AdvancedMD Customer Presentation

•

2 likes•809 views

This document summarizes Tyler Germer's presentation on AdvancedMD's use of Splunk for log management and monitoring. Some key points: - AdvancedMD uses Splunk to gain visibility across its infrastructure including applications, networking, and other systems. This has helped reduce troubleshooting time. - Their Splunk deployment includes indexers, search heads, forwarders and syslog servers ingesting logs from over 600 systems. - Splunk has provided operational intelligence and helped identify issues quickly, such as spotting errors in a software release within 30 minutes. - AdvancedMD aims to expand Splunk usage to other teams and applications and upgrade their deployment.

2
Tyler Germer
Manager, Platform Operations
AdvancedMD

3
ADP AdvancedMD
AdvancedMD
• Acquired by ADP 4 years ago
• Practice Management
• EHR
• Mobile offering
• AdvancedInsight™ Reporting
ADP (parent company)
• $11B revenue
• 620,000 clients

4
About Tyler
Manager - Platform Operations Team
ADP employee for 3.5 years
Experience in all areas of system administration / networking
Evangelist / Believer in Splunk
Enjoy the gym, racquetball, and good food
Originally from Canada …love watching Hockey. Go
AVALANCHE!!

5
Operations Team Charter
Managing our data center, production
server, infrastructure
Patching our online medical
applications
Reduce client impacting incidents
Ensure application uptime
Work with support teams on customer
issues

6
Previous Monitoring Solutions: Key Challenges
“Splunk was going to do everything our monitoring solutions couldn't.”
• Broad infrastructure – HP blade servers,
F5 load balancers, Juniper/Cisco switches
– everything is generating logs
• Monitoring solutions told us different
things (Nagios, Event Sentry, Cacti)
• Cumbersome to find answers
Hard to
troubleshoot
quickly and find
root cause

7
Splunk Phase 1
- Visibility across the Stack (single
pane of glass) – application,
networking, etc.
- Configure saved reports /
dashboards
- Utilize flexibility of Splunk
All Logs
“Phase 1 – Operational
Intelligence – find out the
things we weren't seeing.”

8
Splunk Architecture
5 x Indexers (HP DL380) – physical
10 x Search Heads – virtual
4 x Heavy Forwarders – virtual
4 x SyslogNG Servers – Virtual
620WindowsUniversalForwarders(abouttodouble)–Virtual/Physical
Approx. 100 networking devices
1 Deployment Server (Corp) / License Server and 1 Cluster Master
1 Deployment Server (Prod)

9
Splunk: Cluster Topology
Data sources
• Windows event logs, IIS logs
• Syslogs from firewall, switches, SAN
storage devices, Aruba wireless, VPN, HP
OA
• Custom logs
Indexing
• Set up for 300-350 GB
• Current: 20.0 GB
Applications
• Splunk for Juniper / Cisco, Splunk App for
Stream, Prelert

11
Fast Time to Value with Splunk
"Before Splunk, it took days if not weeks to find source of a problem, now it only
takes minutes or hours."
Software release planned
Within 30 min of software release we saw
trend of huge errors
Reached out to Engineering immediately to
point them to errors and so they could fix the
code before customer impact
Splunk came to the rescue – data is so visible
we were able to react quickly

12
Splunk in the Operations Team
Everyone MUST use Splunk
– Mandatory goal of taking Using Splunk Training
Currently 10 users, users from other Departments underway
2 actively working on providing more value through Splunk
Teams look at Splunk on patch nights
– Look at potential Errors
Splunk User Group @ Salt Lake City – Email: Tyler Germer
tgermer@advancedmd.com

13
Lessons Learned
Managers … LISTEN to your employees
It’s very easy to get data into Splunk
Real art is getting valuable data out / asking the right questions
Splunk Deployment Server is your friend
Docs.splunk.com is FANTASTIC
Splunk IRC … nerds helping nerds
Great book – Big Data Analytics Using Splunk

14
What’s Next – Long Term Vision
"Splunk IS a game changer for ADP AdvancedMD."
MORE SPLUNK - Splunk for Sales, Engineering, Security, etc.
Using more Splunk Apps to get quicker return on investment
– Splunk Apps for F5, SQL, Exchange, Active Directory, NetApp
Embrace DB-Connect (underway)
Upgrading to Splunk Enterprise 6.2.2
Replace Event Sentry with Splunk (underway)
Splunk architectural review
Proactive customer service and business analytics

Group Health Cooperative uses Splunk's software and CIRTA system to conduct incident response. It ingests logs from various systems using Splunk and analyzes the data to detect anomalies and security incidents. When incidents are found, CIRTA is used to track, investigate, and categorize each incident to measure the effectiveness of the response. Examples provided show how Splunk detected phishing attempts and vulnerable systems to help Group Health address security issues.

