SlideShare a Scribd company logo

March 2023 PNW User Group

A
Amanda Richardson

Thanks for coming out to the first PNW user group of 2023, and our first IN PERSON user group in a couple years! Dan Hogland caught us up on the latest Enterprise Security updates, Melissa Riley brought the best strategies to leverage FREE Splunk Education (and the Academic Alliances program for all you universities who joined us!) and we welcomed new User Group leader Rob de Luna. See you in a couple of months, in person in Seattle!

Technology
1 of 34
Download to read offline
© 2022 SPLUNK INC. Splunk PNW User Group 30 March, 2023
© 2022 SPLUNK INC. Agenda Topic Speaker Organization Time Welcome Grab your lunch, get comfy Intros and announcements Amanda Richardson Sr. Customer Success Manager Splunk 15m Splunk Enterprise Security - What’s New Dan Hogland Staff Security CSE Splunk 30m Splunk Education - Learning for All! Melissa Riley Learning Success Manager Splunk 30m Open Discussion and Networking Time! User Community All 30m Wrap up Closing remarks, topic ideas Rob de Luna Sr. Solutions Engineer Splunk 15m
© 2022 SPLUNK INC. Splunk Enterprise Security A data-centric, modern SIEM solution Dan Hogland Staff CSE, Security
This presentation may contain forward-looking statements regarding future events, plans or the expected financial performance of our company, including our expectations regarding our products, technology, strategy, customers, markets, acquisitions and investments. These statements reflect management’s current expectations, estimates and assumptions based on the information currently available to us. These forward-looking statements are not guarantees of future performance and involve significant risks, uncertainties and other factors that may cause our actual results, performance or achievements to be materially different from results, performance or achievements expressed or implied by the forward-looking statements contained in this presentation. For additional information about factors that could cause actual results to differ materially from those described in the forward-looking statements made in this presentation, please refer to our periodic reports and other filings with the SEC, including the risk factors identified in our most recent quarterly reports on Form 10-Q and annual reports on Form 10-K, copies of which may be obtained by visiting the Splunk Investor Relations website at www.investors.splunk.com or the SEC's website at www.sec.gov. The forward-looking statements made in this presentation are made as of the time and date of this presentation. If reviewed after the initial presentation, even if made available by us, on our website or otherwise, it may not contain current or accurate information. We disclaim any obligation to update or revise any forward-looking statement based on new information, future events or otherwise, except as required by applicable law. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. We undertake no obligation either to develop the features or functionalities described, in beta or in preview (used interchangeably), or to include any such feature or functionality in a future release. Splunk, Splunk> and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names or trademarks belong to their respective owners. © 2022 Splunk Inc. All rights reserved. Forward- Looking Statements 2.18.22-19:04
© 2022 SPLUNK INC. The Splunk Difference A data-centric approach to security Any Data, Any Source Make disparate data available, queryable, and actionable 1 Fast, Flexible Investigations Achieve 100% compliance and 5x faster security investigations 2 Proven Scalability Ingest TBs of data per day and perform over 1M searches per week 3 Open Ecosystem 2,800+ integrations to support your best-in-class technology stack 4 Support for All Deployments Effectively monitor and secure complex multicloud or hybrid environments 5 Source 1: Nasdaq customer story Source 2: Check Point Software customer story Source 3: Intel customer story Source 4: Slack customer story & Splunkbase Source 5: Travis Perkins PLC customer story
© 2022 SPLUNK INC. Advanced Analytics ● 1170+ detections with 100+ cloud- based detections ● 30% increase in true-positive alert rates with Risk-Based Alerting (RBA) ● Enrich and prioritize alerts with integrated threat intelligence (Splunk Intelligence Management) ● Align security operations to industry frameworks (MITRE ATT&CK, NIST, CIS 20, and Kill Chain) ● Dive deep with intuitive search and investigation capabilities Boost productivity
© 2021 SPLUNK INC. © 2022 SPLUNK INC. What’s New in ES
© 2022 SPLUNK INC. What’s New in Splunk Enterprise Security 7.0? ● Executive Summary Dashboard ● Security Operations Dashboard ● Cloud Security Monitoring Dashboards ● Real-Time Content Updates ● Dark Mode User Experience (Cloud) On Prem & Cloud
© 2022 SPLUNK INC. On Prem & Cloud Executive Summary Dashboard ● Increased visibility for CISOs, Security Directors and SOC Managers into overall health of security program ● Key Insights ○ Mean Time to Triage ○ Mean Time to Respond ○ Investigations Created ○ Assigned Notables Over Time ○ Notable Event History Trends ○ Risk-Based Alerting Trends ○ Adaptive Response Action Trends Executive Level Security Insights with Trends over Time A v a i l a b l e N o w
© 2022 SPLUNK INC. On Prem & Cloud A v a i l a b l e N o w Security Operations Dashboard ● Key Insights ○ Mean Time to Triage ○ Mean Time to Respond ○ Investigations Created ○ Notable Assignments ○ Notable and Analyst Close Rate ○ Notable Disposition ■ False Positives ■ True Positives ■ Benign Positives Performance and Efficiency Insights across Security Operations
