This document provides instructions for setting up access to an online Splunk sandbox for a presentation on building service intelligence with Splunk IT Service Intelligence. It instructs the reader to download a presentation slide deck, sign up for a free online Splunk ITSI sandbox if not already done, test access to the sandbox using recommended browsers, and select the IT Service Intelligence app after logging in.
Building Business Service Intelligence with ITSISplunk
This document provides instructions for setting up Splunk IT Service Intelligence (ITSI) before using it. It instructs the user to:
1. Download a presentation slide deck from a Splunk Box URL.
2. Sign up for a free Splunk ITSI Online Sandbox if not already done.
3. Test access to the sandbox, recommending Chrome, Firefox or Safari and noting that Internet Explorer is not recommended.
4. After logging in, select IT Service Intelligence from the list of apps on the left side.
Service intelligence hands on workshopMegan Shippy
The document discusses building IT service intelligence with Splunk. It introduces key concepts like services, KPIs, health scores, and the benefits of Splunk's approach to machine data. The presentation provides an example of designing service intelligence for an online store and supply chain at a toy company called Buttercup Games. It demonstrates how to configure a new KPI for database network utilization and modify a dashboard in Splunk IT Service Intelligence.
Building Business Service Intelligence with ITSISplunk
This document provides an overview of a presentation on Splunk IT Service Intelligence (ITSI). It discusses setting up the ITSI sandbox, the agenda which includes introductions, Splunk fundamentals, what ITSI is, and a hands-on session. It also covers service modeling best practices like starting with a problem, bringing together subject matter experts, and designing the service model before configuring. Additionally, it demonstrates how to configure a new KPI for database network utilization within the ITSI interface in about 5 minutes.
Taming the Technology of Digital TransformationSplunk
Andi Mann explains how to tame digital transformation: Establish new roles, teams and processes to support digital; adopt new technology to deliver new digital experiences and rebuild service delivery capability with a "digital first" approach.
Building Business Service Intelligence with ITSISplunk
- Involve subject matter experts from relevant teams to ensure all aspects of services are understood
- Design the service model before configuring in the tool to work out dependencies and relationships
- Start by identifying a high-value business service you want to improve and work backwards to technical services
- Map out all supporting technical services needed for the business service to operate
- Determine the most important key performance indicators to monitor for each service
- Create Splunk searches to populate each key performance indicator with relevant metrics
Design, Build and Map IT and Business Services in SplunkSplunk
The document discusses how to derive "service intelligence" for an organization using Splunk. It recommends starting with a problem worth solving, bringing together subject experts, and designing service maps and key performance indicators before configuring the Splunk implementation. It provides an example of how a toy manufacturer called Buttercup Games could use Splunk to gain insights into its online store service and improve customer satisfaction and operations.
Building Service Intelligence with Splunk IT Service Intelligence (ITSI) Splunk
Providing transformational impact and insight into key business services while maintaining operational oversight is often difficult in organizations. To effectively communicate business value and alignment organizations must find new methods to bridge the gap between business and operations. This half-day hands on workshop demonstrates how customers can quickly gain insight into high-value services while aligning business and IT Operations using Splunk’s IT Service Intelligence solution. By leveraging the machine data you are already collecting the exercise provides a transformational method to model high-value services and rapidly build custom visualizations and dashboards. From executive leaders to administrators these personalized service-centric views provide powerful analytics and machine learning to transform service intelligence across your organization.
Come experience how you can transform service intelligence in your organization.
SplunkLive! Houston IT Service Intelligence Hands On VersionSplunk
Are you currently using Splunk to troubleshoot and monitor your IT environment? Do you want more out of Splunk but don’t know how? Here’s your chance to learn more about Splunk IT Service Intelligence (Splunk ITSI) and get hands-on with it for the very first time. We’ll help you build custom visualizations and dashboards for personalized service-centric views. We’ll teach you how to navigate across multiple KPIs, entities and events with built-in visualizations and intelligently troubleshoot and resolve problems faster using Splunk ITSI. We’ll also show you how to create correlations across KPIs easily and be alerted of “notable events” to catch these emerging problems quickly. At the end of this session, you will leave with an understanding of the unique monitoring approach Splunk ITSI delivers to maximize the value of your data in Splunk and how to accelerate visibility into your critical IT services. Bring your laptop, not a tablet, preferably a non-IE browser.
Building Business Service Intelligence with ITSISplunk
This document provides instructions for setting up Splunk IT Service Intelligence (ITSI) before using it. It instructs the user to:
1. Download a presentation slide deck from a Splunk Box URL.
2. Sign up for a free Splunk ITSI Online Sandbox if not already done.
3. Test access to the sandbox, recommending Chrome, Firefox or Safari and noting that Internet Explorer is not recommended.
4. After logging in, select IT Service Intelligence from the list of apps on the left side.
Service intelligence hands on workshopMegan Shippy
The document discusses building IT service intelligence with Splunk. It introduces key concepts like services, KPIs, health scores, and the benefits of Splunk's approach to machine data. The presentation provides an example of designing service intelligence for an online store and supply chain at a toy company called Buttercup Games. It demonstrates how to configure a new KPI for database network utilization and modify a dashboard in Splunk IT Service Intelligence.
Building Business Service Intelligence with ITSISplunk
This document provides an overview of a presentation on Splunk IT Service Intelligence (ITSI). It discusses setting up the ITSI sandbox, the agenda which includes introductions, Splunk fundamentals, what ITSI is, and a hands-on session. It also covers service modeling best practices like starting with a problem, bringing together subject matter experts, and designing the service model before configuring. Additionally, it demonstrates how to configure a new KPI for database network utilization within the ITSI interface in about 5 minutes.
Taming the Technology of Digital TransformationSplunk
Andi Mann explains how to tame digital transformation: Establish new roles, teams and processes to support digital; adopt new technology to deliver new digital experiences and rebuild service delivery capability with a "digital first" approach.
Building Business Service Intelligence with ITSISplunk
- Involve subject matter experts from relevant teams to ensure all aspects of services are understood
- Design the service model before configuring in the tool to work out dependencies and relationships
- Start by identifying a high-value business service you want to improve and work backwards to technical services
- Map out all supporting technical services needed for the business service to operate
- Determine the most important key performance indicators to monitor for each service
- Create Splunk searches to populate each key performance indicator with relevant metrics
Design, Build and Map IT and Business Services in SplunkSplunk
The document discusses how to derive "service intelligence" for an organization using Splunk. It recommends starting with a problem worth solving, bringing together subject experts, and designing service maps and key performance indicators before configuring the Splunk implementation. It provides an example of how a toy manufacturer called Buttercup Games could use Splunk to gain insights into its online store service and improve customer satisfaction and operations.