University of Alberta Customer Presentation

Splunk

Greg Dostatni is the team lead for application hosting at the University of Alberta. He manages a 10 person team responsible for managing applications and databases across the university. The university implemented Splunk in 2013 to help address challenges around siloed data and reactive troubleshooting after restructuring IT operations. Splunk provides centralized logging, real-time monitoring and alerts, and customizable dashboards. This has improved initial incident response times from half an hour to gather data to immediately investigating issues. Splunk also allows tracking of key metrics like authentication system transactions and performance monitoring across the university's systems.

WestJet Customer Presentation

Splunk

WestJet Airlines is a Canadian airline founded in 1996 that has grown to operate over 425 flights per day to over 90 destinations across North America and Central America. The Solutions Architect at WestJet discusses how they implemented Splunk to gain visibility into their various systems like websites and apps. Splunk has helped WestJet troubleshoot issues faster, identify performance problems, and answer ad-hoc questions by consolidating their logs in one place.

SplunkLive! Customer Presentation - Cisco Systems, Inc.

Splunk

This document discusses using Splunk as a security information and event management (SIEM) tool. It describes how Cisco's Computer Security Incident Response Team (CSIRT) uses Splunk to monitor over 1 terabyte of log data per day across Cisco's global operations. The document contrasts old approaches that relied on vendor-provided reports with new approaches like hunting for threats by building custom queries. It emphasizes an iterative process of filtering, refining queries to find bad traffic and saving reusable searches to automate threat detection.

Customer Presentation, FirstSolar

Splunk

First Solar is a global leader in solar energy solutions with over 10 GW installed worldwide. They chose Splunk as their security information and event management (SIEM) solution after their previous solution provided cryptic, unusable alerts that wasted analysts' time. Splunk has provided First Solar with clarity into their environment, allowing them to distinguish real threats from false positives in under 30 minutes and improving security. They use Splunk for dashboards, malware detection, and accurate searches to quickly respond to incidents. First Solar now has complete visibility and faster response times with Splunk.

How to Design, Build and Map IT and Biz Services Breakout Session

Splunk

This document provides information on how to design and implement service intelligence using Splunk. It discusses identifying critical business services and issues to focus on, bringing subject matter experts together in a collaborative workshop to design service models before configuration. The workshop uses a case study of the gaming company Buttercup Games to design a supply chain service intelligence model, mapping key performance indicators and services across infrastructure, application, and business layers to gain visibility into issues impacting customer experience and revenue. Attendees are encouraged to sign up for a similar joint workshop with Splunk to start unlocking the value of their machine data.

Machine Learning and Analytics Breakout Session

Splunk

This document provides an overview of machine learning and how it can be used with Splunk. It discusses what machine learning is, the different types of machine learning, and common use cases in IT operations, security, and business analytics. It also summarizes how machine learning can be implemented using Splunk, including exploring data, building models, applying and validating models, and operationalizing models. The document encourages attendees to try out the free Splunk Machine Learning Toolkit and Showcase app.

SplunkLive! Austin Customer Presentation - Baylor

Splunk

- Baylor University is a private Christian university in Waco, Texas with over 17,000 students. The CISO, Jon Allen, built the university's security program from the ground up over 17 years. - Before Splunk, it was difficult and inefficient for the security team to search logs and get the information they needed across different systems in a timely manner. - Splunk provided a single platform to integrate and search all their log data, allowing the security team to quickly gain visibility, troubleshoot issues, and meet compliance requirements. It also helped break down silos between different IT teams. - Splunk has improved operational efficiency by reducing the time to find information from hours to minutes. It also fosters

Splunk is a software company headquartered in San Francisco with additional offices in London and Hong Kong. They have over 2,100 employees and annual revenue of $668.4 million, growing 49% year-over-year. Their products include Splunk Enterprise, Splunk Cloud, and other solutions for collecting, analyzing, and visualizing machine-generated data from websites, applications, sensors, and other sources. Splunk has over 11,000 customers across more than 110 countries, including 80 of the Fortune 100. Their largest customer indexes over 1 petabytes of data per day.

