So, you built an amazing dashboard in Splunk and nobody knows how to use it. Now what? The title and description help, but the forms aren’t documented well enough for them to be intuitive. The obvious solution would be text descriptions or tooltips on each form...
We explore the concept of fuzzy logic and apply it to Splunk with our Fuzzylookup app.
Take a deep dive into the tstats command to see how it can help you build better reports and dashboards, along with potential pitfalls and how to work around them.
Common Information Model was created to build use cases regardless of what vendor your data comes from, and has become a staple of any Enterprise Security (ES) deployment. But is it efficient? Certainly not out of the box.
We introduced a new Splunk app last week called HTTP Event Push (HEP). As the name implies, it enables you to push Splunk search results to a remote HTTP endpoint.