Building Service Intelligence with Splunk IT Service Intelligence (ITSI) Splunk
Providing transformational impact and insight into key business services while maintaining operational oversight is often difficult in organizations. To effectively communicate business value and alignment organizations must find new methods to bridge the gap between business and operations. This half-day hands on workshop demonstrates how customers can quickly gain insight into high-value services while aligning business and IT Operations using Splunk’s IT Service Intelligence solution. By leveraging the machine data you are already collecting the exercise provides a transformational method to model high-value services and rapidly build custom visualizations and dashboards. From executive leaders to administrators these personalized service-centric views provide powerful analytics and machine learning to transform service intelligence across your organization.
Come experience how you can transform service intelligence in your organization.
SplunkLive! Houston IT Service Intelligence Hands On VersionSplunk
Are you currently using Splunk to troubleshoot and monitor your IT environment? Do you want more out of Splunk but don’t know how? Here’s your chance to learn more about Splunk IT Service Intelligence (Splunk ITSI) and get hands-on with it for the very first time. We’ll help you build custom visualizations and dashboards for personalized service-centric views. We’ll teach you how to navigate across multiple KPIs, entities and events with built-in visualizations and intelligently troubleshoot and resolve problems faster using Splunk ITSI. We’ll also show you how to create correlations across KPIs easily and be alerted of “notable events” to catch these emerging problems quickly. At the end of this session, you will leave with an understanding of the unique monitoring approach Splunk ITSI delivers to maximize the value of your data in Splunk and how to accelerate visibility into your critical IT services. Bring your laptop, not a tablet, preferably a non-IE browser.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
The document discusses Splunk security solutions including Splunk Enterprise and Splunk User Behavior Analytics (UBA). It begins with an agenda that includes a demo of the Zeus ES security product and a UBA demo. The document then provides an overview of challenges in securing against advanced threats and how Splunk addresses these challenges through security analytics and machine data. Examples are given of how Splunk has helped customers including Nasdaq and PostFinance address security issues. The presentation concludes with a discussion of features in Splunk Enterprise Security 4.0.
Best Practices For Sharing Data Across The EnteprriseSplunk
The document discusses best practices for sharing data across an enterprise using Splunk. It provides an overview of Splunk's Business Value Consulting services and common value drivers they have identified for IT operations, security and compliance, and application development. These include reducing incident resolution times, improving security event detection and response times, and accelerating development cycles. It also lists many common data sources that are important for realizing these benefits, such as various log files, network devices, databases, and applications.
Splunk provides software that allows users to search, monitor, and analyze machine-generated data. It collects data from websites, applications, servers, networks and other devices and stores large amounts of data. The software provides dashboards, reports and alerts to help users gain operational intelligence and insights. It is used by over 4,400 customers across many industries to solve IT and business challenges.
Building a Security Information and Event Management platform at Travis Per...Splunk
Faced with a complex, heterogeneous IT infrastructure and a ‘Cloud First’ instruction from the board, Nick Bleech, Head of Information Security at building supplies giant Travis Perkins, used Splunk Enterprise Security running on Splunk Cloud to deliver enhanced security for 27,000 employees.
Splunk allowed Travis Perkins to provide real-time security monitoring, faster incident resolution and improved data governance while delivering demonstrable business value to the board.
In this webinar, Nick Bleech discusses:
● The business and security drivers of deploying a cloud-based security incident and event management solution
● The overall benefits of the Splunk solution
● The project’s critical success factors
● How stakeholders and the overall project were managed
● The positive impact on the deployment on the IT operations and IT security teams
● The next steps in the development of a lightweight security operations centre
These are the slides from the webinar broadcast on April 1st 2020, presented by Philipp Drieger. Content covers:
- Introduction to AI and ML Features in Splunk
- Customer Use Case Examples
- Live Demo of Machine Learning Toolkit, with examples for:
Methods for Anomaly Detection, Predictive Analytics and Forecasting, and Clustering
- Custom Machine Learning, incl.: Advanced Containerization and Expansion with MLSPL API
Join our Security Expert and learn how to use the Splunk App for Enterprise Security (ES) in a live, hands-on session. We'll take a tour through Splunk's award-winning security offering to understand some of the unique capabilities in the product. Then, we'll use ES to work an incident and disrupt an adversary's Kill Chain by finding the Actions on Intent, Exploitation Methods, and Reconnaissance Tactics used against a simulated organization. Data investigated will include threat list intelligence feeds, endpoint activity logs, e-mail logs, and web access logs. This session is a must for all security experts! Please bring your laptop as this is a hands-on session.
Splunk Discovery: Milan 2018 - Splunk OverviewSplunk
This document provides an overview of Splunk Inc. and its machine data platform. Some key points:
- Splunk's platform allows users to analyze and gain insights from machine data from various sources like apps, infrastructure, security systems, customer data, and IoT devices.
- The growing amount of machine data presents challenges like scale, real-time analysis, and unknown questions. Splunk aims to provide a single platform to explore this data and gain insights.
- Splunk is used across industries like IT operations, security, business analytics, and IoT by over 14,000 customers including most of the Fortune 100.
- The company has over 3,000 employees globally and annual revenue over $1 billion.
Splunk Enterprise for IT Troubleshooting Hands-OnSplunk
This document provides an overview of a Splunk training session. The objectives are to learn basic Splunk navigation, how to extract fields, create alerts, build reports and dashboards, and use Splunk for troubleshooting. Examples are provided of extracting a new field, creating an alert when disk space exceeds a threshold, and building a dashboard to monitor website errors and server CPU usage. The training highlights how Splunk can provide operational intelligence and accelerate ROI by reducing incidents and MTTR. It concludes by mentioning opportunities to learn more about Splunk through free trials, education, and the annual .conf user conference.
The document discusses Splunk IT Service Intelligence, a solution from Splunk that provides data-driven service insights for IT operations. It allows monitoring of key performance indicators (KPIs) across different technical services to detect problems and improve service operations. Some key capabilities include deploying a flexible solution quickly, transforming IT monitoring with machine learning-based anomaly detection and adaptive thresholds, and redefining the role of IT through data-driven service visibility and insights.
Machine-generated data is one of the fastest growing and complex areas of big data. It's also one of the most valuable, containing a definitive record of all user transactions, customer behavior, machine behavior, security threats, fraudulent activity and more. Join us as we explore the basics of machine data analysis and highlight techniques to help you turn your organization’s machine data into valuable insights. This introductory workshop includes a hands-on(bring your laptop) demonstration of Splunk’s technology and covers use cases both inside and outside IT. Learn why more than 12,000 customers in over 110 countries use Splunk to make business, government, and education more efficient, secure, and profitable.
This document provides an overview and agenda for a Splunk lunch and learn session. It discusses what Splunk is, its key capabilities including searching, alerting, and reporting on machine data, and its universal indexing approach. The document also outlines deployment options and includes a demonstration. It explains how Splunk eliminates finger pointing across IT silos by enabling users to search and investigate issues more quickly. It also discusses how Splunk supports proactive monitoring, operational visibility, and real-time business insights.