Splunk for Developers

Splunk

This document discusses Splunk for developers. It provides an overview of empowering developers with Splunk, building Splunk apps, and gaining application intelligence across the development lifecycle. Key points include instrumenting application logs for insights, integrating and extending Splunk, building unit testing and code integration, and gaining end-to-end visibility across development tools. The document also discusses resources for Splunk developers including tutorials, code samples, SDKs, and developer licenses.

SplunkLive! Customer Presentation – Covance Inc"

Splunk

Covance is a global drug development company headquartered in Princeton, NJ with over 12,000 employees worldwide. Jessie Ridge is a senior security engineer who helped build Covance's security program from the ground up. Previously, Covance had limited security visibility due to outdated tools and data silos. They implemented Splunk to gain a single source of visibility across their systems. Splunk provided improved security and faster investigations by ingesting various log types. It has since expanded to other teams and grown from processing 10GB of data per day to over 900GB with 25+ users.

Getting Started with Splunk Enterprise Hands-On Breakout Session

Splunk

Splunk in the Cisco Unified Computing System (UCS)

Splunk

Cisco has been a Splunk customer for 8 years, with a strong engineering partnership for 3+ years. Learn how several Cisco customers as well as Cisco IT have deployed, grown, and transformed our businesses using the advantages of Splunk Enterprise software together with Cisco UCS and Nexus hardware. We will also talk about scalability and performance considerations for all scales of data footprint and business growth.

Splunk for Enterprise Security featuring UBA Breakout Session

Splunk

This document provides an overview and update on Splunk's Enterprise Security and User Behavior Analytics solutions. It discusses the latest releases of Splunk Enterprise, Enterprise Security, and User Behavior Analytics. It describes the key functions and use cases of Enterprise Security, which provides security monitoring, alert management, and incident response capabilities. It also outlines the main functions and use cases of User Behavior Analytics, which uses unsupervised machine learning to detect anomalies and advanced threats. The document promotes Splunk as an effective security intelligence platform to collect, analyze, and investigate machine data from various sources.

Machine Learning + Analytics in Splunk

Splunk

Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms. In this session, we'll present an overview of the app architecture and API and show you how to use Splunk to easily perform a variety of tasks, including outlier and anomaly detection, predictive analytics, and event clustering. We’ll use real data to explore these techniques and explain the intuition behind the analytics.

Getting Started with Splunk Enterprise Hands-On

Splunk

This document provides an overview and demonstration of Splunk software. It outlines an agenda to discuss why Splunk, how to install and use Splunk through a live demonstration, Splunk deployment architectures, and communities for help. The live demonstration shows importing sample data, performing searches, creating alerts and dashboards. It also discusses pivoting, field extraction, analytics, and scaling Splunk deployments.

Customer Presentation - Financial Services Organization

Splunk

The document discusses the experience of migrating from an old SIEM to Splunk Enterprise Security (ES). Key points include: - The old SIEM was difficult to maintain, slow, and lacked community support. Splunk provided better performance and capabilities. - Logs were migrated to Splunk one source at a time after normalization. Analysts found Splunk easier to use. - A proof of concept with ES showed its advanced correlations, dashboards, and incident management capabilities beyond core Splunk. - ES provides templates for searches, alerts, and workflows that would have taken months to recreate. It is a more complete SIEM solution.

Distributed Management Console Breakout Session

Splunk

This document provides a summary of the Distributed Management Console (DMC) 6.2 from Splunk. It discusses the continuous investment in management and monitoring capabilities. It provides a history of Splunk's monitoring tools and describes the DMC architecture. It demonstrates the DMC's search head clustering, indexer clustering, indexes and volumes, and forwarder monitoring views which provide insights into deployments. It also shows the topology view that visually represents distributed Splunk installations.

Cisco and Splunk: Under the Hood of Cisco IT Breakout Session

Splunk

Cisco has a long-standing relationship with Splunk, using its software and services for IT operations, security analytics, and other purposes across its global data centers. Some key points: - Cisco has used Splunk for over 7 years to monitor over 70 applications and aggregate data from various systems. - Splunk helps Cisco improve IT operations by reducing issues by 50% and resolution times by 90%, and reducing operational costs by 80%. - Cisco's security team uses Splunk to conduct investigations, detecting up to 2-3 million security events per day from various sources. This allows for faster investigations and automated tasks. - Cisco designs and validates architectures for running Splunk on its Cisco UCS servers

Design, Build and Map IT and Business Services in Splunk

Splunk

This document provides an overview of how to design, build, and map IT and business services in Splunk. It discusses identifying critical business services and problems, collaborating with subject matter experts to design service models, and using Splunk's service intelligence capabilities like glass tables and visualizations to gain insights. An example problem for a company called Buttercup Games is presented, showing how to map their supply chain services and key performance indicators to help address frequent issues impacting customer experience and revenue. The document promotes harnessing organizational knowledge through a collaborative workshop with Splunk to define methods for proactive monitoring, reduced risk, faster resolution, and increased performance of important business services.

