retention and had tripled its customer count with the help of our cloud platform for Operational Intelligence. When I first heard about MindTouch and then met some of the employees and executives, I knew they were onto something big. You see, MindTouch does something pretty cool. They’ve developed a cloud service that helps organizations better engage with their customers by delivering insights into how customers consume the organization’s self-service product and help content. Much like Splunk Cloud, MindTouch helps its clients use data in a way that can give them incredible insight into customer interests and behavior. Some …

» Continue reading

How’s my driving?

It was the summer of 2014. I was well into my big data addiction thanks to Splunk. I was looking for a fix anywhere: Splunk my home? Splunk my computer usage? Splunk my health? There were so many data points out there for me to Splunk but none of them would payoff like Splunking my driving…

Rocky Road

At the time, my commute was rough. Roads with drastically changing speeds, backups at hills and merges, and ultimately way more stop and go than I could stomach. But how bad was my commute? Was I having as bad an impact on the environment as I feared? Was my fuel efficiency much worse than my quiet cruise-controlled trips between New York and Boston? …

» Continue reading

Absolute Beginner? Not for long. Join us for Splunk4Rookies across France and Italy

Hey all,

So you’ve heard about Splunk and want a quick overview of the solution? Come to one of our #Splunk4Rookies sessions that regularly take place all over France and Italy!

The hands-on evening sessions usually last for around three hours and cover the main principles of the Splunk machine data platform as well as helping you to build your own dashboards within minutes! Depending on the session, you may also find yourself installing Splunk across a distributed environment and setting up data collection in AWS.

Splunk4Rookies3

We started these sessions months ago with a single format in Paris but given the event popularity, we quickly extended the event to other cities (Lille, Rome, Lyon, Toulouse, Milan) and to new subjects …

» Continue reading

How Brands Manage Data During the Super Bowl

You see servers and devices, apps and logs, traffic and clouds. We see data — everywhere. And with one of the world’s biggest sporting spectacles taking place just down the road from us in less than two weeks time, we thought we’d take a look at a few Splunk customers and how they’ve managed their data loads during the big game.

Coping with web traffic – Cars.com & Nissan
A few years ago, Cars.com used Splunk Enterprise to ensure its web environment could withstand the user load — and ensure a pleasant customer experience — during their Super Bowl advertisements. In years past Cars.com relied on aggregate data to determine their overall performance under Super Bowl levels of stress. …

» Continue reading

Data to Play Pivotal Role in the Fan Experience in Santa Clara

VenueNext_logoWhen fans of the Denver Broncos and Carolina Panthers enter Levi’s Stadium to cheer on their team, they are going to enjoy MVP-type services from beginning to end – regardless of the final score.

When the San Francisco 49ers started planning their new stadium, use of technology, particularly mobile technology, was at the core of delivering an amazing fan experience. By partnering with VenueNext, they built one of the best mobile apps for providing a delightful fan experience that has evolved how the nearly 68,000 fans enjoy games at Levi’s® Stadium.

Levis_Mobile

Data is at the heart of operations in the stadium and Splunk is powering analytics in realtime at every stage of the fan experience. Splunk is used …

» Continue reading