The document provides an agenda for a Splunk conference event discussing Splunk's security vision, strategy and platform. It includes presentations from Splunk executives and customers on using Splunk for security operations and IT operations. The agenda lists talks on Splunk's security vision from 10:00-10:30, a customer use case from 10:30-11:00, a break from 11:00-11:30, and presentations on using Splunk for security and IT operations from 11:30-13:00. The event concludes at 14:00 after a lunch break from 13:00-14:00.
Splunk - Verwandeln Sie Datensilos in Operational IntelligenceSplunk
Splunk Software ermöglicht den Interessierten unter uns, das anzusehen, was andere ignorieren - Maschinendaten - und das zu finden, was andere niemals sehen - wertvolle Einblicke, durch die Ihr Team und Unternehmen produktiver, profitabler, wettbewerbsfähiger und sicherer wird.
Sind Sie schon neugierig, welche Informationen in Ihren Maschinendaten stecken?
In diesem Webinar zeigen wir Ihnen, warum über 11 000 Unternehmen, Splunk Software für folgendes nutzen:
- Beseitigung von Applikationsproblemen und Investigation von Security-Vorfällen in Minutenschnelle
- Vermeidung von Service-Problemen oder Ausfällen
- Einhaltung von Compliance Vorschriften zu niedrigeren Kosten
- Neue Einblicke in die Geschäftstätigkeit
Nehmen Sie teil an dieser Operational Intelligence Demo-Session und erfahren Sie mehr darüber, wie Sie und Ihr Team effizienter und produktiver arbeiten können.
This document provides an overview and agenda for a presentation on getting started with Splunk Enterprise. It discusses what machine data is, how Splunk can extract insights from machine data, and Splunk's scalable deployment architecture. It also demonstrates searches in Splunk and discusses resources for help and support.
The document is a transcript from a Splunk presentation about using Splunk for IT operations. It discusses using Splunk to correlate machine data from different sources like servers, applications, and databases to gain visibility into IT services and their components. It provides a live demonstration of how Splunk can be used to monitor system performance, create tickets or alerts when issues arise, and troubleshoot issues by searching through logs and events. The presentation emphasizes how the common information model in Splunk allows mapping these components like hosts, applications, and services for improved IT operations and issue resolution.
The document provides an overview of Splunk for IT operations (ITOps). It discusses how Splunk can help organizations address escalating IT complexity and issues plaguing IT operations. It introduces Splunk IT Service Intelligence, which provides data-driven service insights for root-cause isolation and improved service operations. Key concepts explained include what a service is, key performance indicators (KPIs), and service health scores. The document also highlights capabilities like service analyzer, glass tables, deep dives, multi-KPI alerts and notable events. Customer stories are presented on how enterprises use Splunk for increased uptime, reduced mean time to resolution, optimized capacity and more.
If you’re just getting started with Splunk, this session will help you understand how to use Splunk software to turn your silos of data into insights that are actionable. In this session, we’ll dive right into a Splunk environment and show you how to use the simple Splunk search interface to quickly find the needle-in-the-haystack or multiple needles in multiple haystacks. We’ll demonstrate how to perform rapid ad-hoc searches to conduct routine investigations across your entire IT infrastructure in one place, whether physical, virtual or in the cloud. We’ll show you how to then convert these searches into real time alerts and dashboards, so you can proactively monitor for problems before they impact your end user. We’ll demonstrate how you can use Splunk to connect the dots across heterogeneous systems in your environment for cross-tier, cross-silo visibility. You’ll have access to a demo environment. So, don’t forget to bring your laptop and follow along for a hands-on experience.
Wie Sie Ransomware aufspüren und was Sie dagegen machen könnenSplunk
Ransomware ist nicht mehr nur ein auf Privatanwender ausgerichtetes Ärgernis, sondern hat sich zu einer ernstzunehmenden Bedrohung für Unternehmen und Regierungseinrichtungen entwickelt.
In unserem Webinar können Sie mehr darüber herausfinden, was Ransomware genau ist und wie es funktioniert. Anschliessend zeigen wir Ihnen das Ganze in einer Live Demo mit Daten aus einer Windows Ransomware Infektion.
Detailliert zeigen wir Ihnen:
- wie Sie mit Splunk Enterprise Ransomware IOCs "jagen"
- wie Sie Malicious Endpoint Verhalten aufdecken
- Abwehrstrategien
Delivering business value from operational insights at ING BankSplunk
The document discusses how ING Bank uses Splunk to extract business value from operational data. It describes several IT use cases like customer pre-scoring, portfolio management, fraud detection and reducing downtime. It also discusses expanding the use of Splunk beyond IT to business cases like customer journey mapping. The document shares details of ING Bank's Splunk implementation, how it migrated systems to Splunk, and future plans to integrate Hadoop and machine learning.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
The document discusses Splunk security solutions including Splunk Enterprise and Splunk User Behavior Analytics (UBA). It begins with an agenda that includes a demo of the Zeus ES security product and a UBA demo. The document then provides an overview of challenges in securing against advanced threats and how Splunk addresses these challenges through security analytics and machine data. Examples are given of how Splunk has helped customers including Nasdaq and PostFinance address security issues. The presentation concludes with a discussion of features in Splunk Enterprise Security 4.0.
Best Practices For Sharing Data Across The EnteprriseSplunk
The document discusses best practices for sharing data across an enterprise using Splunk. It provides an overview of Splunk's Business Value Consulting services and common value drivers they have identified for IT operations, security and compliance, and application development. These include reducing incident resolution times, improving security event detection and response times, and accelerating development cycles. It also lists many common data sources that are important for realizing these benefits, such as various log files, network devices, databases, and applications.
Splunk provides software that allows users to search, monitor, and analyze machine-generated data. It collects data from websites, applications, servers, networks and other devices and stores large amounts of data. The software provides dashboards, reports and alerts to help users gain operational intelligence and insights. It is used by over 4,400 customers across many industries to solve IT and business challenges.
Building a Security Information and Event Management platform at Travis Per...Splunk
Faced with a complex, heterogeneous IT infrastructure and a ‘Cloud First’ instruction from the board, Nick Bleech, Head of Information Security at building supplies giant Travis Perkins, used Splunk Enterprise Security running on Splunk Cloud to deliver enhanced security for 27,000 employees.
Splunk allowed Travis Perkins to provide real-time security monitoring, faster incident resolution and improved data governance while delivering demonstrable business value to the board.