FVCP Splunk Presentation

Straight North

Splunk is a tool that allows users to index, search, and analyze data from various IT systems and applications in a single interface. It features real-time indexing, ad-hoc searching, reporting, dashboards, monitors, alerts, and an API. Splunk is available in community and enterprise versions and supports Windows, Linux, and Mac operating systems. Documentation, software downloads, and whitepapers are available on Splunk's website.

SplunkLive! Austin Customer Presentation - Xerox

Splunk

Xerox uses Splunk to monitor its electronic payment processing systems. Some key benefits of Splunk include huge time savings over its previous Tivoli platform, increased efficiencies across the business from automated features, and improved visibility into transaction processing through Splunk dashboards. Splunk helps with IT operations monitoring, compliance activities, fraud management, and SSL certificate management. Xerox is able to track $90 billion in payments annually and monitor fraud in real-time using Splunk.

Splunk for Enterprise Security featuring UBA Breakout Session

Splunk

This document provides an overview of a presentation given by Dave Herrald, a security architect at Splunk, on Splunk's Enterprise Security and User Behavior Analytics solutions. The presentation covered new features in Splunk Enterprise Security 4.1, including enhanced threat intelligence integration, risk-based searching and incident review, and integration with Splunk User Behavior Analytics. It also reviewed capabilities in Splunk User Behavior Analytics 2.2 like custom threat modeling, expanded attack coverage, and context enrichment.

How to Design, Build and Map IT and Business Services in Splunk

Splunk

Your IT department supports critical business functions, processes and products. You're most effective when your technology initiatives are closely aligned and measured with specific business objectives. This session covers best practices and techniques for designing and building an effective service model, using the domain knowledge of your experts and capturing and reporting on key metrics that everyone can understand. We will design a sample service model and map them to performance indicators to track operational and business objectives. We will also show you how to make Splunk service-ware with Splunk IT Service Intelligence (ITSI).

Customer Presentation - KCP&L

Splunk

William Aune is the lead security analyst at KCP&L, an electric utility company serving over 800,000 customers. He has over 12 years of experience in IT security. KCP&L implemented Splunk in 2014 to centralize log management and has continued finding value from the platform. They index around 80GB of data per day from various sources. Some examples of how Splunk has helped KCP&L include identifying a vendor issue from firewall and DoS appliance logs, gaining geographic context with GeoIP, and detecting potential network scanning. Going forward, KCP&L aims to index more logs and develop custom apps to provide tailored insights for different teams.

Splunk for Enterprise Security featuring User Behavior Analytics

Splunk

This session will review Splunk’s two premium solutions - Splunk Enterprise Security (ES) is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams.

Improve the Impact of DevOps

Splunk

Splunk live university of alberta 2015

dostatni

Greg Dostatni is the team lead for application hosting at the University of Alberta. He manages a 10 person team responsible for managing applications and databases across the university. The university implemented Splunk in 2013 to help address challenges around siloed data and reactive troubleshooting. Splunk provides centralized logging, real-time monitoring and alerts, and dashboards to help monitor performance, troubleshoot authentication systems, and provide insights for executives. While Splunk has helped improve visibility and incident response, challenges remain around log standardization and understanding normal system behavior from logs.

Splunk at Sabre

Splunk

- John Bland is a senior software developer at Sabre who is responsible for Splunk implementation and uses it extensively in his work. - Before Splunk, Sabre struggled to view logs from different locations and applications in a centralized way and had to manually search through logs. - Sabre now uses Splunk across multiple environments to gain visibility into applications, monitor performance, streamline development processes, and improve support capabilities. - Splunk has helped Sabre improve uptime, reduce troubleshooting time, and provide better support to internal teams and customers. Sabre continues expanding their use of Splunk across more processes.

Splunk live! Customer Presentation – Wellsfargo

Splunk

Nick Gordon leads the Monitoring Strategies and Engineering team at Wells Fargo. He discusses how Wells Fargo uses Splunk for monitoring their digital channels. Wells Fargo has over 22 million online and mobile customers and Splunk helps them track customers across many systems. Splunk provides a centralized place to store and correlate log data from different applications. It improved their ability to analyze logs and trace customer flows. Splunk also helps with application performance monitoring, decision analytics, and geolocation services. Gordon provides some best practices including establishing log standards, balancing log volume, and protecting private information.

