Featured: Splunk Platform
Using file system destinations with file system as a buffer
Splunk Enterprise 9.3 introduces new capabilities with ingest actions to write a copy of events ingested to file system or directly to file system without local indexing. Data remains unchanged from its original raw payload, ensuring compatibility with Splunk add-ons and apps on both sending and receiving sides.
Featured: Observability Cloud
Using Kubernetes Horizontal Pod Autoscaling
This article explores Kubernetes Horizontal Pod Autoscaling, when you might use it, caveats you might hit when scaling pods, and how you can use Splunk Observability Cloud to gain insight into your Kubernetes environment to ensure you’re scaling efficiently and effectively.
Featured: Splunk Platform
Using scheduled export in Dashboard Studio
Starting with Splunk Cloud Platform 9.1.2312, you can schedule your Studio dashboards for scheduled email exports from the Actions menu. Scheduled email exports enable automated distribution of dashboards, ensuring timely updates and accessibility for team members without direct dashboard access.
Resources for Splunk Program Managers
The Splunk Success Framework
Accelerate and increase the value you derive from your data with Splunk software using the Splunk Success Framework (SSF), a flexible collection of best practices for setting up Splunk Enterprise or Splunk Cloud Platform as a program.
Data Ingestion and Application
Data Descriptors
Bring data to every question, decision, and action across your organization with comprehensive guidance for getting data in and applying data to your key use cases.
Get the latest
New Articles
- Platform
- Turn data into doing to unlock innovation, enhance security and drive resilience.
- Security
- Protect your business and modernize your security operations with a best-in-class data platform.
- Observability
- Solve problems in seconds with the only full-stack, analytics-powered, and OpenTelemetry-native observability solution.
- Splunk Success Framework
- The Splunk Success Framework (SSF) is a flexible collection of best practices for setting up your Splunk software implementation as a program.
- Data Descriptors
- The data sources in use at your organization can all be linked to common use cases. Get recommendations from Splunk experts and then start getting answers from your data.
- Antivirus and antimalware data
- Application data
- Application server data
- Authentication data
- Backup data
- Vendor-specific data
- Endpoint detection and response (EDR) data
- Intrusion detection and prevention data (IDS and IPS)
- Load balancer data
- Email data
- Network communication data
- Patch management data
- Physical security data
- Web proxy data
- Change events data
- Configuration management data
- IP address assignment data
- Vulnerability detection data
- Web server data
- DNS data
- Linux and Unix
- Okta
- SAP
- Zscaler
- Zoom
- Zeek
- Websense
- VMware
- CrowdStrike
- Carbon Black
- Kubernetes
- Check Point
- Fortinet
- Salesforce
- Symantec
- Palo Alto Networks
- Trend Micro
- Tenable
- GitHub
- Atlassian
- AppDynamics
- Dell
- Syslog
- Apache
- Amazon
- Cisco
- Microsoft
- JupiterOne
- GitLab
- Mac OS
- Docker
- Firewall data
- MOVEit
- Skyhigh Security
- CyberArk
- OpenAI