Configuring PingIdentity PingFederate (Ping) Security Assertion Markup Language (SAML) Single Sign On (SSO) with Splunk Cloud

no_passwordsThere are now a few blog postings on SAML configurations for Splunk> Cloud. For Okta , Azure and ADFS. Ping is similar in complexity to the Identity Provider (IdP) ADFS, and can be a bit tricky depending on your implementation. The intent of this guide is help you along on your way to integrate Splunk> Cloud with PingFederate.

My role is a Cloud Services Advisory Engineer on the Customer Adoption and Success Team (CAST) within Splunk>. My focus is to assist our customers in their experience with our Cloud service for Splunk>. With our 6.4.x version of Splunk> Cloud, which this posting is about, the configuration for SAML definitely works quite well, but is not the most user friendly …

» Continue reading

.conf2015 Highlight Series: City of LA and Splunk Cloud as a SIEM for Award-Winning Cybersecurity Collaboration

Updated June 23, 2016:

Screen Shot 2016-06-23 at 1.29.51 PMWe are pleased to announce the City of Los Angeles was recently presented with the City on a Cloud award at the AWS Public Sector Summit in Washington, DC. The City on a Cloud Innovation Challenge recognizes and celebrates local and regional governments in three categories: Best Practices, Partners in Innovation and Dream Big. The City of Los Angeles was selected as the Best Practices winner for its use of innovative, world-class cybersecurity to protect digital assets and deployment of a unique, cloud-based security information and event management (SIEM) solution for the Integrated Security Operations Center (ISOC), to help consolidate, maintain, and analyze security data across the city’s departments.

All of the below was first published

» Continue reading

Retain More Data at Lower Cost with New AWS Storage Volume Types

This is a guest post contributed by David Potes, Partner Solutions Architect at Amazon Web Services

Many of the customers I work with are being asked to retain more of their logging data for longer periods. Some of these customers are being driven by increasing compliance requirements, while others want to mine historical data to analyze their systems. With the recent release of Splunk Enterprise 6.4, you now have the ability to dramatically shrink the size of your indexes to retain data longer at reduced storage sizes. If you’re running Splunk Enterprise on Amazon Elastic Compute Cloud (Amazon EC2), you can also tier your Splunk storage to deliver the right performance, at the right price. Now, by using the …

» Continue reading

Welcome to the Hotel Cloud-ifornia

Screen Shot 2016-04-08 at 9.26.58 AMAside from being a clumsily executed pun, the title does sound a bit ominous – especially if you are familiar with the 1976 Eagles classic (is it just me or is it getting old in here?). Well it should be ominous because checking into the cloud is like checking into a hotel and that is both good and bad.

The good is you’re getting out of your daily grind, turning over all the maintenance to someone else, and getting away from the screaming kids (or hardware alarms for the purposes of our analogy). That’s great!

The bad, however, is you are moving in with strangers, the maintenance people have the keys to your room and you pay by the night (or …

» Continue reading

Splunk Enterprise 6.4 – Driving down the cost of big data analytics

enterprise banner

Today, I’m excited to introduce Splunk Enterprise Release 6.4 and the latest version of Splunk Cloud. For Splunk Enterprise customers, the biggest news is that you can lower your cold data storage costs by 40-80%.

We know you’re under pressure to retain more data – and for longer – because of security and compliance. There’s also an increasing demand to optimize your business by analyzing historical data. This data is important but less frequently accessed, so now you can choose to reduce its footprint by 60% on average, and up to 80% for some data types.

How? We can now remove a part of the Splunk optimization data (TSIDX) from your original data, letting you trade optimal search performance …

» Continue reading

The Value of Hybrid Highlighted as Splunk is Honored by SC Magazine Awards

Every organization has a cloud strategy. It’s a journey, but the destination is clear. And, it’s my experience that regardless of what mile marker organizations have just passed on the road to cloud, they’re likely operating a hybrid environment. This means they are running solutions both on-premises and in the cloud. To support this strategy, we offer hybrid delivery options – supporting both on-premises and cloud solutions – one of the differentiated values we provide our Splunk customers.

And today, I’m excited to share that our differentiated value just got a big boost asSCMagazineAwards2 Splunk Enterprise won a Trust award for “Best Fraud Prevention Solution” and Splunk Enterprise Security won a Trust award for “Best SIEM Solution” from SC …

» Continue reading

Announcing Splunk Enterprise in Microsoft Azure Marketplace

AzureWe are pleased to announce the release of Splunk Enterprise in Microsoft Azure Marketplace!

Now Azure customers can deploy and purchase Azure-certified Splunk Enterprise clusters in minutes, with the entire point-and-click workflow contained within their Azure portal.

This Bring-Your-Own-License offering on Azure IaaS, provides Splunk customers another platform for self-managed Splunk deployments in addition to on-premise and other public cloud deployment options.


What can Splunk Enterprise in Azure Marketplace do for you?

Our mission at Splunk is to make machine data accessible, usable and valuable to everyone. We strive to turn machine data into valuable insights in as little time as possible to help businesses in their journey towards operational intelligence:

Time to value flowchart

Splunk Enterprise in Azure Marketplace enables and

» Continue reading

Cheers to Customer Growth: MindTouch Receives $12 Million in Funding

mindtouchBack in 2014 I wrote a blog post about an innovative new Splunk Cloud customer, MindTouch, that was increasing its customer retention and had tripled its customer count with the help of our cloud platform for Operational Intelligence. When I first heard about MindTouch and then met some of the employees and executives, I knew they were onto something big. You see, MindTouch does something pretty cool. They’ve developed a cloud service that helps organizations better engage with their customers by delivering insights into how customers consume the organization’s self-service product and help content. Much like Splunk Cloud, MindTouch helps its clients use data in a way that can give them incredible insight into customer interests and behavior. Some …

» Continue reading

.conf2015 Highlight Series: Splunk Cloud Keeps Orion Talking

At .conf2015, Orion Labs’ Dan Phung showed how his company brings together the cloud, wearable technology, and the Internet of Things with Splunk. We take a look at what he shared during .conf below, but feel free to check out the session recording and his presentation slides for even more detail. And don’t miss the video overview below too.

Science fiction is the stuff of dreamers, but these dreams sometimes come true. Author Arthur C. Clarke envisioned using geostationary satellites for telecommunications relays. Edward Bellamy, in 1888, envisioned the concept of credit cards. Even Aldous Huxley, back in 1931, envisioned a pill that could make unhappy people happy. Crazy stuff!

With that in mind, we couldn’t help but

» Continue reading

.conf2015 Highlight Series: On track for savings and performance… Aurizon rolls out Splunk Cloud

During .conf2015 we were pleased to play host to a session about one company’s transition to Splunk Cloud. Read on to learn more, but check the session recording for more details — and be sure to grab a copy of the presentation itself for reference.

AurizonMoving more than 250 million tons of commodities, Aurizon is one of the largest rail freight operators in Australia. Şebnem Kürklü, an information security manager, joined the company with a focus on improving IT security, vendor and service provider relationships, increase risk awareness in business units, and to leverage investment in current technologies. A full plate for anyone.

The Aurizon IT landscape
Aurizon outsources much of its IT to Fujitsu, though it maintains functions such …

» Continue reading