What's hot

Splunk @ Adobe

Splunk

Splunk for Developers

Splunk

SplunkLive! Customer Presentation – Covance Inc"

Splunk

Getting Started with Splunk Enterprise Hands-On Breakout Session

Splunk

Splunk in the Cisco Unified Computing System (UCS)

Splunk

Splunk for Enterprise Security featuring UBA Breakout Session

Splunk

Machine Learning + Analytics in Splunk

Splunk

Getting Started with Splunk Enterprise Hands-On

Splunk

Customer Presentation - Financial Services Organization

Splunk

Distributed Management Console Breakout Session

Splunk

Cisco and Splunk: Under the Hood of Cisco IT Breakout Session

Splunk

Design, Build and Map IT and Business Services in Splunk

Splunk

FVCP Splunk Presentation

Straight North

SplunkLive! Austin Customer Presentation - Xerox

Splunk

Splunk for Enterprise Security featuring UBA Breakout Session

Splunk

How to Design, Build and Map IT and Business Services in Splunk

Splunk

Customer Presentation - KCP&L

Splunk

Splunk for Enterprise Security featuring User Behavior Analytics

Splunk

Improve the Impact of DevOps

Splunk

Splunk live university of alberta 2015

dostatni

Greg Dostatni is the team lead for application hosting at the University of Alberta. He manages a 10 person team responsible for managing applications and databases across the university. The university implemented Splunk in 2013 to help address challenges around siloed data and reactive troubleshooting. Splunk provides centralized logging, real-time monitoring and alerts, and dashboards to help monitor performance, troubleshoot authentication systems, and provide insights for executives. While Splunk has helped improve visibility and incident response, challenges remain around log standardization and understanding normal system behavior from logs.

What's hot (20)

Splunk @ Adobe

Splunk for Developers

SplunkLive! Customer Presentation – Covance Inc"

Getting Started with Splunk Enterprise Hands-On Breakout Session

Splunk in the Cisco Unified Computing System (UCS)

Splunk for Enterprise Security featuring UBA Breakout Session

Machine Learning + Analytics in Splunk

Getting Started with Splunk Enterprise Hands-On

Customer Presentation - Financial Services Organization

Distributed Management Console Breakout Session

Cisco and Splunk: Under the Hood of Cisco IT Breakout Session

Design, Build and Map IT and Business Services in Splunk

FVCP Splunk Presentation

SplunkLive! Austin Customer Presentation - Xerox

Splunk for Enterprise Security featuring UBA Breakout Session

How to Design, Build and Map IT and Business Services in Splunk

Customer Presentation - KCP&L

Splunk for Enterprise Security featuring User Behavior Analytics

Improve the Impact of DevOps

Splunk live university of alberta 2015

Splunk

Universities have more in common with modern cities than traditional places of learning. This mini city needs to empower its citizens to thrive and achieve their ambitions. Operationalising data is key to building critical services; from understanding complex IT estates for smarter decision-making to robust security and a more reliable, resilient student experience. Juan will share his experience in building data foundations for a resilient future whilst enabling digital transformation at Imperial College London.

Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...

Splunk

SOC, Amore Mio! | Security Webinar

Splunk

.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own. Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo. So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including: Top challenges faced in improving security posture Key KPIs implemented in order to measure success Strategies and approaches applied in the SOC How MITRE ATT&CK and Splunk Enterprise Security were utilised Next steps in their maturity journey ahead

.conf Go 2022 - Observability Session

Splunk

This document summarizes a presentation about observability using Splunk. It includes an agenda introducing observability and why Splunk for observability. It discusses the need for modernization initiatives in companies and the thousands of changes required. It presents that Splunk provides end-to-end visibility across metrics, traces and logs to detect, troubleshoot and optimize systems. It shares a customer case study of Accenture using Splunk observability in their hybrid cloud environment. Finally, it concludes that observability with Splunk can drive results like reduced downtime and faster innovation.