© 2022 SPLUNK INC. ● New Dashboards include ○ AWS Security Groups ○ AWS IAM Activity ○ AWS Network ACLs ○ AWS Access Analyzer ○ Microsoft 365 ● Enterprise Security 7.0 proactively notifies you of new content updates from the Splunk Threat Research Team and enables updates in one click Cloud Security Dashboards Visibility into AWS and Microsoft 365 Cloud Security Datasets Real-Time Content Updates Automated Security Content Delivery On Prem & Cloud A v a i l a b l e N o w
© 2022 SPLUNK INC. Cloud A v a i l a b l e N o w Modernized User Experience ● Updated “Dark Mode” User Interface ● ES joins other Splunk Security Products in adopting modern development frameworks and best practices Unified User Experience
© 2023 SPLUNK INC. What’s New in Splunk Enterprise Security 7.1? MITRE ATT&CK Framework Matrix Provides the ability to visualize MITRE ATT&CK tactics and techniques in Risk Notable Events and operationalize the MITRE ATT&CK framework when responding to Notable Events Cloud Based Streaming Analytics Enables scalable, real-time streaming analytics for a broad range of advanced security detections that address common use cases. Threat Topology Allows analysts to immediately discover the scope of a security incident and quickly pivot between affected assets and users in the investigation.
© 2023 SPLUNK INC. ● Real-time insider threat detections ● Seamless integration with ES ● Scalable analytics ● Simple to deploy, cloud-native & low maintenance solution Detect Suspicious Behavior In Real- Time Cloud Based Streaming Analytics* & Risk Based Alerting *Cloud-Based Streaming Analytics will be available in US East only on 1/11. Cloud
© 2023 SPLUNK INC. Quickly Discover the Scope of an Incident to Respond Accurately ● Comprehensive view into security incidents ● Quickly determine the severity level of an incident ● Identify additional impacted subjects of an investigation without writing a single line of code of query language Threat Topology Visualization Cloud & On-Prem
© 2023 SPLUNK INC. Improve Security Workflow Efficiencies With Embedded Frameworks ● Visualize MITRE ATT&CK tactics and techniques in Risk Notable Events ● Operationalize the MITRE ATT&CK framework when responding to Notable Events MITRE ATT&CK Framework Matrix Visualization Cloud & On-Prem
© 2022 SPLUNK INC. Splunk Education Free Splunk Training Overview March 2023
© 2023 SPLUNK INC. Time to Value Adoption Productivity Support Needs Deploy use cases faster to deliver business outcomes Reduce the number of support calls and consulting engagements Empower end users to adopt and use the Splunk platform Enable developers and power users to build assets efficiently and effectively Splunk Education Benefits Increase your Return on Splunk Investment (ROI)
© 2023 SPLUNK INC. Accelerate Success Industry and Splunk experts Technical Instructors Lecture, demos, hands-on labs and assessments Comprehensive Curriculum Classroom, virtual and self-paced learning Flexible Delivery Methods Based on Splunk product and persona Learning Paths Validate and prove Splunk skills Certification Tracks
© 2023 SPLUNK INC. Who benefits? When is it? What do I have to do? And then? Designed to create a better experience for customers, partners, and prospects. Complete all in- progress training before the transition on May 17. Transition to the new system will cause downtime from May 17-21. Anyone who takes Splunk technical training May 22 launch Plan ahead Enjoy the new learning experience What’s new? Supports all Splunk product technical training and certifications. More feature-rich and streamlined experience Splunk Training and Enablement Portal (STEP) New Splunk Learning Platform
© 2023 SPLUNK INC. Splunk has free Training for all
© 2021 SPLUNK INC. Free Learning Paths
© 2023 SPLUNK INC. Free Learning Paths ● Learning paths based on Splunk product and persona ● Enterprise and Cloud Basics- 23 free eLearning ○ Ingest and correlate different data sources in Splunk Platform ○ Enrich unstructured data ○ Extract custom fields ○ Manage knowledge objects ○ Understand SPL best practices for better data analysis ● Splunk Enterprise Security- 5 free eLearning ○ Learn the value of Splunk Security solutions ○ Get an overview of use cases and best practices ○ Get an overview of SOAR ● Splunk Observability Overview + Apps- 13 free eLearning ○ Learn the value of Splunk Observability solutions ○ Get an overview of use cases and best practices
© 2023 SPLUNK INC. Free Splunk Training
© 2023 SPLUNK INC. Search Expert Course About eLearning no Labs Time What is Splunk? Dig into machine data and how to use operational intelligence. Free 45 min Intro to Splunk Learn Splunk basics, including reports, dashboards and events. Free 45 min Using Fields Expand your understanding of fields and their use in searches. Free 1 hour Visualizations Find out how to manage and visualize data in the Splunk platform. Free 1 hour Working with Time Gain expertise at using time in searches. Free 3 hours Statistical Processing Maximize the impact of your data with transforming commands and eval functions. Free 3 hours Comparing Values Leverage the power of eval functions and expressions to compare field values Free 3 hours Result Modification Learn which commands manipulate output and normalize data. Free 3 hours Scheduling Reports and Alerts Automate incident response using reports and alerts. Free 3 hours Introduction to Dashboards Explore best practices for creating and using dashboards. Free 1 hour Search Under the Hood Dive into Splunk architecture and search processing. Free 1 hour Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing ● Required Courses in Learning Path ● Indent shows logical sequence of courses
