Featured: Splunk Platform
Monitoring removable media devices in Operational Technology environments
A security breach caused by a connected removable media device can cause significant financial loss, data theft, and operational disruption. Monitoring their usage can help you understand how security controls can be bypassed. This article explains how you can use the Splunk platform to detect connected removable media devices in your critical system environments.
Featured: Edge Processor
Using Edge Processor to save Splunk Virtual Compute
The more efficient a stack is, the more value you will get out of each Splunk Virtual Compute (SVC) and thus, your Splunk deployment. This document explains how Splunk Edge Processor can be used to replace Data Model Acceleration processes in order to reduce SVC utilization.
Featured: Splunk Platform
Configuring Splunk add-on for McAfee/Skyhigh Web Gateway
SkyHigh Secure Web Gateway (SWG) traffic, status, and access logs provide a rich source of data for ingesting into the Splunk platform. The Splunk Add-on for McAfee/SkyHigh Web Gateway takes events from SWG data sources and maps these to types compatible with the Splunk Common Information Model, as well as tags all events where relevant to specific CIM data models.
Resources for Splunk Program Managers
The Splunk Success Framework
Accelerate and increase the value you derive from your data with Splunk software using the Splunk Success Framework (SSF), a flexible collection of best practices for setting up Splunk Enterprise or Splunk Cloud Platform as a program.
Data Ingestion and Application
Data Descriptors
Bring data to every question, decision, and action across your organization with comprehensive guidance for getting data in and applying data to your key use cases.
Get the latest
New Articles
- Platform
- Turn data into doing to unlock innovation, enhance security and drive resilience.
- Security
- Protect your business and modernize your security operations with a best-in-class data platform.
- Observability
- Solve problems in seconds with the only full-stack, analytics-powered, and OpenTelemetry-native observability solution.
- Splunk Success Framework
- The Splunk Success Framework (SSF) is a flexible collection of best practices for setting up your Splunk software implementation as a program.
- Data Descriptors
- The data sources in use at your organization can all be linked to common use cases. Get recommendations from Splunk experts and then start getting answers from your data.
- Antivirus and antimalware data
- Application data
- Application server data
- Authentication data
- Backup data
- Vendor-specific data
- Endpoint detection and response (EDR) data
- Intrusion detection and prevention data (IDS and IPS)
- Load balancer data
- Email data
- Network communication data
- Patch management data
- Physical security data
- Web proxy data
- Change events data
- Configuration management data
- IP address assignment data
- Vulnerability detection data
- Web server data
- DNS data
- Linux and Unix
- Okta
- SAP
- Zscaler
- Zoom
- Zeek
- Websense
- VMware
- CrowdStrike
- Carbon Black
- Kubernetes
- Check Point
- Fortinet
- Salesforce
- Symantec
- Palo Alto Networks
- Trend Micro
- Tenable
- GitHub
- Atlassian
- AppDynamics
- Dell
- Syslog
- Apache
- Amazon
- Cisco
- Microsoft
- JupiterOne
- GitLab
- Mac OS
- Docker
- Firewall data
- MOVEit
- Skyhigh Security
- CyberArk
- OpenAI