This was presented to the Nebraska Splunk User Group. This talk is about the Splunk Connected Experiences. Within Splunk Connected Experiences there is Splunk Cloud Gateway, Splunk Mobile, Splunk AR, and Splunk TV
Extending Splunk to Business use cases with Process MiningSplunk
This document discusses extending Splunk to business use cases through dynamic process mining. It notes that every line of business now generates millions of events per day and process mining can help gain transparency into complex processes and drive continuous improvement. The document introduces Splunk Business Flow for visualizing end-to-end business processes across systems to identify bottlenecks and opportunities for optimization. It provides an example use case of an organization using it to gain visibility into customer order issues.
This document contains an agenda for a Splunk Enterprise for Information Security Hands-On presentation taking place on December 1, 2016 in Long Beach. The presentation will cover topics like web attacks, lateral movement, and DNS exfiltration. It includes a safe harbor statement noting that any forward-looking statements are based on estimates and actual results could differ. It also provides login information for a hands-on environment containing over 5.5 million sanitized events.
What's New in Splunk Cloud and Enterprise 6.5Splunk
This document provides an overview and agenda for what's new in Splunk Cloud and Enterprise 6.5. It introduces new features for easier data preparation and analysis through intuitive table views. Extended platform and management capabilities include integrated Hadoop features for storage flexibility and automated management tools. New machine learning analytics allow for predictive analytics through packaged and custom models. Additional developer resources are introduced to simplify app development and certification. The presentation concludes with details on liberalized licensing terms and resources for getting started with Splunk.
The document discusses anomaly detection methods and applications. It begins with an overview of forward-looking statements and the agenda. The agenda includes discussing perspectives on anomalies, why anomalies matter for business, how to spot anomalies, a demonstration, learning more, and a question and answer section. It then covers perspectives on anomalies from different fields. Next, it discusses why anomalies matter across different areas like security, IT operations, IoT/OT, and business analytics. Following this, it outlines different methods and algorithms for anomaly detection in Splunk, including the Machine Learning Toolkit.
Splunk Enterprise for IT Troubleshooting Hands-OnSplunk
This document provides an overview and demo of Splunk Enterprise for IT troubleshooting. It discusses how Splunk can help address the increasing complexity of IT environments by allowing users to index and analyze machine data from any source. The demo walks through searching logs, extracting fields, troubleshooting infrastructure and application issues, creating alerts and reports, and using dashboards. It highlights how Splunk can help accelerate incident resolution, reduce MTTR, and accelerate development cycles.
The document discusses Splunk's platform for turning machine data into business outcomes. It notes that traditional approaches cannot adapt to digital evolution, as machine data is messy and unpredictable. Splunk's platform ingests data from any source and location, and allows different users to ask questions of the same data in real time. This delivers value across multiple use cases for IT, security, business, and IoT. The presentation demonstrates Splunk's platform and discusses new capabilities like Splunk Connected Experiences and Splunk Data Stream Processor. It frames digital evolution as a journey from reactive to proactive, predictive, and automated action using data.
Splunk4Leaders: How to Supercharge your Decision Making CapabilitySplunk
The document discusses how to make better decisions faster using Splunk. It covers cognitive biases that can negatively impact decision making like confirmation bias and anchoring. The presentation agenda includes explaining why decision making is important now given increasing data and system complexity. Splunk can help embrace data chaos by investigating, monitoring, analyzing and acting on machine data from complex systems. Key takeaways are to see the world as complex and chaotic, combine human and data strengths, and focus on planning over static plans to improve resilience.
SplunkLive Brisbane Splunk for Operational Security IntelligenceGabrielle Knowles
This document contains an agenda and overview for a presentation on using Splunk for operational security intelligence. The presentation discusses using lookup files to enhance security posture with threat intelligence, the common information model for ingesting and normalizing security data from various sources, investigating specific Windows event IDs to tackle advanced attacks, and highlighting popular security-related apps from Splunkbase. The document also contains disclaimers about forward-looking statements and a roadmap being subject to change.
Extending Splunk to Business use cases with Process MiningSplunk
This document discusses extending Splunk to business use cases through dynamic process mining. It notes that every line of business now generates millions of events per day and process mining can help gain transparency into complex processes and drive continuous improvement. The document introduces Splunk Business Flow for visualizing end-to-end business processes across systems to identify bottlenecks and opportunities for optimization. It provides an example use case of an organization using it to gain visibility into customer order issues.