© 2023 SPLUNK INC. Knowledge Manager Course About eLearning no Labs Time What is Splunk? Dig into machine data and how to use operational intelligence. Free 45 min Intro to Splunk Learn Splunk basics, including reports, dashboards and events. Free 45 min Using Fields Expand your understanding of fields and their use in searches. Free 1 hour Intro to Knowledge Objects Learn to create, define, edit and manage knowledge objects. Free 1 hour Creating Knowledge Objects Use the Splunk web interface to create knowledge objects. Free 3 hours Creating Field Extractions Unlock the Field Extractor (FX) utility to understand the when and how of field extraction in Splunk. Free 3 hours Enriching Data with Lookups Understand how to upload, define, automate and use advanced lookup options. Free 3 hours Data Models Discover the power of data models, including creation, design and acceleration Free 3 hours Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing ● Required Courses in Learning Path ● Indent shows logical sequence of courses
© 2023 SPLUNK INC. Free Splunk Security Training Course About eLearning no Labs Time Introduction to Enterprise Security Understand how Enterprise Security can help identify and protect your organization from threats. Free 40 min Introduction to Splunk Security Essentials Explore use cases and analytic stories from Splunk Security Essentials (SSE) to discover how the detection works. Free 45 min Introduction to Splunk UBA Learn to define UBA and how Splunk can give insight into threats, anomalies, and internal data. Free 16 min Introduction to Splunk SOAR Discover the features, capabilities and use cases for Splunk SOAR (Security Orchestration and Automated Response). Free 20 min Developing SOAR Applications Unlock the possibilities of SOAR application designing, debugging and testing. Free 45 min SOAR Phantom Container Creation Walkthrough This 7-minute video guides analysts through creating containers via 3 methods: using an app, manually, or via import. Free 7 min Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing
© 2023 SPLUNK INC. Free Splunk Enterprise & Cloud Training Course About eLearning no Labs Time Splunk Infrastructure Overview This self-paced course gives users a high-level look at how to grow a Splunk deployment from a single instance to a distributed environment Free 1 hour Getting Data In Understand the basics of data source types and input. Free 30 min Splunk Enterprise Installation and Configuration Understand the basics of installing Splunk in a non-clustered environment. Free 30 min Splunk Enterprise Licensing Review best practices of managing Splunk licenses and configuring Splunk License Manager. Free 21 min Upgrading Splunk Enterprise Arm yourself with knowledge for your next non-clustered Splunk Enterprise upgrade. Free 17 min IT Essentials Learn - Walkthrough This 8-minute eLearning course steps you through the IT Essentials Learn app Free 8 min IT Essentials Work - Walkthrough This 12.5-minute walkthrough is for Splunk and IT admins with basic IT knowledge who understand IT Operations and monitoring. Free 12.5 min Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing
© 2023 SPLUNK INC. Free Splunk Observability - Infrastructure Monitoring & Application Performance Monitoring Course SREs DevOps Develo pers About Introduction to Splunk Observability (Cloud) - Free eLearning ✓ ✓ ✓ Learn the difference between monitoring and observability. Getting Data into Splunk Observability Cloud - Free eLearning ✓ Use the Splunk Distribution of the Open Telemetry (OTel) Collector to send metrics and logs to Splunk Observability Cloud. Introduction to Splunk Infrastructure Monitoring (IM) - Free eLearning ✓ ✓ ✓ Explore the Splunk Infrastructure Monitoring basics. Splunk Observability Cloud: Teams - Free eLearning ✓ ✓ See how to set up and manage teams in the Splunk Cloud platform. Splunk Observability Cloud: Enterprise Features - Free eLearning ✓ ✓ ✓ See how to set permissions and use mirrored dashboards. Implementing the Splunk App for Infrastructure (SAI) - Free eLearning ✓ ✓ ✓ Get all the details for installing and configuring SAI. Introduction to Splunk Application Performance Monitoring (eLearning) ✓ ✓ ✓ Get an overview of Splunk APM's key features, navigation and basic troubleshooting. Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing
© 2023 SPLUNK INC. Splunk Observability - Other Products Course SREs DevOps Develop ers About Introduction to Splunk Log Observer - Free eLearning ✓ ✓ ✓ Understand filtering and browsing log messages, finding trends in log data through aggregation functions, and facilitating team collaboration Introduction to Splunk Synthetic Monitoring - Free eLearning ✓ ✓ ✓ Learn what Splunk Synthetic Monitoring is, explore the UI and differentiate the types of tests. Using Splunk Synthetic Monitoring (RIGOR) - Free eLearning ✓ ✓ ✓ Understand best practices, data visualization and alerts. Introduction to Splunk Real User Monitoring - Free eLearning ✓ Delve into how to use Splunk RUM for troubleshooting. Responding to Incidents in Splunk On-Call - Free eLearning ✓ ✓ ✓ Dig into shifts, rotations, escalation and scheduling. Splunk App for Content Packs - Free eLearning Review the basics of Splunk's App for Content Packs, including installation, configuration and metrics monitoring. Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing
© 2023 SPLUNK INC. Splunk Education Helpful Tips ● Splunk Education Official Website ● Splunk Education Student Handbook ● Splunk Certification Handbook ● Splunk Education Pricing ● Registration and Passkey Guide ● Splunk Academic Alliance Program
© 2023 SPLUNK INC. Splunk Education Contacts Education Coordinators by Region Education_AMER@splunk.com Education_EMEA@splunk.com Education_APAC@splunk.com Certification Certification@splunk.com
© 2023 SPLUNK INC. Leaders ● User leaders needed! Next meeting ● In person in Seattle Wrap up Topic ideas ● Drop suggestions or offers to speak to the #pnw channel in the UG slack .conf23 ● July 20-23 ● Las Vegas
© 2022 SPLUNK INC. Thank You

