Featured: Splunk Platform
Sending masked PII data to the Splunk platform and routing unmasked data to federated search for Amazon S3
Splunk Federated Search for Amazon S3 allows you to search your data in Amazon S3 buckets directly from Splunk Cloud Platform without ingesting it. Edge Processor and Ingest Processor offer the capability to route data to customer-managed Amazon S3 buckets. This article explores a compliance use case to access and retrieve unfiltered, raw data stored in Amazon S3 for compliance and long-term retention.
Featured: ITSI
Building your own custom threshold templates
Splunk ITSI ships with 33 out-of-the-box thresholding templates with various permutations. It isn't always easy to determine what exactly these templates do or which one of these best fits your needs. Often, the default policies might not be appropriate for your KPIs. Therefore, it can often make more sense for an administrator to create custom templates, using your organization's naming conventions.
Featured: Observability Cloud
Accelerating an implementation of Kubernetes in Splunk Observability Cloud
This Splunk Observability Cloud Kubernetes accelerator is a comprehensive guide designed to help organizations at the beginning of their Kubernetes observability journey. By leveraging best practices in telemetry setup and OpenTelemetry integration, this accelerator provides a structured framework for monitoring your Kubernetes environment using Splunk Observability Cloud and the Splunk platform.
Accelerate your industry with ready-to-deploy Solution Accelerators from Splunk. Tailored for sectors like manufacturing and finance,
our analytics-driven solutions help you monitor, optimize, and secure operations for faster, smarter decision-making.
Resources for Splunk Program Managers
The Splunk Success Framework
Accelerate and increase the value you derive from your data with Splunk software using the Splunk Success Framework (SSF), a flexible collection of best practices for setting up Splunk Enterprise or Splunk Cloud Platform as a program.
Data Ingestion and Application
Data Descriptors
Bring data to every question, decision, and action across your organization with comprehensive guidance for getting data in and applying data to your key use cases.
Get the latest
New Articles
- Platform
- Turn data into doing to unlock innovation, enhance security and drive resilience.
- Security
- Protect your business and modernize your security operations with a best-in-class data platform.
- Observability
- Solve problems in seconds with the only full-stack, analytics-powered, and OpenTelemetry-native observability solution.
- Splunk Success Framework
- The Splunk Success Framework (SSF) is a flexible collection of best practices for setting up your Splunk software implementation as a program.
- Data Descriptors
- The data sources in use at your organization can all be linked to common use cases. Get recommendations from Splunk experts and then start getting answers from your data.
- Antivirus and antimalware data
- Application data
- Application server data
- Authentication data
- Backup data
- Vendor-specific data
- Endpoint detection and response (EDR) data
- Intrusion detection and prevention data (IDS and IPS)
- Load balancer data
- Email data
- Network communication data
- Patch management data
- Physical security data
- Web proxy data
- Change events data
- Configuration management data
- IP address assignment data
- Vulnerability detection data
- Web server data
- DNS data
- Linux and Unix
- Okta
- SAP
- Zscaler
- Zoom
- Zeek
- Websense
- VMware
- CrowdStrike
- Carbon Black
- Kubernetes
- Check Point
- Fortinet
- Salesforce
- Symantec
- Palo Alto Networks
- Trend Micro
- Tenable
- GitHub
- Atlassian
- AppDynamics
- Dell
- Syslog
- Apache
- Amazon
- Cisco
- Microsoft
- JupiterOne
- GitLab
- Mac OS
- Docker
- Firewall data
- MOVEit
- Skyhigh Security
- CyberArk
- OpenAI
- Adobe
- NETSCOUT
- Nagios