In this webinar, Nick Bleech discusses:
● The business and security drivers of deploying a cloud-based security incident and event management solution
● The overall benefits of the Splunk solution
● The project’s critical success factors
● How stakeholders and the overall project were managed
● The positive impact on the deployment on the IT operations and IT security teams
● The next steps in the development of a lightweight security operations centre
These are the slides from the webinar broadcast on April 1st 2020, presented by Philipp Drieger. Content covers:
- Introduction to AI and ML Features in Splunk
- Customer Use Case Examples
- Live Demo of Machine Learning Toolkit, with examples for:
Methods for Anomaly Detection, Predictive Analytics and Forecasting, and Clustering
- Custom Machine Learning, incl.: Advanced Containerization and Expansion with MLSPL API
Join our Security Expert and learn how to use the Splunk App for Enterprise Security (ES) in a live, hands-on session. We'll take a tour through Splunk's award-winning security offering to understand some of the unique capabilities in the product. Then, we'll use ES to work an incident and disrupt an adversary's Kill Chain by finding the Actions on Intent, Exploitation Methods, and Reconnaissance Tactics used against a simulated organization. Data investigated will include threat list intelligence feeds, endpoint activity logs, e-mail logs, and web access logs. This session is a must for all security experts! Please bring your laptop as this is a hands-on session.
Splunk Discovery: Milan 2018 - Splunk OverviewSplunk
This document provides an overview of Splunk Inc. and its machine data platform. Some key points:
- Splunk's platform allows users to analyze and gain insights from machine data from various sources like apps, infrastructure, security systems, customer data, and IoT devices.
- The growing amount of machine data presents challenges like scale, real-time analysis, and unknown questions. Splunk aims to provide a single platform to explore this data and gain insights.
- Splunk is used across industries like IT operations, security, business analytics, and IoT by over 14,000 customers including most of the Fortune 100.
- The company has over 3,000 employees globally and annual revenue over $1 billion.
Splunk Enterprise for IT Troubleshooting Hands-OnSplunk
This document provides an overview of a Splunk training session. The objectives are to learn basic Splunk navigation, how to extract fields, create alerts, build reports and dashboards, and use Splunk for troubleshooting. Examples are provided of extracting a new field, creating an alert when disk space exceeds a threshold, and building a dashboard to monitor website errors and server CPU usage. The training highlights how Splunk can provide operational intelligence and accelerate ROI by reducing incidents and MTTR. It concludes by mentioning opportunities to learn more about Splunk through free trials, education, and the annual .conf user conference.
The document discusses Splunk IT Service Intelligence, a solution from Splunk that provides data-driven service insights for IT operations. It allows monitoring of key performance indicators (KPIs) across different technical services to detect problems and improve service operations. Some key capabilities include deploying a flexible solution quickly, transforming IT monitoring with machine learning-based anomaly detection and adaptive thresholds, and redefining the role of IT through data-driven service visibility and insights.
Machine-generated data is one of the fastest growing and complex areas of big data. It's also one of the most valuable, containing a definitive record of all user transactions, customer behavior, machine behavior, security threats, fraudulent activity and more. Join us as we explore the basics of machine data analysis and highlight techniques to help you turn your organization’s machine data into valuable insights. This introductory workshop includes a hands-on(bring your laptop) demonstration of Splunk’s technology and covers use cases both inside and outside IT. Learn why more than 12,000 customers in over 110 countries use Splunk to make business, government, and education more efficient, secure, and profitable.
This document provides an overview and agenda for a Splunk lunch and learn session. It discusses what Splunk is, its key capabilities including searching, alerting, and reporting on machine data, and its universal indexing approach. The document also outlines deployment options and includes a demonstration. It explains how Splunk eliminates finger pointing across IT silos by enabling users to search and investigate issues more quickly. It also discusses how Splunk supports proactive monitoring, operational visibility, and real-time business insights.
The document provides an agenda for a Splunk conference event discussing Splunk's security vision, strategy and platform. It includes presentations from Splunk executives and customers on using Splunk for security operations and IT operations. The agenda lists talks on Splunk's security vision from 10:00-10:30, a customer use case from 10:30-11:00, a break from 11:00-11:30, and presentations on using Splunk for security and IT operations from 11:30-13:00. The event concludes at 14:00 after a lunch break from 13:00-14:00.
Splunk - Verwandeln Sie Datensilos in Operational IntelligenceSplunk
Splunk Software ermöglicht den Interessierten unter uns, das anzusehen, was andere ignorieren - Maschinendaten - und das zu finden, was andere niemals sehen - wertvolle Einblicke, durch die Ihr Team und Unternehmen produktiver, profitabler, wettbewerbsfähiger und sicherer wird.
Sind Sie schon neugierig, welche Informationen in Ihren Maschinendaten stecken?
In diesem Webinar zeigen wir Ihnen, warum über 11 000 Unternehmen, Splunk Software für folgendes nutzen:
- Beseitigung von Applikationsproblemen und Investigation von Security-Vorfällen in Minutenschnelle
- Vermeidung von Service-Problemen oder Ausfällen
- Einhaltung von Compliance Vorschriften zu niedrigeren Kosten
- Neue Einblicke in die Geschäftstätigkeit
Nehmen Sie teil an dieser Operational Intelligence Demo-Session und erfahren Sie mehr darüber, wie Sie und Ihr Team effizienter und produktiver arbeiten können.
This document provides an overview and agenda for a presentation on getting started with Splunk Enterprise. It discusses what machine data is, how Splunk can extract insights from machine data, and Splunk's scalable deployment architecture. It also demonstrates searches in Splunk and discusses resources for help and support.
The document is a transcript from a Splunk presentation about using Splunk for IT operations. It discusses using Splunk to correlate machine data from different sources like servers, applications, and databases to gain visibility into IT services and their components. It provides a live demonstration of how Splunk can be used to monitor system performance, create tickets or alerts when issues arise, and troubleshoot issues by searching through logs and events. The presentation emphasizes how the common information model in Splunk allows mapping these components like hosts, applications, and services for improved IT operations and issue resolution.
The document provides an overview of Splunk for IT operations (ITOps). It discusses how Splunk can help organizations address escalating IT complexity and issues plaguing IT operations. It introduces Splunk IT Service Intelligence, which provides data-driven service insights for root-cause isolation and improved service operations. Key concepts explained include what a service is, key performance indicators (KPIs), and service health scores. The document also highlights capabilities like service analyzer, glass tables, deep dives, multi-KPI alerts and notable events. Customer stories are presented on how enterprises use Splunk for increased uptime, reduced mean time to resolution, optimized capacity and more.
If you’re just getting started with Splunk, this session will help you understand how to use Splunk software to turn your silos of data into insights that are actionable. In this session, we’ll dive right into a Splunk environment and show you how to use the simple Splunk search interface to quickly find the needle-in-the-haystack or multiple needles in multiple haystacks. We’ll demonstrate how to perform rapid ad-hoc searches to conduct routine investigations across your entire IT infrastructure in one place, whether physical, virtual or in the cloud. We’ll show you how to then convert these searches into real time alerts and dashboards, so you can proactively monitor for problems before they impact your end user. We’ll demonstrate how you can use Splunk to connect the dots across heterogeneous systems in your environment for cross-tier, cross-silo visibility. You’ll have access to a demo environment. So, don’t forget to bring your laptop and follow along for a hands-on experience.
