Featured: Splunk Platform
Using federated search for Amazon S3 (FS-S3) to filter, enrich, and retrieve data from Amazon S3
This article explores a compliance use case to access and retrieve unfiltered, raw data stored in Amazon S3 for compliance and long-term retention. Using Splunk federated search for Amazon S3, admins can search and retrieve full raw datasets from Amazon S3 for compliance audits or in-depth analysis without storing all data in Splunk Cloud Platform.
Featured: Splunk Platform
Detecting and preventing fraud with the Splunk App for Fraud Analytics
The Splunk App for Fraud Analytics is a comprehensive fraud detection solution built on the existing development frameworks included with Splunk Enterprise Security. It offers fraud teams a standardized workflow, extensive interactive visual investigation capabilities, and a robust risk-based alerting framework.
Featured: ITSI
Understanding anomaly detection in ITSI
Anomaly detection can be a powerful tool which many users want to leverage. However, the detection algorithms are widely misunderstood. This article can help you gain needed clarification to understand the use cases for them and how to deploy them effectively.
Resources for Splunk Program Managers
The Splunk Success Framework
Accelerate and increase the value you derive from your data with Splunk software using the Splunk Success Framework (SSF), a flexible collection of best practices for setting up Splunk Enterprise or Splunk Cloud Platform as a program.
Data Ingestion and Application
Data Descriptors
Bring data to every question, decision, and action across your organization with comprehensive guidance for getting data in and applying data to your key use cases.
Get the latest
New Articles
- Platform
- Turn data into doing to unlock innovation, enhance security and drive resilience.
- Security
- Protect your business and modernize your security operations with a best-in-class data platform.
- Observability
- Solve problems in seconds with the only full-stack, analytics-powered, and OpenTelemetry-native observability solution.
- Splunk Success Framework
- The Splunk Success Framework (SSF) is a flexible collection of best practices for setting up your Splunk software implementation as a program.
- Data Descriptors
- The data sources in use at your organization can all be linked to common use cases. Get recommendations from Splunk experts and then start getting answers from your data.
- Antivirus and antimalware data
- Application data
- Application server data
- Authentication data
- Backup data
- Vendor-specific data
- Endpoint detection and response (EDR) data
- Intrusion detection and prevention data (IDS and IPS)
- Load balancer data
- Email data
- Network communication data
- Patch management data
- Physical security data
- Web proxy data
- Change events data
- Configuration management data
- IP address assignment data
- Vulnerability detection data
- Web server data
- DNS data
- Linux and Unix
- Okta
- SAP
- Zscaler
- Zoom
- Zeek
- Websense
- VMware
- CrowdStrike
- Carbon Black
- Kubernetes
- Check Point
- Fortinet
- Salesforce
- Symantec
- Palo Alto Networks
- Trend Micro
- Tenable
- GitHub
- Atlassian
- AppDynamics
- Dell
- Syslog
- Apache
- Amazon
- Cisco
- Microsoft
- JupiterOne
- GitLab
- Mac OS
- Docker
- Firewall data
- MOVEit
- Skyhigh Security
- CyberArk
- OpenAI
- Adobe
- NETSCOUT