.conf Go Zurich 2022 - Keynote

Splunk

This document contains slides from a Splunk presentation covering the following topics: - Updated Splunk logo and information about meetings in Zurich and sales engineering leads - Ideas for confused or concerned human figures in design concepts - Three buckets of challenges around websites slowing, apps being down, and supply chain issues - Accelerating mean time to detect, identify, respond and resolve through cyber resilience with Splunk - Unifying security, IT and DevOps teams - Splunk's technology vision focusing on customer experience, hybrid/edge, unleashing data lakes, and ubiquitous machine learning - Gaining operational resilience through correlating infrastructure, security, application and user data with business outcomes

.conf Go Zurich 2022 - Platform Session

Splunk

This document summarizes a presentation about Splunk's platform. It discusses Splunk's mission of helping customers create value faster with insights from their data. It provides statistics on Splunk's daily ingest and users. It highlights examples of how Splunk has helped customers in areas like internet messaging and convergent services. It also discusses upcoming challenges and new capabilities in Splunk like federated search, flexible indexing, ingest actions, improved data onboarding and management, and increased platform resilience and security.

.conf Go Zurich 2022 - Security Session

Splunk

The document appears to be a presentation from Splunk on security topics. It includes sections on cyber security resilience, the data-centric modern SOC, application monitoring at scale, threat modeling, security monitoring journeys, self-service Splunk infrastructure, the top 3 CISO priorities of risk based alerting, use case development, a security content repository, security PVP (posture, vision, and planning) and maturity assessment, and concludes with an overview of how Splunk can provide end-to-end visibility across an organization.

More from Splunk (20)

.conf Go 2023 - Data analysis as a routine

.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV

.conf Go 2023 - Navegando la normativa SOX (Telefónica)

.conf Go 2023 - Raiffeisen Bank International

.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett

.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)

.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...

.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...

.conf go 2023 - De NOC a CSIRT (Cellnex)

conf go 2023 - El camino hacia la ciberseguridad (ABANCA)

Splunk - BMW connects business and IT with data driven operations SRE and O11y

Splunk x Freenet - .conf Go Köln

Splunk Security Session - .conf Go Köln

Data foundations building success, at city scale – Imperial College London

Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...

SOC, Amore Mio! | Security Webinar

.conf Go 2022 - Observability Session

.conf Go Zurich 2022 - Keynote

.conf Go Zurich 2022 - Platform Session

.conf Go Zurich 2022 - Security Session

Recently uploaded

GraphRAG for Life Science to increase LLM accuracy

Tomaz Bratanic

Things to Consider When Choosing a Website Developer for your Website | FODUU

FODUU

Best 20 SEO Techniques To Improve Website Visibility In SERP

Pixlogix Infotech

How to Get CNIC Information System with Paksim Ga.pptx

danishmna97

Artificial Intelligence for XMLDevelopment

Octavian Nadolu

In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject. We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup. Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved. The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring. The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise. By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.

Serial Arm Control in Real Time Presentation

tolgahangng

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

Driving Business Innovation: Latest Generative AI Advancements & Success Story

Safe Software

Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency. During the hour, we’ll take you through: Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board. Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes. Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI. We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI. This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!

Essentials of Automations: The Art of Triggers and Actions in FME

Safe Software

In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation. We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios. Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!

GenAI Pilot Implementation in the organizations

kumardaparthi1024

TrustArc Webinar - 2024 Global Privacy Survey

TrustArc

How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024? In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores. See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe. This webinar will review: - The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey - The top challenges for privacy leaders, practitioners, and organizations in 2024 - Key themes to consider in developing and maintaining your privacy program

Full-RAG: A modern architecture for hyper-personalization

Zilliz

Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

akankshawande

みなさんこんにちはこれ何文字まで入るの？40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの？えこ...

名前です男

Monitoring and Managing Anomaly Detection on OpenShift.pdf

Tosin Akinosho

Monitoring and Managing Anomaly Detection on OpenShift Overview Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices. Key Topics Covered 1. Introduction to Anomaly Detection - Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems. 2. Understanding Edge (IoT) - Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source. 3. What is ArgoCD? - Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices. 4. Deployment Using ArgoCD for Edge Devices - Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD. 5. Introduction to Apache Kafka and S3 - Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions. 6. Viewing Kafka Messages in the Data Lake - Learn how to view and analyze Kafka messages stored in a data lake for better insights. 7. What is Prometheus? - Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices. 8. Monitoring Application Metrics with Prometheus - Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system. 9. What is Camel K? - Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes. 10. Configuring Camel K Integrations for Data Pipelines - Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow. 11. What is a Jupyter Notebook? - Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text. 12. Jupyter Notebooks with Code Examples - Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.

