Gathering data analytics from your Cisco environment will add mission critical (and potentially missing!) pieces of the constantly changing,  complex IT puzzle.  Splunk integrations with Cisco products and networking solutions empower IT organizations to quickly troubleshoot issues and outages, monitor end-to-end service levels and detect anomalies. 

Boss of the NOC is a gamified way for you to explore real data and IT scenarios. Use Splunk in a fun, competitive—but pressure-free—environment. Take the opportunity to investigate and solve interesting problems, and win fabulous prizes and awesome Splunk schwag while you’re at it.

In Splunk Enterprise Security versions before 4.7, Correlation Searches were spread across two configuration files – correlationsearches.conf and savedsearches.conf. This meant that it was virtually impossible to clone one – you had to use the “two-tab” method to do so: open one tab with the search you want to clone and another with a new search and then copy/paste. Yuck.

However, since Enterprise Security version 4.7, everything was collapsed into savedsearches.conf! Yay – now we can clone. If you do clone a Correlation Search from Settings->Saved Searches you will notice odd behavior because there is one setting that is not editable (or even visible) in the Saved Searches GUI.

During my early days as a Professional Service consultant, I used to travel from one customer site to another, effectively living out of a suitcase. I was in my mid-20’s, and the lifestyle was fun and adventurous — it gave me the freedom to work without being tied to a 9–5 office gig. However, there was one thing that I couldn’t escape no matter how many miles I flew: an overbearingly strict boss. 

My manager was your typical Type-A from New York City with a razor-sharp tone and someone who had never used a pleasantry in his whole life. It was all business all the time, and he demanded the solutions I was building be top-notch. I have to thank him for teaching me an extremely valuable lesson — one that I’d carry throughout the rest of my career making my customers successful. A motto he repeated so many times it’s permanently inked onto my soul: 

“Don’t ever make a dashboard unless it’s interactive!”

If you administer Splunk Enterprise Security then you have probably noticed a couple of issues about managing content:

• ES’s Content Manager isn’t very zippy.
• Getting an overview of your ES Content is difficult.

I wrote the ES Configuration Explorer App to solve these issues for my own use, as someone who delivers Enterprise Security Professional Services, so I thought I’d share it with everyone!

I recently had a customer request to see what I could do about getting their Wonderware industrial control data (SCADA) into Splunk. Their motivation was simple: help us focus on what’s important. They were generating tens-of-gigabytes of data per day – much of which was noise – and the built-in Wonderware reporting tools were sub-optimal. It didn’t take too long and they were extremely pleased with the results!

During the Holiday Season I was doing what a lot of professionals in my industry do. I was enjoying some well deserved time off, spending time with my family, and closing out one particular task that I despise more than anything: submitting expense reports.

While slogging through hundreds of e-mail receipts, cancelled rides, and surge pricing statements I started to think, “man, I sure do take a lot of Uber rides”. Then a brilliant idea struck me! I should make an Uber Splunk App.

What follows is a three-part series dedicated to showing you how the sausage is made. How to go from a tiny inkling of an idea to a full-fledged use case. Why you should leverage a powerful data visualization tool (like Splunk) for rapid prototyping. Instead of focusing on the technical nuts-and-bolts we’ll explore “big ideas” like design, approach, and how to incorporate user feedback.

Follow these guidelines and your next Splunk App will be more intuitive, tell a more impactful story, and increase the value from your big data solution.

Large data sets have become a massive factor in how healthcare organizations identify new opportunities and improve overall patient experience and outcomes. Successful Big Data projects need alignment from the appropriate teams in your organization, including Executives, IT, Healthcare Practitioners, and others; Big Data adoption is complicated, and there are several barriers to getting the most out of a data set.

So you have Splunk and F5 but are thoroughly confused about which F5 App to use because Splunkbase has eight! 

Day 1: You’ve just finished migrating applications to the cloud and breathe a sigh of relief.
Day 2: You turn on the service and everything works. Whew!
Day 3: You get the first invoice and about fall out of your chair.

There's a false rumor going around that monitoring and managing cloud spend is a full-time job. Application and technology owners hear horror stories of AWS invoices far exceeding what they expected. The problem isn't astronomical AWS prices or hidden costs -- No, the real problem is a lack of budgeting policies & proper visibility. Based on my experience migrating large enterprise customers from data-centers to the cloud, I've developed a few techniques to solve this business challenge: