Top 10 Splunk and Cisco Highlights in 2014
Over the past 7 years Cisco and Splunk have built a broad and multi-faceted relationship.
Internally Cisco IT, security, engineering and other teams use Splunk software every day for operational intelligence and security analytics. Cisco shared details at Splunk’s 2014 user conference in a session titled “How Cisco IT Moved from Reactive to Proactive and Even Predictive with Splunk” and Cisco’s CSIRT team commented a blog post on Security Logging in an Enterprise “… [W]e moved to Splunk from a traditional SIEM as Splunk is designed and engineered for ‘big data’ use cases.”
Splunk & Cisco have partnered across security, networking, application management, IoT, Big Data and other areas to help our joint customers realize the same …
End-to-End Protection and Threat Mitigation for Cisco Network Environments via Splunk, ISE, and pxGrid
In our previous post, and the subsequent Cisco article, we delved into how Cisco Identity Services Engine can be used to enrich operational analytics with Splunk with personal data. Let’s look at a real-world example plus explore the latest Splunk and security integration.
At Cisco Live Cisco product manager Kevin Guidinger delivered a great session detailing how Cisco Cloud and Managed Services (CMS) uses Splunk to manage more than 2.5 BILLION security events per day across Cisco security and third-party security products. That is nearly 30,000 events per second, and no trivial matter.
Kevin highlighted a financial services organization his team works with that requires deep visibility into their BYOD deployment. It’s critical that the team can easily identify and investigate rogue network access, even coming from company issued devices, and then quickly re-mediate …
Join Splunk and Cisco at Cisco Live Milan
Building on years of collaboration Splunk and Cisco are kicking off 2015 on a high note. Last week Splunk joined Cisco for a discussion on the Power of Application Centric Infrastructure and now we’re packing our bags for a week of Cisco and Splunk-y goodness at Cisco Live Milan January 26-30, 2015.
At Cisco Live Milan 2015 you’ll learn how Splunk and Cisco have teamed to deliver unified visibility into application and network performance, dramatic reductions in troubleshooting times, better and faster response into security incidents, and more. You’ll discover practical ways to get even more value out of your existing Cisco environments – from ASA firewalls to Catalyst and Nexus switches to Meraki wireless devices – and how Cisco …
Smart AnSwerS #7
Hello Splunk community and welcome to the 7th installment of Smart AnSwerS!
This past Monday, Martin Luther King Jr Day, was a holiday for the Splunk offices in the US, but I decided to come in anyway to get some work done since Splunk Answers never seems to take a day off All the lights were off and alas, neither I nor the security guard knew how to turn the lights on. I worked in the dark for a good 2 hours, but just when I was about to give up and save my eyesight, another splunker came by, showed me the light (switches) and saved the day! *confetti drop* Check out this week’s featured Answers posts:
Does Splunk remember …
New in Hunk 6.2.1: Splunk Archiving & Searchable Archives!
- Archive your existing Splunk indexer’s data with a Hunk 6.2.1
- Search archived data in place from the Hunk search head
- Documentation here!
Archive Splunk Data
Hunk 6.2.1 enables you to continuously archive your Splunk data to Hadoop, by pointing a Hunk search head to your Splunk indexers and configuring an new Archive Indexes.
Searching archived data
You can search archived data in place on Hadoop just as easily as you would search any other Splunk index. There’s no need to move data more than once. This works because Hunk already knows how to efficiently search data in Hadoop. We just had to archive the data in a file structure such that Hunk could efficiently prune the data by time.
Splunk App for SalesForce
Do you manage a Salesforce environment and would like to analyze who is accessing what? Would you like to find out who is exporting sensitive data? Would you like to detect any Salesforce related suspicious activities or any slow running reports, dashboards, SOQL queries?
If the answer to the above is yes, you should check out the Splunk App for Salesforce which has been recently released as a service on Splunk Cloud. This App relies on the Salesforce Event Log File that exposes Salesforce access logs. In addition to that, you can also leverage this app to collect and index any data from the standard Salesforce objects. In other words, you can use this app to index structured and unstructured salesforce data.
Making machine data personal with Splunk and Cisco ISE
Welcome to 2015, year of the hover-board (if you don’t get that reference, you should watch more movies). In the first of a multi-series posts, lets start by taking a look at the goodness Splunk and our partner Cisco have been cooking up to help you understand who is doing what in your environment. We will be covering a series of topics, so be sure to stay tuned.
- Making machine data personal
- Using Cisco ISE Data to Drive Enhanced Event Visibility in Splunk
- End-to-End Protection
- Threat mitigation
- Bi-Directional workflow
As a Splunk customer, Cisco uses Splunk Enterprise Security extensively across Cisco IT, Engineering, Advanced Services and Security teams. For example, Cisco’s Computer Security Investigation Response Team (CSIRT) uses Splunk …
The First Virtual SplunkLive! for Higher Education
Modesty usually forbids using more than one exclamation point in any given blog, but I thought in this case both the format and the focus were worth getting excited about (!!!).
For those who may not know, SplunkLive! events are customer-focused gatherings that give attendees a way to see and interact with current Splunk users, as well as get some hands-on Splunk experience. For this particular event, we have speakers from Ohio State University, Baylor University, and the University of Washington, followed by breakout sessions on Getting Started, Security, and IT Operations.
I promised …
Smart AnSwerS #6
Hello Splunkarinos and welcome to the 6th installment of Smart AnSwerS!
We just had our company Break Your New Year’s Resolution party this past weekend to start the New Year…ironically Good eats, good drinks, good music and fun people? That sounds about right to me! We’re back to business (and fun) as usual here at Splunk HQ as I’m sure you all are too – Check out this week’s featured Splunk Answers posts:
How to change the width of two dashboard panels in the first row from 50% 50% to 75% 25% in Simple XML for Splunk 6.2?
kkuderko was having an issue changing the size of panels on their dashboard, as do many users, which is why customizing Splunk …
Smart AnSwerS #5
Hey there Splunk community, welcome to the 5th installment of Smart AnSwerS and the first of 2015!
Just when I thought the first work week of the year was going to slowly ease me back in, Splunk Answers and, well, you all have been busier than ever and have gotten me to hit the ground running. What does that mean? Why, more material for me to work with for this blog series of course – Check out this week’s featured posts:
Why is syslog right into Splunk so bad/wrong?
I already had this post lined up to be featured and coincidentally, this topic actually came up at last night’s SF Bay Area Splunk User Group Meeting in the discussion …