Smart AnSwerS #27

Hey there community, and welcome to the 27th installment of Smart AnSwerS!

You know you’re in the office later than usual when the central HVAC system shut off promptly at 6pm over an hour ago and the building is either full of boisterous conversations and laughter from hard working Splunkers unwinding, or an eerie silence if folks decided to unwind elsewhere. It’s been silent for the past hour, so I think it’s that’s my cue to wrap things up and crank out some of the awesome material I’ve hunted down for you, by you :)

Check out this week’s featured Splunk Answers posts:

Is there a list of Splunk apps that need developing?

rkent is new to developing Splunk …

» Continue reading

Introducing the Splunk App for Stream 6.3 Release!

We just improved our popular and free Splunk App for Stream! In the new Splunk App for Stream 6.3 release we’ve introduced Distributed Forwarder Management (DFM), a functionality that simplifies configuration while increasing administration flexibility. The new 6.3 release is available now on Splunkbase.

As a flexible software solution, you can deploy the Splunk App for Stream anywhere in the network—on-prem or cloud environments. Your implementation can be simple—collecting data from only a handful of SPAN ports, or very complex—with hundreds of different globally distributed Stream forwarders gathering data from endpoints. If your monitoring needs are more complex, you can target and customize how and where to deploy Stream to collect wire data to meet those needs more precisely.…

» Continue reading

Smart AnSwerS #26

Hey there community! Welcome to the 26th installment of Smart AnSwerS.

This just in! The documentation for the join command has been recently updated by our very own senior technical writer Laura Stewart! I used to check that page every now and then, only to find a tumbleweed rolling by. Well, that didn’t really happen, but that’s what I imagined in my head. It was in need of some tender loving care, and it has finally undergone a complete overhaul. If you’d like to provide input about the new content, feel free to navigate to “Was this topic useful?” at the bottom of that page to leave positive constructive feedback :) After you’re done perusing through the join topic makeover…

Check …

» Continue reading

Smart AnSwerS #25

Hey there community, and welcome to the 25th installment of Smart AnSwerS.

Whistling Nerf ammunition has been flying all around me the past couple of days. Surprisingly, I’ve left the battlefield, a.k.a. the office, unscathed. Occasionally, I’ll find a stray bullet in the plant next to me, behind my desk, under the couch, you name it. I noticed folks engaging in this Nerf warfare recently have been scrounging for stray bullets more often than normal. Apparently, hundreds and hundreds of rounds have gone and continue to go missing every week until the numbers have dwindled to just a handful per gun. 200+ rounds have just been ordered to arrive within the next week. It’s about to get real!…

» Continue reading

All aboard with Infrastructure 4.0 — Splunk wins Deutsche Bahn Internet of Things Hackathon

Deutsche Bahn (DB) describes itself as the second largest transport company in the world and is the largest railway and infrastructure operator in Europe. With the popularity of Industry 4.0 and IoT in Germany, DB recently ran a “Deutsche Bahn goes 4.0” Hackathon over the weekend of May 8-9 2015. The concept was “We provide the data, you innovate with it”. Splunk participated with a crack team of two people, a copy of Splunk Enterprise running on a laptop and got their hands dirty digging into a labyrinth of infrastructure data. The challenge was tough: starting at 5pm we had 24 hours straight to analyze the data and demonstrate the value from it. After the final presentation of …

» Continue reading

Smart AnSwerS #24

Hey there community, and welcome to the 24th installment of Smart AnSwerS!

Since I started a year ago as a contractor and just recently became full-time at Splunk, I’ve had to participate in new-hire onboarding the past couple of days. Most of the content has just been a nice refresher on all things Splunk, but hearing about the updated customer use cases has been amazing, especially the most creative ones. One user, for example, has been using Splunk to optimize smoked salmon perfection by analyzing data from a sensor placed in the smoker. Who knew?! Splunk products are only as awesome as the community that makes them worthwhile :)

Check out this week’s featured Splunk Answers posts:

Sideview Utils:

» Continue reading

Preventive, Proactive and Precise Healthcare Security through Data Informed Decisions

Last month, Government Health IT hosted the first of a four-part webinar series that will explore the use of analytics in various parts of healthcare operations—security, privacy, compliance, critical application services, fraud detection, optimization of patient experience and more. This Splunk-sponsored event examined how analytics are driving improved healthcare data security. I took part in the conversation to discuss how healthcare organizations address cyber risks and regulatory compliance.

You cannot address a delivery system transformation, precision health or consumer health movements, for that matter, without support from modern technology trends—digitization of healthcare processes, interoperability and data access and analysis for continuous improvements. Organizations must facilitate the exchange of health information among medical record systems, scheduling systems, billing and insurance records. …

» Continue reading

Smart AnSwerS #23

Hey there community and welcome to the 23rd installment of Smart AnSwerS!

This morning was filled with *drilling noise…more drilling noise…even more drilling noise* as several standing desks were installed for folks all around me. I sit here among towering giants, burning calories faster than me in my sedentary chair. Guess I should go take a walk! (after this post of course)

Check out this week’s featured Splunk Answers posts:

How to retrieve the latest related event from one sourcetype based on a common identifying field from another sourcetype?

arnol229 had 2 sets of events that shared common ID field values, but different field names, and needed to get a table of the latest event from one sourcetype …

» Continue reading

Smart AnSwerS #22

Hey there community and welcome back to Smart AnSwerS, the 22nd installment of its kind.

I just got back to the office from a two week vacation to find my desk surrounded by a jungle of plants, my chair wedged horizontally on the side of my desk, an inflatable giraffe with a St. Patrick’s Day hat, and a cardboard cutout of a snooty waiter. Somehow, I wasn’t surprised with the number of pranksters surrounding me, so it was expected haha. I also came back to 800+ posts that have gone live on Answers since my departure! I’m glad the community is as lively as ever, though, it will take me some time to sift through all that content, …

» Continue reading

.conf2014 Highlight Series: Detecting Fraud and Suspicious Events Using Risk Scoring

LGO-conf2015-RGB

.conf2015 registration is open!

We’re excited to continue our series of .conf2014 #TBT highlights, especially as we get closer to .conf2015: The 6th Annual Splunk Worldwide Users’ Conference in Las Vegas this September. This week we revisit Robert Perdues’s presentation about how Splunk can be used to detect fraud and suspicious events using risk scoring.

Skill Level:
Intermediate

Solution Area:
Fraud, Security

Splunk:
Splunk Enterprise

Presentation Overview:
This session showcases how Splunk can be used to build a risk scoring engine designed to detect fraud and other suspicious activities. This presentation includes a real-world fraud detection use case, a detailed description of the searches and lookups, which drive risk scoring, as well as other cyber security related applications of risk …

» Continue reading