Recommended

SSE Overview Deck - Swedish User Group.pdf
SSE Overview Deck - Swedish User Group.pdfSSE Overview Deck - Swedish User Group.pdf
SSE Overview Deck - Swedish User Group.pdf
Ulf Thornander
 
December Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group MeetupDecember Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group Meetup
kamlesh2410
 
November 2021 Splunk PNW User Group
November 2021 Splunk PNW User GroupNovember 2021 Splunk PNW User Group
November 2021 Splunk PNW User Group
Amanda Richardson
 
Splunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdfSplunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdf
djdhhdddhhd
 
Splunk-Presentation
Splunk-Presentation Splunk-Presentation
Splunk-Presentation
PrasadThorat23
 
Power the SOC of the Future with scale, speed and choice - Splunk Public Sect...
Power the SOC of the Future with scale, speed and choice - Splunk Public Sect...Power the SOC of the Future with scale, speed and choice - Splunk Public Sect...
Power the SOC of the Future with scale, speed and choice - Splunk Public Sect...
Splunk EMEA
 
Splunk PNW User Group - Seattle - 2023-06-28.pdf
Splunk PNW User Group - Seattle - 2023-06-28.pdfSplunk PNW User Group - Seattle - 2023-06-28.pdf
Splunk PNW User Group - Seattle - 2023-06-28.pdf
Amanda Richardson
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
Splunk
 

Recommended

SSE Overview Deck - Swedish User Group.pdf
SSE Overview Deck - Swedish User Group.pdfSSE Overview Deck - Swedish User Group.pdf
SSE Overview Deck - Swedish User Group.pdf
Ulf Thornander
 
December Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group MeetupDecember Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group Meetup
kamlesh2410
 
November 2021 Splunk PNW User Group
November 2021 Splunk PNW User GroupNovember 2021 Splunk PNW User Group
November 2021 Splunk PNW User Group
Amanda Richardson
 
Splunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdfSplunk4Rookies - Attendee - May 2023.pdf
Splunk4Rookies - Attendee - May 2023.pdf
djdhhdddhhd
 
Splunk-Presentation
Splunk-Presentation Splunk-Presentation
Splunk-Presentation
PrasadThorat23
 
Power the SOC of the Future with scale, speed and choice - Splunk Public Sect...
Power the SOC of the Future with scale, speed and choice - Splunk Public Sect...Power the SOC of the Future with scale, speed and choice - Splunk Public Sect...
Power the SOC of the Future with scale, speed and choice - Splunk Public Sect...
Splunk EMEA
 
Splunk PNW User Group - Seattle - 2023-06-28.pdf
Splunk PNW User Group - Seattle - 2023-06-28.pdfSplunk PNW User Group - Seattle - 2023-06-28.pdf
Splunk PNW User Group - Seattle - 2023-06-28.pdf
Amanda Richardson
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
Splunk
 
Building an Analytics Enables SOC
Building an Analytics Enables SOCBuilding an Analytics Enables SOC
Building an Analytics Enables SOC
Splunk
 
IoT Analytics @ splunk
IoT Analytics @ splunkIoT Analytics @ splunk
IoT Analytics @ splunk
Splunk
 
Alle Neuigkeiten im letzten Plattform Release
Alle Neuigkeiten im letzten Plattform ReleaseAlle Neuigkeiten im letzten Plattform Release
Alle Neuigkeiten im letzten Plattform Release
Splunk
 
2022 09 March Splunk PNW User Group
2022 09 March Splunk PNW User Group 2022 09 March Splunk PNW User Group
2022 09 March Splunk PNW User Group
Amanda Richardson
 
Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01
NiketNilay
 
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
Splunk
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
Splunk
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2 Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
Splunk
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2 Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
Splunk
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
Splunk
 
What's New with the Latest Splunk Platform Release
What's New with the Latest Splunk Platform ReleaseWhat's New with the Latest Splunk Platform Release
What's New with the Latest Splunk Platform Release
Splunk
 
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
Splunk
 
How Zebra Technologies delivers business intelligence with Elastic on Google ...
How Zebra Technologies delivers business intelligence with Elastic on Google ...How Zebra Technologies delivers business intelligence with Elastic on Google ...
How Zebra Technologies delivers business intelligence with Elastic on Google ...
Elasticsearch
 
sfbaug20230215-230310221623-88beae19.pdf
sfbaug20230215-230310221623-88beae19.pdfsfbaug20230215-230310221623-88beae19.pdf
sfbaug20230215-230310221623-88beae19.pdf
JeffForrest8
 
SFBA Splunk User Group Meeting February 2023
SFBA Splunk User Group Meeting February 2023SFBA Splunk User Group Meeting February 2023
SFBA Splunk User Group Meeting February 2023
Becky Burwell
 
SplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy UsersSplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy Users
Splunk
 