Wie Sie Ransomware aufspüren und was Sie dagegen machen könnenSplunk
Ransomware ist nicht mehr nur ein auf Privatanwender ausgerichtetes Ärgernis, sondern hat sich zu einer ernstzunehmenden Bedrohung für Unternehmen und Regierungseinrichtungen entwickelt.
In unserem Webinar können Sie mehr darüber herausfinden, was Ransomware genau ist und wie es funktioniert. Anschliessend zeigen wir Ihnen das Ganze in einer Live Demo mit Daten aus einer Windows Ransomware Infektion.
Detailliert zeigen wir Ihnen:
- wie Sie mit Splunk Enterprise Ransomware IOCs "jagen"
- wie Sie Malicious Endpoint Verhalten aufdecken
- Abwehrstrategien
Delivering business value from operational insights at ING BankSplunk
The document discusses how ING Bank uses Splunk to extract business value from operational data. It describes several IT use cases like customer pre-scoring, portfolio management, fraud detection and reducing downtime. It also discusses expanding the use of Splunk beyond IT to business cases like customer journey mapping. The document shares details of ING Bank's Splunk implementation, how it migrated systems to Splunk, and future plans to integrate Hadoop and machine learning.
Softcat Splunk Discovery Day Manchester, March 2017Splunk
This document provides an agenda for a Splunk conference on March 15th 2017 in Manchester. The agenda includes:
- An introduction and welcome from 09:30-09:45
- Two session from 09:45-12:15 on data-driven IT operations and best practices for security investigations
- A lunch break from 12:30-13:30
- The event concludes at 13:30
This document provides an overview of threat hunting using Splunk. It begins with an introduction to threat hunting and why it is important. The presentation then discusses key building blocks for driving threat hunting maturity, including search and visualization, data enrichment, ingesting data sources, and applying machine learning. It provides examples of internal data sources that can be used for hunting like IP addresses, network artifacts, DNS, and endpoint data. The presentation demonstrates hunting using the Microsoft Sysmon endpoint agent, walking through an example attack scenario matching the Cyber Kill Chain framework. It shows how to investigate a potential compromise by searching across web, DNS, proxy, firewall, and endpoint data in Splunk to trace suspicious activity back to a specific user.
Splunk Webinar – IT Operations auf den nächsten Level bringenSplunk
Verwertbare Einblicke in Ihre Daten gewinnen und IT Operations auf den nächsten Level bringen
In unserem Webinar zeigen wir Ihnen anhand einer Demo:
- wie Sie Service-Kontext gewinnen, in dem Sie Verhaltens- und Performance-Daten kombinieren.
- wie Sie ein genaues Bild Ihrer Umgebung erhalten, damit Sie Prozesse optimieren können
- wie Sie Kernursachen-Analysen beschleunigen und so Ausfälle auf Kundenseite entgegenwirken können
- wie Sie Incident Investigation priorisieren und die Time-to-Resolution durch Verhaltens- und Event-Analysen verkürzen
- wie Analytics und Machine Learning Service Intelliegence verbessern können
This document provides an overview of data enrichment techniques in Splunk including tags, field aliases, calculated fields, event types, and lookups. It describes how tags can add context and categorize data, field aliases can simplify searches by normalizing field labels, and lookups can augment data with additional external fields. The document also discusses various data sources that Splunk can index such as network data, HTTP events, alerts, scripts, databases, and modular inputs for custom data collection.
SplunkLive! Utrecht - Splunk for Security - Monzy MerzaSplunk
The document discusses transforming security through new approaches like adaptive response, machine learning, and centralized monitoring and command centers. It summarizes new features being added to Splunk Enterprise Security like improved threat detection, user behavior analytics, adaptive response capabilities, and enhanced visual analytics. The presentation highlights how these new Splunk security solutions help optimize security operations centers and augment or replace security information and event management systems.
This document contains an agenda for the SplunkLive! Utrecht conference. It includes:
- A welcome message and introduction to using Splunk for security and IT operations.
- Three customer use cases that will be presented on using Splunk for the CERT EU, NXP, and KPN.
- Information on sponsors and speakers at the conference.
- An overview of the Splunk platform and how it can be used for security, IT operations, business analytics, IoT, and more.
Splunk Enterprise for IT Troubleshooting Hands-OnSplunk
This document provides an overview and demo of Splunk Enterprise for IT troubleshooting. It discusses how Splunk can help address the increasing complexity of IT environments by allowing users to index and analyze machine data from any source. The demo walks through searching logs, extracting fields, troubleshooting infrastructure and application issues, creating alerts and reports, and using dashboards. It highlights how Splunk can help accelerate incident resolution, reduce MTTR, and accelerate development cycles.
This document summarizes Molina Healthcare's use of Splunk software. Molina is a Fortune 500 healthcare company that provides Medicaid and CHIP plans. They implemented Splunk Enterprise to gain centralized visibility and logging of their large, virtualized infrastructure. Splunk has helped Molina dramatically reduce troubleshooting times, retire old tools, and improve business insights. Key benefits included reduced MTTR by over 150%, issues now resolved in minutes versus hours, and improved customer satisfaction. Molina users Splunk across IT, operations, development and business teams.
SplunkLive! Utrecht - Splunk for IT Operations - Rick FitzSplunk
This document discusses how increasing IT complexity from technologies like virtualization, SaaS applications, and custom applications has made IT operations more difficult. It presents Splunk as a solution for capturing data from all IT systems and applications in order to perform operational analytics. This allows organizations to gain insights across their IT infrastructure and applications for tasks like root cause analysis, capacity planning, security monitoring, and service level reporting. The document highlights some of Splunk's key capabilities and differentiators like indexing data once for multiple uses, scaling to large environments, and providing a fast time to value. It also includes two customer examples of how Credit Suisse and Surrey Satellite have benefited from using Splunk for IT operations.
This document outlines a presentation on threat hunting with Splunk. The presenter is Ken Westin, a security strategist at Splunk with over 20 years of experience in technology and security. The agenda includes an overview of threat hunting basics and data sources, examining the cyber kill chain through a hands-on attack scenario using Splunk, and advanced threat hunting techniques including machine learning. Log-in credentials are provided for access to hands-on demo environments related to the presentation.
SplunkLive! Customer Presentation – Dunkin’ Brands, Inc. Splunk
Matt Kraft presents on how Dunkin' Donuts gained real-time visibility into their systems and data using Splunk. Key points:
1) Dunkin' needed a solution to gain visibility into application performance, marketing campaigns, customer support issues, and loyalty programs across their web, mobile, and 11,000+ locations.