This document contains an agenda for a Splunk Enterprise for Information Security Hands-On presentation taking place on December 1, 2016 in Long Beach. The presentation will cover topics like web attacks, lateral movement, and DNS exfiltration. It includes a safe harbor statement noting that any forward-looking statements are based on estimates and actual results could differ. It also provides login information for a hands-on environment containing over 5.5 million sanitized events.
What's New in Splunk Cloud and Enterprise 6.5Splunk
This document provides an overview and agenda for what's new in Splunk Cloud and Enterprise 6.5. It introduces new features for easier data preparation and analysis through intuitive table views. Extended platform and management capabilities include integrated Hadoop features for storage flexibility and automated management tools. New machine learning analytics allow for predictive analytics through packaged and custom models. Additional developer resources are introduced to simplify app development and certification. The presentation concludes with details on liberalized licensing terms and resources for getting started with Splunk.
The document discusses anomaly detection methods and applications. It begins with an overview of forward-looking statements and the agenda. The agenda includes discussing perspectives on anomalies, why anomalies matter for business, how to spot anomalies, a demonstration, learning more, and a question and answer section. It then covers perspectives on anomalies from different fields. Next, it discusses why anomalies matter across different areas like security, IT operations, IoT/OT, and business analytics. Following this, it outlines different methods and algorithms for anomaly detection in Splunk, including the Machine Learning Toolkit.
Splunk Enterprise for IT Troubleshooting Hands-OnSplunk
This document provides an overview and demo of Splunk Enterprise for IT troubleshooting. It discusses how Splunk can help address the increasing complexity of IT environments by allowing users to index and analyze machine data from any source. The demo walks through searching logs, extracting fields, troubleshooting infrastructure and application issues, creating alerts and reports, and using dashboards. It highlights how Splunk can help accelerate incident resolution, reduce MTTR, and accelerate development cycles.
The document discusses Splunk's platform for turning machine data into business outcomes. It notes that traditional approaches cannot adapt to digital evolution, as machine data is messy and unpredictable. Splunk's platform ingests data from any source and location, and allows different users to ask questions of the same data in real time. This delivers value across multiple use cases for IT, security, business, and IoT. The presentation demonstrates Splunk's platform and discusses new capabilities like Splunk Connected Experiences and Splunk Data Stream Processor. It frames digital evolution as a journey from reactive to proactive, predictive, and automated action using data.
Splunk4Leaders: How to Supercharge your Decision Making CapabilitySplunk
The document discusses how to make better decisions faster using Splunk. It covers cognitive biases that can negatively impact decision making like confirmation bias and anchoring. The presentation agenda includes explaining why decision making is important now given increasing data and system complexity. Splunk can help embrace data chaos by investigating, monitoring, analyzing and acting on machine data from complex systems. Key takeaways are to see the world as complex and chaotic, combine human and data strengths, and focus on planning over static plans to improve resilience.
SplunkLive Brisbane Splunk for Operational Security IntelligenceGabrielle Knowles
This document contains an agenda and overview for a presentation on using Splunk for operational security intelligence. The presentation discusses using lookup files to enhance security posture with threat intelligence, the common information model for ingesting and normalizing security data from various sources, investigating specific Windows event IDs to tackle advanced attacks, and highlighting popular security-related apps from Splunkbase. The document also contains disclaimers about forward-looking statements and a roadmap being subject to change.
This presentation + demo will provide an overview of AI and machine learning offerings across the Splunk portfolio -- including Splunk Cloud and Splunk Enterprise, Splunk Machine Learning Toolkit, Splunk IT Service Intelligence, Splunk Enterprise Security and Splunk UBA -- and give you insight into how AI and ML can be applied across IT ops, security, IoT and business analytics use cases.
Exploring Frameworks of Splunk Enterprise Security Splunk
This document discusses Splunk Enterprise Security and its frameworks for analyzing security data. It begins with an introduction and agenda. It then discusses Splunk's analytics-driven security information and event management (SIEM) capabilities. The main part of the presentation covers Splunk's frameworks for enterprise security, including the Notable Events framework for streamlining incident management and the Asset and Identity framework for automatically mapping context to incidents. It provides examples of how these frameworks enable faster incident review and investigation.