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
SplunkLive! London 2017 - Splunk Enterprise for IT TroubleshootingSplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
Splunk
 
SplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and LogsSplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and Logs
Splunk
 
SplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by SplunkSplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by Splunk
Splunk
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsSplunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 

More Related Content

Similar to March 2023 PNW User Group

Building an Analytics Enables SOC
Building an Analytics Enables SOCBuilding an Analytics Enables SOC
Building an Analytics Enables SOC
Splunk
 
IoT Analytics @ splunk
IoT Analytics @ splunkIoT Analytics @ splunk
IoT Analytics @ splunk
Splunk
 
Alle Neuigkeiten im letzten Plattform Release
Alle Neuigkeiten im letzten Plattform ReleaseAlle Neuigkeiten im letzten Plattform Release
Alle Neuigkeiten im letzten Plattform Release
Splunk
 
2022 09 March Splunk PNW User Group
2022 09 March Splunk PNW User Group 2022 09 March Splunk PNW User Group
2022 09 March Splunk PNW User Group
Amanda Richardson
 
Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01
NiketNilay
 
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
Splunk
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
Splunk
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2 Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
Splunk
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2 Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
Splunk
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
Splunk
 
What's New with the Latest Splunk Platform Release
What's New with the Latest Splunk Platform ReleaseWhat's New with the Latest Splunk Platform Release
What's New with the Latest Splunk Platform Release
Splunk
 
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
Splunk
 
How Zebra Technologies delivers business intelligence with Elastic on Google ...
How Zebra Technologies delivers business intelligence with Elastic on Google ...How Zebra Technologies delivers business intelligence with Elastic on Google ...
How Zebra Technologies delivers business intelligence with Elastic on Google ...
Elasticsearch
 
sfbaug20230215-230310221623-88beae19.pdf
sfbaug20230215-230310221623-88beae19.pdfsfbaug20230215-230310221623-88beae19.pdf
sfbaug20230215-230310221623-88beae19.pdf
JeffForrest8
 
SFBA Splunk User Group Meeting February 2023
SFBA Splunk User Group Meeting February 2023SFBA Splunk User Group Meeting February 2023
SFBA Splunk User Group Meeting February 2023
Becky Burwell
 
SplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy UsersSplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy Users
Splunk
 
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
SplunkLive! London 2017 - Splunk Enterprise for IT TroubleshootingSplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
Splunk
 
SplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and LogsSplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and Logs
Splunk
 
SplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by SplunkSplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by Splunk
Splunk
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsSplunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOps
Harry McLaren
 

Similar to March 2023 PNW User Group (20)

Building an Analytics Enables SOC
Building an Analytics Enables SOCBuilding an Analytics Enables SOC
Building an Analytics Enables SOC
 
IoT Analytics @ splunk
IoT Analytics @ splunkIoT Analytics @ splunk
IoT Analytics @ splunk
 
Alle Neuigkeiten im letzten Plattform Release
Alle Neuigkeiten im letzten Plattform ReleaseAlle Neuigkeiten im letzten Plattform Release
Alle Neuigkeiten im letzten Plattform Release
 
2022 09 March Splunk PNW User Group
2022 09 March Splunk PNW User Group 2022 09 March Splunk PNW User Group
2022 09 March Splunk PNW User Group
 
Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01
 
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2 Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2 Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
 
What's New with the Latest Splunk Platform Release
What's New with the Latest Splunk Platform ReleaseWhat's New with the Latest Splunk Platform Release
What's New with the Latest Splunk Platform Release
 
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
 
How Zebra Technologies delivers business intelligence with Elastic on Google ...
How Zebra Technologies delivers business intelligence with Elastic on Google ...How Zebra Technologies delivers business intelligence with Elastic on Google ...
How Zebra Technologies delivers business intelligence with Elastic on Google ...
 
sfbaug20230215-230310221623-88beae19.pdf
sfbaug20230215-230310221623-88beae19.pdfsfbaug20230215-230310221623-88beae19.pdf
sfbaug20230215-230310221623-88beae19.pdf
 
SFBA Splunk User Group Meeting February 2023
SFBA Splunk User Group Meeting February 2023SFBA Splunk User Group Meeting February 2023
SFBA Splunk User Group Meeting February 2023
 
SplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy UsersSplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy Users
 
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
SplunkLive! London 2017 - Splunk Enterprise for IT TroubleshootingSplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
 
SplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and LogsSplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and Logs
 
SplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by SplunkSplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by Splunk
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOpsSplunk .conf18 Updates, Config Add-on, SplDevOps
Splunk .conf18 Updates, Config Add-on, SplDevOps
 

Recently uploaded

Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 

Recently uploaded (20)

Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 

March 2023 PNW User Group

  • 1. © 2022 SPLUNK INC. Splunk PNW User Group 30 March, 2023
  • 2. © 2022 SPLUNK INC. Agenda Topic Speaker Organization Time Welcome Grab your lunch, get comfy Intros and announcements Amanda Richardson Sr. Customer Success Manager Splunk 15m Splunk Enterprise Security - What’s New Dan Hogland Staff Security CSE Splunk 30m Splunk Education - Learning for All! Melissa Riley Learning Success Manager Splunk 30m Open Discussion and Networking Time! User Community All 30m Wrap up Closing remarks, topic ideas Rob de Luna Sr. Solutions Engineer Splunk 15m
  • 3. © 2022 SPLUNK INC. Splunk Enterprise Security A data-centric, modern SIEM solution Dan Hogland Staff CSE, Security
  • 4. This presentation may contain forward-looking statements regarding future events, plans or the expected financial performance of our company, including our expectations regarding our products, technology, strategy, customers, markets, acquisitions and investments. These statements reflect management’s current expectations, estimates and assumptions based on the information currently available to us. These forward-looking statements are not guarantees of future performance and involve significant risks, uncertainties and other factors that may cause our actual results, performance or achievements to be materially different from results, performance or achievements expressed or implied by the forward-looking statements contained in this presentation. For additional information about factors that could cause actual results to differ materially from those described in the forward-looking statements made in this presentation, please refer to our periodic reports and other filings with the SEC, including the risk factors identified in our most recent quarterly reports on Form 10-Q and annual reports on Form 10-K, copies of which may be obtained by visiting the Splunk Investor Relations website at www.investors.splunk.com or the SEC's website at www.sec.gov. The forward-looking statements made in this presentation are made as of the time and date of this presentation. If reviewed after the initial presentation, even if made available by us, on our website or otherwise, it may not contain current or accurate information. We disclaim any obligation to update or revise any forward-looking statement based on new information, future events or otherwise, except as required by applicable law. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. We undertake no obligation either to develop the features or functionalities described, in beta or in preview (used interchangeably), or to include any such feature or functionality in a future release. Splunk, Splunk> and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names or trademarks belong to their respective owners. © 2022 Splunk Inc. All rights reserved. Forward- Looking Statements 2.18.22-19:04
  • 5. © 2022 SPLUNK INC. The Splunk Difference A data-centric approach to security Any Data, Any Source Make disparate data available, queryable, and actionable 1 Fast, Flexible Investigations Achieve 100% compliance and 5x faster security investigations 2 Proven Scalability Ingest TBs of data per day and perform over 1M searches per week 3 Open Ecosystem 2,800+ integrations to support your best-in-class technology stack 4 Support for All Deployments Effectively monitor and secure complex multicloud or hybrid environments 5 Source 1: Nasdaq customer story Source 2: Check Point Software customer story Source 3: Intel customer story Source 4: Slack customer story & Splunkbase Source 5: Travis Perkins PLC customer story
  • 6. © 2022 SPLUNK INC. Advanced Analytics ● 1170+ detections with 100+ cloud- based detections ● 30% increase in true-positive alert rates with Risk-Based Alerting (RBA) ● Enrich and prioritize alerts with integrated threat intelligence (Splunk Intelligence Management) ● Align security operations to industry frameworks (MITRE ATT&CK, NIST, CIS 20, and Kill Chain) ● Dive deep with intuitive search and investigation capabilities Boost productivity
  • 7. © 2021 SPLUNK INC. © 2022 SPLUNK INC. What’s New in ES
  • 8. © 2022 SPLUNK INC. What’s New in Splunk Enterprise Security 7.0? ● Executive Summary Dashboard ● Security Operations Dashboard ● Cloud Security Monitoring Dashboards ● Real-Time Content Updates ● Dark Mode User Experience (Cloud) On Prem & Cloud
  • 9. © 2022 SPLUNK INC. On Prem & Cloud Executive Summary Dashboard ● Increased visibility for CISOs, Security Directors and SOC Managers into overall health of security program ● Key Insights ○ Mean Time to Triage ○ Mean Time to Respond ○ Investigations Created ○ Assigned Notables Over Time ○ Notable Event History Trends ○ Risk-Based Alerting Trends ○ Adaptive Response Action Trends Executive Level Security Insights with Trends over Time A v a i l a b l e N o w
  • 10. © 2022 SPLUNK INC. On Prem & Cloud A v a i l a b l e N o w Security Operations Dashboard ● Key Insights ○ Mean Time to Triage ○ Mean Time to Respond ○ Investigations Created ○ Notable Assignments ○ Notable and Analyst Close Rate ○ Notable Disposition ■ False Positives ■ True Positives ■ Benign Positives Performance and Efficiency Insights across Security Operations
  • 11. © 2022 SPLUNK INC. ● New Dashboards include ○ AWS Security Groups ○ AWS IAM Activity ○ AWS Network ACLs ○ AWS Access Analyzer ○ Microsoft 365 ● Enterprise Security 7.0 proactively notifies you of new content updates from the Splunk Threat Research Team and enables updates in one click Cloud Security Dashboards Visibility into AWS and Microsoft 365 Cloud Security Datasets Real-Time Content Updates Automated Security Content Delivery On Prem & Cloud A v a i l a b l e N o w