2) Splunk provided more control over their data and helped identify issues impacting customers within minutes rather than hours or days.
3) In just 5 months, Splunk helped reduce application downtime, speed up troubleshooting, and improve customer satisfaction and business decisions.
How to Design, Build and Map IT and Business Services in SplunkSplunk
Your IT department supports critical business functions, processes and products. You're most effective when your technology initiatives are closely aligned and measured with specific business objectives. This session covers best practices and techniques for designing and building an effective service model, using the domain knowledge of your experts and capturing and reporting on key metrics that everyone can understand. We will design a sample service model and map them to performance indicators to track operational and business objectives. We will also show you how to make Splunk service-ware with Splunk IT Service Intelligence (ITSI).
Getting Started with IT Service IntelligenceSplunk
This document discusses IT service intelligence (ITSI) concepts including defining services, key performance indicators (KPIs), service health scores, and service decomposition. A service can include multiple technology components and tiers that need to be monitored together from a user's perspective. KPIs are Splunk searches that monitor specific metrics like CPU or errors. Health scores from 0-100 indicate a service's status based on KPI status and importance. Entities that support services can come from CMDBs or searches. Services can be decomposed into sub-services and underlying processes to define relevant KPIs for monitoring. Adaptive thresholding and anomaly detection help determine normal vs abnormal behavior in dynamic or patterned data. ITSI allows
Machine Data 101: Turning Data Into Insight is a presentation about using Splunk software to analyze machine data. It discusses topics such as:
- What machine data is and examples of common sources like log files, social media, call center systems
- How Splunk indexes machine data from various sources in real-time regardless of format
- Techniques for enriching data in Splunk like tags, field aliases, calculated fields, event types, and lookups from external data sources
- Examples of collecting non-traditional data sources into Splunk like network data, HTTP events, databases, and mobile app data
The presentation provides an overview of Splunk's machine data platform and techniques for analyzing, enrich
The document discusses migrating log ingestion from Splunk's S3 connector to using AWS Kinesis and Lambda functions to send logs directly to Splunk's HTTP Event Collector. It describes setting up Kinesis, configuring Lambda functions to batch and send logs to the HTTP Event Collector, and tuning various parameters like Lambda memory, batch size, and HTTP Event Collector limits to reduce latency from 15 minutes to under 5 seconds. Metrics and dashboards are used to measure the progress of reducing latency.
The document summarizes Splunk adoption at athenahealth, a cloud-based healthcare services company. It discusses how Splunk has provided athenahealth's security teams visibility into various data sources to help prioritize threats and incidents. Specifically, Splunk Enterprise Security is used by the Security Incident Response Team. Over 10 power users consume 400GB of data per day from hundreds of forwarders. Splunk has improved efficiency, reduced alert fatigue, and allowed for better investigation and correlation of security information.
This document discusses how Staples uses Splunk to gain insights from machine data across their organization. It provides details on:
- Staples' Splunk infrastructure consisting of 8 index servers and 9 search heads that can handle 1TB of data per day.
- The key use cases of operational support, application insights, and business intelligence.
- How Splunk provides a single pane of glass for visibility across their web apps, servers, monitoring tools, and more.
- Examples of how Splunk has helped identify issues, reduced resolution times, and optimized website searches to improve the customer experience.
Building Business Service Intelligence with ITSISplunk
This document provides instructions for setting up Splunk IT Service Intelligence (ITSI) before participating in a hands-on workshop. It includes steps to download presentation materials, sign up for a free ITSI sandbox account, and test access to the sandbox. The agenda for the workshop is also outlined, covering introductions, fundamentals of using Splunk for IT troubleshooting, an introduction to IT service intelligence, service intelligence design practices, a hands-on session, and next steps. Key aspects of service intelligence like defining services, key performance indicators (KPIs), and service health scores are also briefly introduced.
1) The document discusses how to use Splunk IT Service Intelligence (ITSI) to model services, create KPIs, and troubleshoot issues. It provides step-by-step instructions for setting up a sandbox, defining services and KPIs, and using features like glass tables and deep dives.
2) Specifically, it shows how to create a new KPI for database network utilization in under 5 minutes. It also demonstrates using glass tables to visualize services and KPIs, and how to "time travel" to troubleshoot a past outage affecting an online store service.
3) Advanced techniques discussed include adaptive thresholds, anomaly detection, multi-KPI alerts, and using the service analyzer for a
Splunk Webinar: Splunk App for Palo Alto NetworksGeorg Knon
This document contains an agenda and presentation materials for a webinar on integrating Splunk and Palo Alto Networks. The agenda includes overviews of Splunk and Palo Alto Networks, a live demo of their integration, and a Q&A section. The presentation materials provide more details on how each company's products work, examples of how they can be used together for security monitoring, investigation and reporting, and next steps for engaging with Splunk and Palo Alto Networks.
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk
The document discusses security analytics methods for detecting threats using Splunk software. It covers common security challenges, types of analytics methods, and applying analytics to stages of an attack. The agenda includes an introduction to analytics methods, an overview of Splunk Security Essentials, a demo scenario of detecting a malicious insider, and next steps involving Enterprise Security and Splunk UBA. The demo scenario shows detecting large file uploads from Box to detect an insider exporting sales proposals. The summary recommends starting with Splunk Security Essentials, then leveraging Enterprise Security and UBA for advanced machine learning detection and automated response.
This document provides an agenda and overview for a presentation on getting started with Splunk Enterprise. The presentation covers downloading and installing Splunk, an overview of Splunk, a live demonstration of key Splunk functions like searching, field extraction, dashboards and alerting. It also briefly discusses Splunk deployment architectures and options for getting additional help and resources.
This document provides an agenda and overview for a presentation on getting started with Splunk Enterprise. The presentation covers downloading and installing Splunk, an overview of Splunk, a live demonstration of key Splunk functions like searching, field extraction, dashboards and alerting. It also briefly discusses Splunk deployment architectures and where to find additional resources and help. The presentation aims to help attendees understand the basics of collecting, analyzing and visualizing machine data with Splunk.
Here are the key steps to build a Splunk ITSI KPI to monitor for missing event formats:
1. Define the expected event formats in a lookup table with fields like Rule_ID, Event_Name, Raw_Filter, Punct.
2. Create a Base Search that looks up the Punct field against the lookup and filters for matching rules. This will return the expected event names.
3. Build a KPI on top of the Base Search to track the count of matching events over time. Set thresholds to alert if the count drops significantly.
4. Create an alert that triggers if the KPI value breaches the threshold. This will fire if an unexpected drop in events is detected.
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
The document is an agenda for a Splunk SOAR User Group presentation. It includes an introduction to Splunk SOAR and how user groups should work, as well as sections on getting to know the presenter, how playbooks are stored in Git repositories, common automation use cases for SOAR like alert enrichment and phishing investigation, and a wrap-up on next steps for the user group. Examples of playbooks that automate tasks like malware triage and threat intelligence correlation are also summarized.