Accelerate incident Response Using Orchestration and Automation Splunk
This document discusses how orchestration and automation can accelerate incident response. It notes that incident response currently takes a significant amount of time, with the majority of time spent on containment and remediation. It also states that most organizations use too many security tools that are not integrated. The document promotes the use of security orchestration and automation response (SOAR) to help coordinate security actions across tools. It describes Splunk's security portfolio including the Splunk Phantom product, which allows users to automate repetitive tasks, execute automated actions quickly, and coordinate complex workflows to strengthen defenses and accelerate incident response.
The document discusses migrating log ingestion from Splunk's S3 connector to using AWS Kinesis and Lambda functions to send logs directly to Splunk's HTTP Event Collector. It describes setting up Kinesis, configuring Lambda functions to batch and send logs to the HTTP Event Collector, and tuning various parameters like Lambda memory, batch size, and HTTP Event Collector limits to reduce latency from 15 minutes to under 5 seconds. Metrics and dashboards are used to measure the progress of reducing latency.
Accelerate Incident Response with Orchestration & AutomationSplunk
Daily IT security operations processes have not changed significantly over the past decade, but that all stands to change now that a new technology has arrived—enabling security teams to work smarter, respond faster, and improve their defenses. With Security Orchestration, Automation and Response (SOAR) technology, mundane processes can be handled by computers, allowing the SOC team to focus on identifying and responding to the real threats and attacks. This session examines traditional SOC processes and what becomes possible with a SOAR platform like Splunk Phantom. Whether it's a two-person security operation or a full complement SOC, learn to identify the processes that computers can handle on your behalf, and how to go beyond simple use cases and leverage all of the available security tools in your arsenal to the max.
Erfahren Sie in dieser Session, wie Sie Ihre Security mit fundierten Searches optimieren, die Sie unmittelbar dafür nutzen können, Sicherheitsprobleme zu identifizieren oder ein Monitoring zur Angriffsvorbeugung aufzusetzen. Sie lernen auch, wie Sie die vorausschauenden Möglichkeiten nutzen können.
This document contains a presentation about operationalizing machine learning. It begins with copyright information and a disclaimer about forward-looking statements. Next, it introduces the presenter Kelly Feagans and provides background on machine learning concepts such as the different types of machine learning. The presentation then discusses use cases for machine learning in IT operations, security, and business analytics. It describes the machine learning process and how Splunk can be used for machine learning. Finally, it promotes an upcoming Splunk conference and machine learning app.
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK FrameworkSplunk
Threat Models and Methodologies such as MITRE’s ATT&CK knowledge base are growing in popularity to help track adversaries and map Tactics, Techniques and Procedures (TTP’s) to build and measure security defence profiles. This session will provide an introduction to MITRE’s ATT&CK Methodology and show how Splunk Enterprise Security (ES) and Splunk content updates can help you leverage MITRE ATT&CK in your defensive strategies.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Turning Data Into Business Outcomes with the Splunk PlatformSplunk
This presentation + demo introduces the differentiated value of the Splunk platform, and describes how Splunk helps customers navigate the digital evolution. This includes an introduction to Splunk Next, a collection of new technologies designed to enable expansive data access, empowering more users to deliver actionable outcomes.
Adventures in Monitoring and Troubleshooting Splunk
This document discusses how Splunk can help organizations monitor and troubleshoot IT infrastructure and applications. It describes challenges faced by two characters, Gertrud and Johann, in monitoring complexity and improving customer experience. Their current monitoring tools operate in silos and make it difficult to find root causes of issues across different data sources. The presentation outlines how Splunk takes a unified data-driven approach to observability by collecting and analyzing logs, metrics and traces from infrastructure to applications to customer data. It demonstrates Splunk's IT service intelligence, infrastructure monitoring apps and agent, and how they help organizations reduce mean time to resolution and improve collaboration between teams.
Get more from your Machine Data with Splunk AI and ML Splunk
1) The document discusses how machine learning and artificial intelligence can help organizations gain more insights from their machine data. It describes how ML can be used in personal and business contexts for applications like recommendations, fraud detection, and predictive maintenance.
2) It provides an overview of the relationship between AI, machine learning, and deep learning, and how Splunk's Machine Learning Toolkit can help users build custom analytics solutions.
3) The presentation demonstrates several ML use cases that Splunk customers are pursuing, such as predicting service health scores, detecting anomalies, and identifying risky user behavior, and how packaged Splunk solutions incorporate ML.