  • 12. © 2022 SPLUNK INC. Cloud A v a i l a b l e N o w Modernized User Experience ● Updated “Dark Mode” User Interface ● ES joins other Splunk Security Products in adopting modern development frameworks and best practices Unified User Experience
  • 13. © 2023 SPLUNK INC. What’s New in Splunk Enterprise Security 7.1? MITRE ATT&CK Framework Matrix Provides the ability to visualize MITRE ATT&CK tactics and techniques in Risk Notable Events and operationalize the MITRE ATT&CK framework when responding to Notable Events Cloud Based Streaming Analytics Enables scalable, real-time streaming analytics for a broad range of advanced security detections that address common use cases. Threat Topology Allows analysts to immediately discover the scope of a security incident and quickly pivot between affected assets and users in the investigation.
  • 14. © 2023 SPLUNK INC. ● Real-time insider threat detections ● Seamless integration with ES ● Scalable analytics ● Simple to deploy, cloud-native & low maintenance solution Detect Suspicious Behavior In Real- Time Cloud Based Streaming Analytics* & Risk Based Alerting *Cloud-Based Streaming Analytics will be available in US East only on 1/11. Cloud
  • 15. © 2023 SPLUNK INC. Quickly Discover the Scope of an Incident to Respond Accurately ● Comprehensive view into security incidents ● Quickly determine the severity level of an incident ● Identify additional impacted subjects of an investigation without writing a single line of code of query language Threat Topology Visualization Cloud & On-Prem
  • 16. © 2023 SPLUNK INC. Improve Security Workflow Efficiencies With Embedded Frameworks ● Visualize MITRE ATT&CK tactics and techniques in Risk Notable Events ● Operationalize the MITRE ATT&CK framework when responding to Notable Events MITRE ATT&CK Framework Matrix Visualization Cloud & On-Prem
  • 17. © 2022 SPLUNK INC. Splunk Education Free Splunk Training Overview March 2023
  • 18. © 2023 SPLUNK INC. Time to Value Adoption Productivity Support Needs Deploy use cases faster to deliver business outcomes Reduce the number of support calls and consulting engagements Empower end users to adopt and use the Splunk platform Enable developers and power users to build assets efficiently and effectively Splunk Education Benefits Increase your Return on Splunk Investment (ROI)
  • 19. © 2023 SPLUNK INC. Accelerate Success Industry and Splunk experts Technical Instructors Lecture, demos, hands-on labs and assessments Comprehensive Curriculum Classroom, virtual and self-paced learning Flexible Delivery Methods Based on Splunk product and persona Learning Paths Validate and prove Splunk skills Certification Tracks
  • 20. © 2023 SPLUNK INC. Who benefits? When is it? What do I have to do? And then? Designed to create a better experience for customers, partners, and prospects. Complete all in- progress training before the transition on May 17. Transition to the new system will cause downtime from May 17-21. Anyone who takes Splunk technical training May 22 launch Plan ahead Enjoy the new learning experience What’s new? Supports all Splunk product technical training and certifications. More feature-rich and streamlined experience Splunk Training and Enablement Portal (STEP) New Splunk Learning Platform
  • 21. © 2023 SPLUNK INC. Splunk has free Training for all
  • 22. © 2021 SPLUNK INC. Free Learning Paths
  • 23. © 2023 SPLUNK INC. Free Learning Paths ● Learning paths based on Splunk product and persona ● Enterprise and Cloud Basics- 23 free eLearning ○ Ingest and correlate different data sources in Splunk Platform ○ Enrich unstructured data ○ Extract custom fields ○ Manage knowledge objects ○ Understand SPL best practices for better data analysis ● Splunk Enterprise Security- 5 free eLearning ○ Learn the value of Splunk Security solutions ○ Get an overview of use cases and best practices ○ Get an overview of SOAR ● Splunk Observability Overview + Apps- 13 free eLearning ○ Learn the value of Splunk Observability solutions ○ Get an overview of use cases and best practices
  • 24. © 2023 SPLUNK INC. Free Splunk Training
  • 25. © 2023 SPLUNK INC. Search Expert Course About eLearning no Labs Time What is Splunk? Dig into machine data and how to use operational intelligence. Free 45 min Intro to Splunk Learn Splunk basics, including reports, dashboards and events. Free 45 min Using Fields Expand your understanding of fields and their use in searches. Free 1 hour Visualizations Find out how to manage and visualize data in the Splunk platform. Free 1 hour Working with Time Gain expertise at using time in searches. Free 3 hours Statistical Processing Maximize the impact of your data with transforming commands and eval functions. Free 3 hours Comparing Values Leverage the power of eval functions and expressions to compare field values Free 3 hours Result Modification Learn which commands manipulate output and normalize data. Free 3 hours Scheduling Reports and Alerts Automate incident response using reports and alerts. Free 3 hours Introduction to Dashboards Explore best practices for creating and using dashboards. Free 1 hour Search Under the Hood Dive into Splunk architecture and search processing. Free 1 hour Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing ● Required Courses in Learning Path ● Indent shows logical sequence of courses