“I’m still / I’m still / Chaining from the Block”

Claudio Di Ciccio

Building Production Ready Search Pipelines with Spark and Milvus

Zilliz

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack

shyamraj55

20240605 QFM017 Machine Intelligence Reading List May 2024

Matthew Sinclair

Programming Foundation Models with DSPy - Meetup Slides

Zilliz

Recently uploaded (20)

GraphRAG for Life Science to increase LLM accuracy

Things to Consider When Choosing a Website Developer for your Website | FODUU

Best 20 SEO Techniques To Improve Website Visibility In SERP

How to Get CNIC Information System with Paksim Ga.pptx

Artificial Intelligence for XMLDevelopment

Serial Arm Control in Real Time Presentation

Removing Uninteresting Bytes in Software Fuzzing

Driving Business Innovation: Latest Generative AI Advancements & Success Story

Essentials of Automations: The Art of Triggers and Actions in FME

GenAI Pilot Implementation in the organizations

TrustArc Webinar - 2024 Global Privacy Survey

Full-RAG: A modern architecture for hyper-personalization

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

Monitoring and Managing Anomaly Detection on OpenShift.pdf

“I’m still / I’m still / Chaining from the Block”

Building Production Ready Search Pipelines with Spark and Milvus

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack

20240605 QFM017 Machine Intelligence Reading List May 2024

Programming Foundation Models with DSPy - Meetup Slides

AdvancedMD Customer Presentation

2. 2 Tyler Germer Manager, Platform Operations AdvancedMD

3. 3 ADP AdvancedMD AdvancedMD • Acquired by ADP 4 years ago • Practice Management • EHR • Mobile offering • AdvancedInsight™ Reporting ADP (parent company) • $11B revenue • 620,000 clients

4. 4 About Tyler Manager - Platform Operations Team ADP employee for 3.5 years Experience in all areas of system administration / networking Evangelist / Believer in Splunk Enjoy the gym, racquetball, and good food Originally from Canada …love watching Hockey. Go AVALANCHE!!

5. 5 Operations Team Charter Managing our data center, production server, infrastructure Patching our online medical applications Reduce client impacting incidents Ensure application uptime Work with support teams on customer issues

6. 6 Previous Monitoring Solutions: Key Challenges “Splunk was going to do everything our monitoring solutions couldn't.” • Broad infrastructure – HP blade servers, F5 load balancers, Juniper/Cisco switches – everything is generating logs • Monitoring solutions told us different things (Nagios, Event Sentry, Cacti) • Cumbersome to find answers Hard to troubleshoot quickly and find root cause

7. 7 Splunk Phase 1 - Visibility across the Stack (single pane of glass) – application, networking, etc. - Configure saved reports / dashboards - Utilize flexibility of Splunk All Logs “Phase 1 – Operational Intelligence – find out the things we weren't seeing.”

8. 8 Splunk Architecture 5 x Indexers (HP DL380) – physical 10 x Search Heads – virtual 4 x Heavy Forwarders – virtual 4 x SyslogNG Servers – Virtual 620WindowsUniversalForwarders(abouttodouble)–Virtual/Physical Approx. 100 networking devices 1 Deployment Server (Corp) / License Server and 1 Cluster Master 1 Deployment Server (Prod)

9. 9 Splunk: Cluster Topology Data sources • Windows event logs, IIS logs • Syslogs from firewall, switches, SAN storage devices, Aruba wireless, VPN, HP OA • Custom logs Indexing • Set up for 300-350 GB • Current: 20.0 GB Applications • Splunk for Juniper / Cisco, Splunk App for Stream, Prelert

10. 10 AdvancedMD Splunk EcoSystem

11. 11 Fast Time to Value with Splunk "Before Splunk, it took days if not weeks to find source of a problem, now it only takes minutes or hours." Software release planned Within 30 min of software release we saw trend of huge errors Reached out to Engineering immediately to point them to errors and so they could fix the code before customer impact Splunk came to the rescue – data is so visible we were able to react quickly

12. 12 Splunk in the Operations Team Everyone MUST use Splunk – Mandatory goal of taking Using Splunk Training Currently 10 users, users from other Departments underway 2 actively working on providing more value through Splunk Teams look at Splunk on patch nights – Look at potential Errors Splunk User Group @ Salt Lake City – Email: Tyler Germer tgermer@advancedmd.com

13. 13 Lessons Learned Managers … LISTEN to your employees It’s very easy to get data into Splunk Real art is getting valuable data out / asking the right questions Splunk Deployment Server is your friend Docs.splunk.com is FANTASTIC Splunk IRC … nerds helping nerds Great book – Big Data Analytics Using Splunk

14. 14 What’s Next – Long Term Vision "Splunk IS a game changer for ADP AdvancedMD." MORE SPLUNK - Splunk for Sales, Engineering, Security, etc. Using more Splunk Apps to get quicker return on investment – Splunk Apps for F5, SQL, Exchange, Active Directory, NetApp Embrace DB-Connect (underway) Upgrading to Splunk Enterprise 6.2.2 Replace Event Sentry with Splunk (underway) Splunk architectural review Proactive customer service and business analytics

15. 15 Going above and beyond …

16. Thank You

Editor's Notes

ADP’s flagship venture into the Medical industry ADP highly vested in helping AdvancedMD be successful PM: running the financial / business part of the company, EHR (Electronic Health Records) – running the medical side of the business, as well as some other offerings like ODBC and SFTP connectivity for secure transfer of data AdvancedInsight: advanced business analytics for our customers LOTS of HIPAA data. Security, Operation Intelligence, and data awareness very important
Manager for coming up on 2 years. Worked as a Sys Admin under the team before that 12 years experience working in all areas of System Administration and Networking Splunk project took roughly 1.5 years to get approved, purchased, installed / configured
My team’s responsibility is to ensure functionality, uptime, and maintenance of our Production Data Center, as well as the server, networking, and SAN infrastructure at our corporate office We also maintain and update our Practice Management and EHR applications Our goal is always to reduce / remove client impacting incidents by being very aware of our environment, how it is running, and what needs to be improved We also work heavily with our Client Support teams, to help resolve any client issues related to our infrastructure We invest heavily in monitoring, so that we can hear and feel the ‘heartbeat’ of our infrastructure at all times We have actually had vendors tell us that they appreciate the level of monitoring that we have, because it helps them know that THEY have a problem … Splunk was the obvious next step in taking our monitoring to even greater levels
Before Splunk, even with the thoroughness of our monitoring, there were still challenges Our infrastructure was broad, including things like HP Blade Servers, load balancers, firewalls / switches, IIS logs Benefits were that our monitoring gave us a reasonable picture of what was happening in our environment. Things like Nagios and Event Sentry gave us insight into issues that were happening, but it was very much a reactive type monitoring Problem was that logs were spread out all over the place, but no central location to view them all when needed Makes it hard to troubleshoot a problem quickly, or become more proactive Then along came the introduction to Splunk …
How we were going to implement Splunk Phase 1 – Operation Intelligence Get basic Windows and Syslogs into Splunk <go through green area to right>
When we designed / built Splunk, went big from the start, for easy growth, as we knew how vital Splunk would become Production has own HF and Deploy Server, and CORP have own HF and Deploy Server
Current sources of data include … Have hardware capacity to handle roughly 300 – 350 GB of data ingested per day, but only at 20 GB per day so far. Amazing considering how many sources of data are already included
Outline each source Each source has unique logs with unique requirements Encourage Engineering to write code that leaves the ‘bread crumbs’ behind
We quickly found value in Splunk Goal: All Event Logs into Splunk before Release night Night of release, Splunk saw huge errors Engineering was able to diagnose issue and get new code out in record time Data was so visible, so fast. Splunk did all the work, and helped us respond much faster
Vision and goal for Splunk: a ‘way of life’ for the Platform Operations Team Splunk dashboards used for our Patch Nights, to help minimize client AdvancedMD housed the first Splunk User Group in SLC, and are large supporters of the value that Splunk provides
Art of Splunk: Question to be asked … ‘I have all this data in one spot … now what?’ Be creative about what data you get out of Splunk Put on the business / bigger picture hat, decide what you’d like to know, then figure out how to make it happen with Splunk Docs.splunk.com is fantastic. Documentation easy to read, and thorough. About 15 of their documents are key / critical Quick answer / quick fix … Splunk IRC. It’s Splunk Nerds helping Splunk Nerds
Phase 1 is Operational Intelligence, long term is all areas of company using Splunk Want to utilize Splunk Apps more, for quick value add Have used Splunk Professional Services in the past to help work through some roadblocks, as well as help us configure our systems to match best practices DB Connect: More SQL Visibility Want Splunk to analyze our data, to provide more insight into customer patterns, as well as business analytics for both us AND our customers
Make mention of both Tony Bolander and Scott Smith Also make mention of Corporate Culture and the company’s passion for the product and what it can do.

AdvancedMD Customer Presentation

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to AdvancedMD Customer Presentation

Similar to AdvancedMD Customer Presentation (20)

More from Splunk

More from Splunk (20)

Recently uploaded

Recently uploaded (20)

AdvancedMD Customer Presentation

Editor's Notes