Worst Splunk practices...and how to fix them Splunk
This document provides a summary of best practices and common pitfalls when using Splunk for data collection, management, and resiliency. It discusses best practices for collecting syslog data over UDP, direct TCP/UDP collection, load balancing with forwarders, and data onboarding practices like specifying sourcetypes and timestamps. Common mistakes involve over-engineering syslog collection, sending TCP/UDP streams directly to indexers without load balancing, relying too heavily on intermediate forwarders, and not explicitly configuring sourcetype and timestamp settings. The presentation aims to help Splunk administrators and knowledge managers address common problems and apply optimization strategies.
The document discusses Splunk's platform for turning machine data into business outcomes. It notes that traditional approaches cannot adapt to digital evolution, as machine data is messy and unpredictable. The Splunk platform provides a holistic approach by allowing any type of machine data from any location to be accessed and used for multiple use cases in real time. It supports IT operations, security, business analytics, developers, and IoT users. The platform can help organizations gain visibility into business processes and drive business outcomes with data.
Mit der Splunk Plattform Daten in Mehrwert umwandelnSplunk
Diese Session und Demo stellt den vielschichtigen Mehrwert der Splunk Plattform vor und beschreibt, wie Splunk Unternehmen dabei hilft, durch die digitale Evolution zu navigieren. Diese Session enthält auch eine Einführung zu Splunk Next, eine Sammlung neuer Technologien, die mehr Anwendern dabei helfen soll, fundierte Entscheidungen auf Basis von Daten zu treffen.
SplunkLive! Stockholm 2019 - Customer presentation: Norlys Splunk
This document summarizes a presentation about using Splunk Phantom for incident response. It discusses how the presenter's organization built log analytics and incident response capabilities from scratch using Splunk and Phantom. They automated repetitive tasks, integrated various tools, and created documentation and playbooks for investigation processes. Examples of use cases at the organization include server containment workflows, uploading files to malware sandboxes, and remotely capturing endpoint memory dumps. The presentation concludes with recommendations for getting started with Phantom and news from Splunk's recent .conf event.
The document discusses Splunk Incident Response, orchestration and automation capabilities. It notes that incident response currently takes significant time, from months for detection to days for containment and remediation. Splunk aims to accelerate this process through automation, orchestration and its security operations platform to integrate tools, streamline workflows and automate repetitive tasks. The presentation demonstrates Splunk's Phantom security orchestration product and how it can automate security tasks like malware investigations to reduce response times.
SplunkLive! Zurich 2017 - Splunk Add-ons and AlertsSplunk
The document discusses Splunk add-ons and custom alert actions. It describes Splunk add-ons as technical extensions that can contain configurations, scripts, data inputs and field extractions. It also notes that the Splunk Add-on Builder allows users to create and test technical add-ons through a UI workflow. Custom alert actions are described as modules that extend alerts to customize actions and interface with third party systems. The presentation includes demos of the Splunk Add-on Builder and custom alert actions.
Accelerate incident Response Using Orchestration and Automation Splunk
This document discusses how orchestration and automation can accelerate incident response. It notes that incident response currently takes a significant amount of time, with the majority of time spent on containment and remediation. It also states that most organizations use too many security tools that are not integrated. The document promotes the use of security orchestration and automation response (SOAR) to help coordinate security actions across tools. It describes Splunk's security portfolio, including the Splunk Phantom product, which allows organizations to automate repetitive tasks, execute actions more quickly, and strengthen defenses by integrating various security tools.
This presentation + demo will provide an overview of AI and machine learning offerings across the Splunk portfolio -- including Splunk Cloud and Splunk Enterprise, Splunk Machine Learning Toolkit, Splunk IT Service Intelligence, Splunk Enterprise Security and Splunk UBA -- and give you insight into how AI and ML can be applied across IT ops, security, IoT and business analytics use cases.
Exploring Frameworks of Splunk Enterprise Security Splunk
This document discusses Splunk Enterprise Security and its frameworks for analyzing security data. It begins with an introduction and agenda. It then discusses Splunk's analytics-driven security information and event management (SIEM) capabilities. The main part of the presentation covers Splunk's frameworks for enterprise security, including the Notable Events framework for streamlining incident management and the Asset and Identity framework for automatically mapping context to incidents. It provides examples of how these frameworks enable faster incident review and investigation.
Accelerate incident Response Using Orchestration and Automation Splunk
This document discusses how orchestration and automation can accelerate incident response. It notes that incident response currently takes a significant amount of time, with the majority of time spent on containment and remediation. It also states that most organizations use too many security tools that are not integrated. The document promotes the use of security orchestration and automation response (SOAR) to help coordinate security actions across tools. It describes Splunk's security portfolio including the Splunk Phantom product, which allows users to automate repetitive tasks, execute automated actions quickly, and coordinate complex workflows to strengthen defenses and accelerate incident response.
The document discusses migrating log ingestion from Splunk's S3 connector to using AWS Kinesis and Lambda functions to send logs directly to Splunk's HTTP Event Collector. It describes setting up Kinesis, configuring Lambda functions to batch and send logs to the HTTP Event Collector, and tuning various parameters like Lambda memory, batch size, and HTTP Event Collector limits to reduce latency from 15 minutes to under 5 seconds. Metrics and dashboards are used to measure the progress of reducing latency.
Accelerate Incident Response with Orchestration & AutomationSplunk
Daily IT security operations processes have not changed significantly over the past decade, but that all stands to change now that a new technology has arrived—enabling security teams to work smarter, respond faster, and improve their defenses. With Security Orchestration, Automation and Response (SOAR) technology, mundane processes can be handled by computers, allowing the SOC team to focus on identifying and responding to the real threats and attacks. This session examines traditional SOC processes and what becomes possible with a SOAR platform like Splunk Phantom. Whether it's a two-person security operation or a full complement SOC, learn to identify the processes that computers can handle on your behalf, and how to go beyond simple use cases and leverage all of the available security tools in your arsenal to the max.
Erfahren Sie in dieser Session, wie Sie Ihre Security mit fundierten Searches optimieren, die Sie unmittelbar dafür nutzen können, Sicherheitsprobleme zu identifizieren oder ein Monitoring zur Angriffsvorbeugung aufzusetzen. Sie lernen auch, wie Sie die vorausschauenden Möglichkeiten nutzen können.
This document contains a presentation about operationalizing machine learning. It begins with copyright information and a disclaimer about forward-looking statements. Next, it introduces the presenter Kelly Feagans and provides background on machine learning concepts such as the different types of machine learning. The presentation then discusses use cases for machine learning in IT operations, security, and business analytics. It describes the machine learning process and how Splunk can be used for machine learning. Finally, it promotes an upcoming Splunk conference and machine learning app.
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK FrameworkSplunk
Threat Models and Methodologies such as MITRE’s ATT&CK knowledge base are growing in popularity to help track adversaries and map Tactics, Techniques and Procedures (TTP’s) to build and measure security defence profiles. This session will provide an introduction to MITRE’s ATT&CK Methodology and show how Splunk Enterprise Security (ES) and Splunk content updates can help you leverage MITRE ATT&CK in your defensive strategies.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Turning Data Into Business Outcomes with the Splunk PlatformSplunk
This presentation + demo introduces the differentiated value of the Splunk platform, and describes how Splunk helps customers navigate the digital evolution. This includes an introduction to Splunk Next, a collection of new technologies designed to enable expansive data access, empowering more users to deliver actionable outcomes.
Adventures in Monitoring and Troubleshooting Splunk
This document discusses how Splunk can help organizations monitor and troubleshoot IT infrastructure and applications. It describes challenges faced by two characters, Gertrud and Johann, in monitoring complexity and improving customer experience. Their current monitoring tools operate in silos and make it difficult to find root causes of issues across different data sources. The presentation outlines how Splunk takes a unified data-driven approach to observability by collecting and analyzing logs, metrics and traces from infrastructure to applications to customer data. It demonstrates Splunk's IT service intelligence, infrastructure monitoring apps and agent, and how they help organizations reduce mean time to resolution and improve collaboration between teams.
Get more from your Machine Data with Splunk AI and ML Splunk
1) The document discusses how machine learning and artificial intelligence can help organizations gain more insights from their machine data. It describes how ML can be used in personal and business contexts for applications like recommendations, fraud detection, and predictive maintenance.
2) It provides an overview of the relationship between AI, machine learning, and deep learning, and how Splunk's Machine Learning Toolkit can help users build custom analytics solutions.
3) The presentation demonstrates several ML use cases that Splunk customers are pursuing, such as predicting service health scores, detecting anomalies, and identifying risky user behavior, and how packaged Splunk solutions incorporate ML.
Worst Splunk practices...and how to fix them Splunk
This document provides a summary of best practices and common pitfalls when using Splunk for data collection, management, and resiliency. It discusses best practices for collecting syslog data over UDP, direct TCP/UDP collection, load balancing with forwarders, and data onboarding practices like specifying sourcetypes and timestamps. Common mistakes involve over-engineering syslog collection, sending TCP/UDP streams directly to indexers without load balancing, relying too heavily on intermediate forwarders, and not explicitly configuring sourcetype and timestamp settings. The presentation aims to help Splunk administrators and knowledge managers address common problems and apply optimization strategies.
The document discusses Splunk's platform for turning machine data into business outcomes. It notes that traditional approaches cannot adapt to digital evolution, as machine data is messy and unpredictable. The Splunk platform provides a holistic approach by allowing any type of machine data from any location to be accessed and used for multiple use cases in real time. It supports IT operations, security, business analytics, developers, and IoT users. The platform can help organizations gain visibility into business processes and drive business outcomes with data.
Mit der Splunk Plattform Daten in Mehrwert umwandelnSplunk
Diese Session und Demo stellt den vielschichtigen Mehrwert der Splunk Plattform vor und beschreibt, wie Splunk Unternehmen dabei hilft, durch die digitale Evolution zu navigieren. Diese Session enthält auch eine Einführung zu Splunk Next, eine Sammlung neuer Technologien, die mehr Anwendern dabei helfen soll, fundierte Entscheidungen auf Basis von Daten zu treffen.
SplunkLive! Stockholm 2019 - Customer presentation: Norlys Splunk
This document summarizes a presentation about using Splunk Phantom for incident response. It discusses how the presenter's organization built log analytics and incident response capabilities from scratch using Splunk and Phantom. They automated repetitive tasks, integrated various tools, and created documentation and playbooks for investigation processes. Examples of use cases at the organization include server containment workflows, uploading files to malware sandboxes, and remotely capturing endpoint memory dumps. The presentation concludes with recommendations for getting started with Phantom and news from Splunk's recent .conf event.
The document discusses Splunk Incident Response, orchestration and automation capabilities. It notes that incident response currently takes significant time, from months for detection to days for containment and remediation. Splunk aims to accelerate this process through automation, orchestration and its security operations platform to integrate tools, streamline workflows and automate repetitive tasks. The presentation demonstrates Splunk's Phantom security orchestration product and how it can automate security tasks like malware investigations to reduce response times.
SplunkLive! Zurich 2017 - Splunk Add-ons and AlertsSplunk
The document discusses Splunk add-ons and custom alert actions. It describes Splunk add-ons as technical extensions that can contain configurations, scripts, data inputs and field extractions. It also notes that the Splunk Add-on Builder allows users to create and test technical add-ons through a UI workflow. Custom alert actions are described as modules that extend alerts to customize actions and interface with third party systems. The presentation includes demos of the Splunk Add-on Builder and custom alert actions.
Accelerate incident Response Using Orchestration and Automation Splunk
This document discusses how orchestration and automation can accelerate incident response. It notes that incident response currently takes a significant amount of time, with the majority of time spent on containment and remediation. It also states that most organizations use too many security tools that are not integrated. The document promotes the use of security orchestration and automation response (SOAR) to help coordinate security actions across tools. It describes Splunk's security portfolio, including the Splunk Phantom product, which allows organizations to automate repetitive tasks, execute actions more quickly, and strengthen defenses by integrating various security tools.
Splunk Incident Response, Orchestrierung und AutomationSplunk
This document discusses how orchestration and automation can accelerate incident response. It notes that incident response currently takes a significant amount of time, with the majority of time spent on containment and remediation. It also states that security operations are challenged by too many alerts, a lack of integration between tools, and difficulties attracting, training and retaining skills at scale. The document argues that orchestration and automation can help address these challenges by coordinating security actions across tools and technologies, and executing repetitive security tasks. It provides an overview of Splunk's security portfolio for operationalizing security, including the Splunk Phantom platform for security orchestration and automation.
