Featured: Splunk Platform
Using generative AI to write and explain SPL searches
Splunk AI Assistant for SPL is the first generative AI offering created by Splunk that can create SPL searches from a natural language prompt. Splunk AI Assistant for SPL can also increase a user's knowledge by explaining the SPL with both a brief summary and a detailed breakdown of the search. Learn more in this article.
Featured: Ingest Processor
Using Ingest Processor to convert JSON logs into metrics
Splunk Ingest Processor pipeline templates provide a streamlined approach to transforming JSON log data into metrics that can be directly routed to a Splunk metrics index or Splunk Observability Cloud. In this article, you'll learn how to load Splunk Ingest Processor pipeline templates to create your own SPL2 pipeline.
Featured: Getting Data In
Expanding AWS log ingestion capabilities with custom logs in Splunk Data Manager
With Splunk Data Manager 1.9.0+, the same simplified CloudWatch ingest experience is available for an even broader array of custom AWS service and application logs. This ensures comprehensive coverage and deeper insights into AWS environments, facilitating efficient and scalable log management. Learn more in this article.
Resources for Splunk Program Managers
The Splunk Success Framework
Accelerate and increase the value you derive from your data with Splunk software using the Splunk Success Framework (SSF), a flexible collection of best practices for setting up Splunk Enterprise or Splunk Cloud Platform as a program.
Data Ingestion and Application
Data Descriptors
Bring data to every question, decision, and action across your organization with comprehensive guidance for getting data in and applying data to your key use cases.
Get the latest
New Articles
- Platform
- Turn data into doing to unlock innovation, enhance security and drive resilience.
- Security
- Protect your business and modernize your security operations with a best-in-class data platform.
- Observability
- Solve problems in seconds with the only full-stack, analytics-powered, and OpenTelemetry-native observability solution.
- Splunk Success Framework
- The Splunk Success Framework (SSF) is a flexible collection of best practices for setting up your Splunk software implementation as a program.
- Data Descriptors
- The data sources in use at your organization can all be linked to common use cases. Get recommendations from Splunk experts and then start getting answers from your data.
- Antivirus and antimalware data
- Application data
- Application server data
- Authentication data
- Backup data
- Vendor-specific data
- Endpoint detection and response (EDR) data
- Intrusion detection and prevention data (IDS and IPS)
- Load balancer data
- Email data
- Network communication data
- Patch management data
- Physical security data
- Web proxy data
- Change events data
- Configuration management data
- IP address assignment data
- Vulnerability detection data
- Web server data
- DNS data
- Linux and Unix
- Okta
- SAP
- Zscaler
- Zoom
- Zeek
- Websense
- VMware
- CrowdStrike
- Carbon Black
- Kubernetes
- Check Point
- Fortinet
- Salesforce
- Symantec
- Palo Alto Networks
- Trend Micro
- Tenable
- GitHub
- Atlassian
- AppDynamics
- Dell
- Syslog
- Apache
- Amazon
- Cisco
- Microsoft
- JupiterOne
- GitLab
- Mac OS
- Docker
- Firewall data
- MOVEit
- Skyhigh Security
- CyberArk
- OpenAI