Security investigation hands on workshop 2018-05YoungCho50
This document provides information for an introductory Splunk security workshop, including:
- Details on accessing the workshop WiFi and materials.
- An agenda that covers basic posture and monitoring using Splunk Enterprise and Splunk Enterprise Security, including hands-on exercises for endpoint, identity, and network data sources.
- Instructions for navigating the hands-on environment and guidance for specific exercises exploring endpoint, login, and network data.
This document provides information for an introductory Splunk security workshop, including:
- Details about the workshop agenda, which covers basic posture and monitoring in the first section and an introduction to investigation in the second section.
- Instructions for accessing the workshop environment and materials.
- A legend explaining the visual guides that will be used during the hands-on portions of the workshop.
- Overviews of the four key data sources - endpoint, identity, network, and threat intelligence - that will be analyzed to improve security posture and monitoring.
Prem Kumar is a senior security consultant who specializes in web, mobile, and network penetration testing. He has previously presented at security conferences and found vulnerabilities in applications from companies like Facebook, Apple, and Yahoo. The agenda for his talk covers topics like iOS architecture, application structures, types of iOS applications and distribution methods, iOS penetration testing techniques, jailbreaking, and setting up an iOS testing platform. He will demonstrate runtime analysis and penetration testing on real iOS applications.
SplunkLive! Frankfurt 2018 - Intro to Security Analytics MethodsSplunk
Splunk Security Essentials provides concise summaries in 3 sentences or less that provide the high level and essential information from the document. The document discusses an introductory presentation on security analytics methods. It includes an agenda that covers an introduction to analytics methods, an example scenario, and next steps. It also discusses common security challenges, different analytics methods and types of use cases, and how analytics can be applied to different stages of an attack.
The document discusses building an analytics-driven security operations center (SOC) using Splunk. It begins with an overview of challenges with traditional SOCs, such as efficacy, staffing, siloization, and costs. It then covers trends in security operations like increased capabilities, automation, use of threat intelligence, and threat hunting. The document outlines components of the security operations toolchain including the log data platform, asset inventory, case management, and common data sources. It presents Splunk as a nerve center for security operations that can provide adaptive security architecture, threat intelligence framework, advanced analytics, automated processes, and proactive hunting and investigation. Finally, it shares examples of how customers have used Splunk to build intelligence-driven SO
Covering off some of the latest announcements at Splunk's user conference (.conf), an Add-on created to Splunk config files and also the presentation delivered at .conf18 on SplDevOps!
The document summarizes an Oracle Business Intelligence Enterprise Edition training course. The course covers OBIEE 10g in part 1 and OBIEE 11g in part 2. It details the system requirements for each version, including the necessary hardware, software, and browsers. It states that all required software and installation links will be provided. A Yahoo groups account will also be created for students to post questions that will be answered in a timely manner. Training materials will likewise be provided to students.
Splunk live nyc_2017_sec_buildinganalyticsdrivensocRene Aguero
The document is a presentation by Rene Aguero on building an analytics-driven security operations center (SOC) using Splunk solutions. It discusses challenges with traditional SOCs, emerging trends like threat hunting and automation, and the key components of a SOC technology stack including log management, asset tracking, threat intelligence, and case management. It then outlines how Splunk solutions can help address these issues by providing a platform for centralized data collection, correlation with threat intelligence, and advanced analytics including machine learning.
Similar to Building Business Service Intelligence with ITSI (20)
.conf Go 2023 - Raiffeisen Bank InternationalSplunk
This document discusses standardizing security operations procedures (SOPs) to increase efficiency and automation. It recommends storing SOPs in a code repository for versioning and referencing them in workbooks which are lists of standard tasks to follow for investigations. The goal is to have investigation playbooks in the security orchestration, automation and response (SOAR) tool perform the predefined investigation steps from the workbooks to automate incident response. This helps analysts automate faster without wasting time by having standard, vendor-agnostic procedures.
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
.conf Go 2023 presentation:
"Das passende Rezept für die digitale (Security) Revolution zur Telematik Infrastruktur 2.0 im Gesundheitswesen?"
Speaker: Stefan Stein -
Teamleiter CERT | gematik GmbH M.Eng. IT-Sicherheit & Forensik,
doctorate student at TH Brandenburg & Universität Dresden
El documento describe la transición de Cellnex de un Centro de Operaciones de Seguridad (SOC) a un Equipo de Respuesta a Incidentes de Seguridad (CSIRT). La transición se debió al crecimiento de Cellnex y la necesidad de automatizar procesos y tareas para mejorar la eficiencia. Cellnex implementó Splunk SIEM y SOAR para automatizar la creación, remediación y cierre de incidentes. Esto permitió al personal concentrarse en tareas estratégicas y mejorar KPIs como tiempos de resolución y correos electrónicos anal
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)Splunk
Este documento resume el recorrido de ABANCA en su camino hacia la ciberseguridad con Splunk, desde la incorporación de perfiles dedicados en 2016 hasta convertirse en un centro de monitorización y respuesta con más de 1TB de ingesta diaria y 350 casos de uso alineados con MITRE ATT&CK. También describe errores cometidos y soluciones implementadas, como la normalización de fuentes y formación de operadores, y los pilares actuales como la automatización, visibilidad y alineación con MITRE ATT&CK. Por último, señala retos
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
BMW is defining the next level of mobility - digital interactions and technology are the backbone to continued success with its customers. Discover how an IT team is tackling the journey of business transformation at scale whilst maintaining (and showing the importance of) business and IT service availability. Learn how BMW introduced frameworks to connect business and IT, using real-time data to mitigate customer impact, as Michael and Mark share their experience in building operations for a resilient future.
The document is a presentation on cyber security trends and Splunk security products from Matthias Maier, Product Marketing Director for Security at Splunk. The presentation covers trends in security operations like the evolution of SOCs, new security roles, and data-centric security approaches. It also provides updates on Splunk's security portfolio including recognition as a leader in SIEM by Gartner and growth in the SIEM market. Maier highlights some breakout sessions from the conference on topics like asset defense, machine learning, and building detections.
Data foundations building success, at city scale – Imperial College LondonSplunk
Universities have more in common with modern cities than traditional places of learning. This mini city needs to empower its citizens to thrive and achieve their ambitions. Operationalising data is key to building critical services; from understanding complex IT estates for smarter decision-making to robust security and a more reliable, resilient student experience. Juan will share his experience in building data foundations for a resilient future whilst enabling digital transformation at Imperial College London.
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
Learn how Vodafone has provided end-to-end visibility across services by building an Operational Analytics Platform. In this session, you will hear how Stefan and his team manage legacy, on premise, hybrid and public cloud services, and how they are providing a platform for complex triage and debugging to tackle use cases across Vodafone’s extensive ecosystem.