  • 26. © 2023 SPLUNK INC. Knowledge Manager Course About eLearning no Labs Time What is Splunk? Dig into machine data and how to use operational intelligence. Free 45 min Intro to Splunk Learn Splunk basics, including reports, dashboards and events. Free 45 min Using Fields Expand your understanding of fields and their use in searches. Free 1 hour Intro to Knowledge Objects Learn to create, define, edit and manage knowledge objects. Free 1 hour Creating Knowledge Objects Use the Splunk web interface to create knowledge objects. Free 3 hours Creating Field Extractions Unlock the Field Extractor (FX) utility to understand the when and how of field extraction in Splunk. Free 3 hours Enriching Data with Lookups Understand how to upload, define, automate and use advanced lookup options. Free 3 hours Data Models Discover the power of data models, including creation, design and acceleration Free 3 hours Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing ● Required Courses in Learning Path ● Indent shows logical sequence of courses
  • 27. © 2023 SPLUNK INC. Free Splunk Security Training Course About eLearning no Labs Time Introduction to Enterprise Security Understand how Enterprise Security can help identify and protect your organization from threats. Free 40 min Introduction to Splunk Security Essentials Explore use cases and analytic stories from Splunk Security Essentials (SSE) to discover how the detection works. Free 45 min Introduction to Splunk UBA Learn to define UBA and how Splunk can give insight into threats, anomalies, and internal data. Free 16 min Introduction to Splunk SOAR Discover the features, capabilities and use cases for Splunk SOAR (Security Orchestration and Automated Response). Free 20 min Developing SOAR Applications Unlock the possibilities of SOAR application designing, debugging and testing. Free 45 min SOAR Phantom Container Creation Walkthrough This 7-minute video guides analysts through creating containers via 3 methods: using an app, manually, or via import. Free 7 min Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing
  • 28. © 2023 SPLUNK INC. Free Splunk Enterprise & Cloud Training Course About eLearning no Labs Time Splunk Infrastructure Overview This self-paced course gives users a high-level look at how to grow a Splunk deployment from a single instance to a distributed environment Free 1 hour Getting Data In Understand the basics of data source types and input. Free 30 min Splunk Enterprise Installation and Configuration Understand the basics of installing Splunk in a non-clustered environment. Free 30 min Splunk Enterprise Licensing Review best practices of managing Splunk licenses and configuring Splunk License Manager. Free 21 min Upgrading Splunk Enterprise Arm yourself with knowledge for your next non-clustered Splunk Enterprise upgrade. Free 17 min IT Essentials Learn - Walkthrough This 8-minute eLearning course steps you through the IT Essentials Learn app Free 8 min IT Essentials Work - Walkthrough This 12.5-minute walkthrough is for Splunk and IT admins with basic IT knowledge who understand IT Operations and monitoring. Free 12.5 min Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing
  • 29. © 2023 SPLUNK INC. Free Splunk Observability - Infrastructure Monitoring & Application Performance Monitoring Course SREs DevOps Develo pers About Introduction to Splunk Observability (Cloud) - Free eLearning ✓ ✓ ✓ Learn the difference between monitoring and observability. Getting Data into Splunk Observability Cloud - Free eLearning ✓ Use the Splunk Distribution of the Open Telemetry (OTel) Collector to send metrics and logs to Splunk Observability Cloud. Introduction to Splunk Infrastructure Monitoring (IM) - Free eLearning ✓ ✓ ✓ Explore the Splunk Infrastructure Monitoring basics. Splunk Observability Cloud: Teams - Free eLearning ✓ ✓ See how to set up and manage teams in the Splunk Cloud platform. Splunk Observability Cloud: Enterprise Features - Free eLearning ✓ ✓ ✓ See how to set permissions and use mirrored dashboards. Implementing the Splunk App for Infrastructure (SAI) - Free eLearning ✓ ✓ ✓ Get all the details for installing and configuring SAI. Introduction to Splunk Application Performance Monitoring (eLearning) ✓ ✓ ✓ Get an overview of Splunk APM's key features, navigation and basic troubleshooting. Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing
  • 30. © 2023 SPLUNK INC. Splunk Observability - Other Products Course SREs DevOps Develop ers About Introduction to Splunk Log Observer - Free eLearning ✓ ✓ ✓ Understand filtering and browsing log messages, finding trends in log data through aggregation functions, and facilitating team collaboration Introduction to Splunk Synthetic Monitoring - Free eLearning ✓ ✓ ✓ Learn what Splunk Synthetic Monitoring is, explore the UI and differentiate the types of tests. Using Splunk Synthetic Monitoring (RIGOR) - Free eLearning ✓ ✓ ✓ Understand best practices, data visualization and alerts. Introduction to Splunk Real User Monitoring - Free eLearning ✓ Delve into how to use Splunk RUM for troubleshooting. Responding to Incidents in Splunk On-Call - Free eLearning ✓ ✓ ✓ Dig into shifts, rotations, escalation and scheduling. Splunk App for Content Packs - Free eLearning Review the basics of Splunk's App for Content Packs, including installation, configuration and metrics monitoring. Notes: - Pricing and courses are subject to change. - Dedicated virtual and onsite classes accommodate a maximum of 12 learners in each class. - For additional dedicated onsite terms, refer to https://education.splunk.com/Pricing
  • 31. © 2023 SPLUNK INC. Splunk Education Helpful Tips ● Splunk Education Official Website ● Splunk Education Student Handbook ● Splunk Certification Handbook ● Splunk Education Pricing ● Registration and Passkey Guide ● Splunk Academic Alliance Program
  • 32. © 2023 SPLUNK INC. Splunk Education Contacts Education Coordinators by Region Education_AMER@splunk.com Education_EMEA@splunk.com Education_APAC@splunk.com Certification Certification@splunk.com
  • 33. © 2023 SPLUNK INC. Leaders ● User leaders needed! Next meeting ● In person in Seattle Wrap up Topic ideas ● Drop suggestions or offers to speak to the #pnw channel in the UG slack .conf23 ● July 20-23 ● Las Vegas
  • 34. © 2022 SPLUNK INC. Thank You