.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own.
Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo.
So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including:
Top challenges faced in improving security posture
Key KPIs implemented in order to measure success
Strategies and approaches applied in the SOC
How MITRE ATT&CK and Splunk Enterprise Security were utilised
Next steps in their maturity journey ahead
This document summarizes a presentation about observability using Splunk. It includes an agenda introducing observability and why Splunk for observability. It discusses the need for modernization initiatives in companies and the thousands of changes required. It presents that Splunk provides end-to-end visibility across metrics, traces and logs to detect, troubleshoot and optimize systems. It shares a customer case study of Accenture using Splunk observability in their hybrid cloud environment. Finally, it concludes that observability with Splunk can drive results like reduced downtime and faster innovation.
This document contains slides from a Splunk presentation covering the following topics:
- Updated Splunk logo and information about meetings in Zurich and sales engineering leads
- Ideas for confused or concerned human figures in design concepts
- Three buckets of challenges around websites slowing, apps being down, and supply chain issues
- Accelerating mean time to detect, identify, respond and resolve through cyber resilience with Splunk
- Unifying security, IT and DevOps teams
- Splunk's technology vision focusing on customer experience, hybrid/edge, unleashing data lakes, and ubiquitous machine learning
- Gaining operational resilience through correlating infrastructure, security, application and user data with business outcomes
This document summarizes a presentation about Splunk's platform. It discusses Splunk's mission of helping customers create value faster with insights from their data. It provides statistics on Splunk's daily ingest and users. It highlights examples of how Splunk has helped customers in areas like internet messaging and convergent services. It also discusses upcoming challenges and new capabilities in Splunk like federated search, flexible indexing, ingest actions, improved data onboarding and management, and increased platform resilience and security.
The document appears to be a presentation from Splunk on security topics. It includes sections on cyber security resilience, the data-centric modern SOC, application monitoring at scale, threat modeling, security monitoring journeys, self-service Splunk infrastructure, the top 3 CISO priorities of risk based alerting, use case development, a security content repository, security PVP (posture, vision, and planning) and maturity assessment, and concludes with an overview of how Splunk can provide end-to-end visibility across an organization.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
4. Safe Harbor Statement
During the course of this presentaUon, we may make forward looking statements regarding future
events or the expected performance of the company. We cauUon you that such statements reflect our
current expectaUons and esUmates based on factors currently known to us and that actual events or
results could differ materially. For important factors that may cause actual results to differ from those
contained in our forward-looking statements, please review our filings with the SEC. The forward-looking
statements made in this presentaUon are being made as of the Ume and date of its live presentaUon.
If reviewed aOer its live presentaUon, this presentaUon may not contain current or accurate informaUon.
We do not assume any obligaUon to update any forward looking statements we may make. In addiUon,
any informaUon about our roadmap outlines our general product direcUon and is subject to change at
any Ume without noUce. It is for informaUonal purposes only and shall not be incorporated into any
contract or other commitment. Splunk undertakes no obligaUon either to develop the features or
funcUonality described or to include any such feature or funcUonality in a future release.
4
8. Data-Defined & Driven Service Insights
Infrastructure Layer ApplicaUon Layer
Splunk> is the missing link
• Data Fidelity
• Single Repository for ALL data
• Easier to Manage Services
• Reduced IntegraUons
• Reduced Point SoluUons
• CollaboraUve Approach
• Quick Ume to value
Data Fabric Platform
Service Intelligence
Network
Packet, Payload, Traffic,
UUlizaUon, Perf
SyntheUc APM
Availability, Capacity,
User Experience
Byte Code InstrumentaUon
Usage, Experience,
Performance, Quality
AdapUve Thresholding
Apps, Services, Systems 74%
-36%
Server
Performance, Usage,
Dependency
Storage
UUlizaUon, Capacity,
Performance
MACHINE DATA
13. IT Service Intelligence Value Stack
§ Time Series Index
§ Schema on Read
§ Data Model Core Splunk >
§ Visualizes en2re stack
§ View the en2re Ecosystem
§ 3 clicks to get the answer versus 10
Service
Model
§ Adap2ve Threshold
§ Behavior Anomaly
§ Correlates Data into Knowledge ML
Search Based
KPI’s
§ Accelerators
§ Trend aggrega2on
§ Mul2 KPI Alerts
ITSI
30. Service Intelligence Design – BuEercup Games
Infrastructure Layer
Application Layer
Business Layer
Service Layer
Order Entry Manufacturing Shipping Fulfillment
Supply Chain
Online Store EDI
Web Tier Middleware
• Total Orders
• Total Revenue
• Unit Count
• Unit Failures
• Service Level • Delivery Time
• Online Orders
• Online Revenue
• Response Time
• ServiceHealth
• Incidents/Changes
• Customer Sa2sfac2on
• HTTP Hits
• Error Rate
• CPU Load
• Memory Used
• Disk Used
• IO Latency
• CPU Load
• Memory Used
• Disk Used
• IO Latency
• Response Time
• Error Rate
• Response Time
• Storage Free
45. Final Steps …
45
Set your thresholds:
● Aggregate (All)
● Per En*ty
● Click “Add Threshold” TWICE
● Make the Neapolitan ice cream colors
Yellow, Green, Yellow
● Drag the sliders around in order to get
the current data graph enUrely inside the
Green (normal) band
● Click Finish
● Other opUons are also available,
including adapUve thresholds and
anomaly detecUon
67. Call Center Service
Service Health
Transactions
ACD Analysis – Core Splunk
Call Wait History
Inbound Analysis
Social Media
Online Msg
Social Media
Mail Support
VOIP Service
Inbound Calls
68. Online Transactions
Internal Transfer Service
External Wire Service
Money Exchange Service
Money Transfer Services
Service Health
Corporate
Reconciliation Service
Fed Exchange Service
Core Splunk Searches
Transaction History
System Investigation
Heat Map Analysis
69. CIO Scorecard
Enterprise Service Status
Major Incidents
Service Health
Continuous Operational Visibility
Volume
Revenue
Incidents
Changes
Major Changes
Service Health
Volume
Revenue
Incidents
Changes
Service Health
Volume
Ontime Delivery
Incidents
Changes
Service Health
Volume
Revenue
Incidents
Changes
Service Health
Volume
Revenue
Incidents
Changes
Container Util
Service Health
Throughput
Incidents
Changes
71. Sign Up Now – We’re here to help!
Harness the creativity and domain knowledge of your
organization to unlock the value of data and solve an important
Business Service problem through a joint service intelligence
workshop with key stakeholders
Define methods for:
› Proactive service monitoring
› Reduced risk and failures
› Faster issue resolution
› Increased business performance
What is it?
› 1 Day Onsite Workshop
› Tightly linked with value
› Collaborative approach
› Build your own Glass
Table