Extending Splunk to Business use cases with Process MiningSplunk
This document discusses extending Splunk to business use cases through dynamic process mining. It notes that every line of business now generates millions of events per day and process mining can help gain transparency into complex processes and drive continuous improvement. The document introduces Splunk Business Flow for visualizing end-to-end business processes across systems to investigate issues and track order status. It provides an example use case and overview of getting started with Splunk Business Flow.
The document discusses machine learning and Splunk's machine learning toolkit. It provides an overview of machine learning, the machine learning process, different machine learning algorithms, and examples of customer use cases where Splunk's machine learning toolkit has helped optimize operations and business results. Live demos are also offered to showcase the toolkit.
Splunk Discovery Köln - 17-01-2020 - Turning Data Into Business OutcomesSplunk
- The document is a presentation about turning data into business outcomes using the Splunk platform.
- It discusses how traditional approaches cannot keep up with digital evolution and increasing data volumes, while Splunk provides a holistic approach to ingest and analyze all types of machine data across multiple use cases.
- Splunk supports security, IT, business users, developers, and IoT use cases, and can help organizations progress from reactive to predictive and automated actions based on data insights.
SPEAKERS
Phil Royer, Research Engineer, Splunk
Rod Soto, Principal Security Research Engineer, Splunk
Obtaining data to develop defenses against threats is a constant challenge for security analysts. To that end, Splunk's Security Research team developed the Splunk SIEMulator, a framework modeled after Chris Long's DetectionLab that allows a...
SFBA Splunk User Group Meeting August 10, 2022Becky Burwell
The document summarizes the agenda and presentations for the August SF Bay Area Splunk User Group meeting. Ryan O'Connor gave a presentation on Dashboard Studio and the Splunk UI. He discussed why to build with Dashboard Studio, how to quickly customize dashboards, reduce searches, and tips for building with Dashboard Studio. Rinita Datta then presented on driving customer success through self-service resources like the Adoption Boards, signing up for tech talks and newsletters, and finding guidance on Splunk Lantern.
This document provides an agenda for a presentation on machine learning in action and how to derive meaningful business insights from data. The presentation will include an introduction to machine learning and anomaly detection theory. It will cover an anomaly detection use case from TalkTalk on detecting anomalies in broadband access. It will also cover a predictive analytics use case on predicting student outcomes. The presentation will conclude with a wrap up and Q&A section.
This document discusses anomaly detection methods and applications. It begins with an overview of the agenda, which includes a discussion of perspectives on anomalies, why anomalies matter for business, how to spot anomalies, a demonstration, ways to learn more, and a question and answer section. It then covers definitions and perspectives on what constitutes an anomaly. It also lists different types of anomalies that are interesting across business domains like security, IT operations, IoT/OT, and business analytics. Finally, it discusses various methods and algorithms for anomaly detection that are available in Splunk's Machine Learning Toolkit.
Abenteuer bei Monitoring und TroubleshootingSplunk
This document provides an overview of a presentation about using Splunk for IT monitoring and troubleshooting. The presentation discusses how both an IT director and e-commerce manager at a company struggle with the current reactive approach to issues. It outlines their needs such as faster root cause analysis, collaboration across teams, and real-time insights. The presentation then demonstrates how Splunk can address these needs by collecting and analyzing machine data from various sources in real-time to provide a unified view. It provides examples of specific Splunk apps that can monitor infrastructure, applications, and end users. A demo is also included showing capabilities for troubleshooting, dashboards, and third-party integrations.
Adventures in Monitoring and Troubleshooting Splunk
This document discusses how Splunk can help organizations monitor and troubleshoot IT infrastructure and applications. It describes challenges faced by two characters, Gertrud and Johann, in monitoring complexity and improving customer experience. Their current monitoring tools operate in silos and make it difficult to find root causes of issues across different data sources. The presentation then outlines how Splunk takes a data-driven approach to observability by collecting and analyzing machine data from various sources. It demonstrates specific Splunk products and apps that can provide insights across infrastructure, applications, and business data in real-time. This allows for faster root cause analysis, proactive monitoring, and collaboration across teams.
The Splunk PNW usergroup .conf21 Best of the Best roundup!
1. .conf21 Product Announcement recap
2. How T-Mobile Increased Splunk User Proficiency (Across 7,800 Users!) With a World-Class Center of Excellence
3. Top SOAR sessions
4. Workforce Analytics To Improve End-User Experience and Performance
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
The Microsoft 365 Migration Tutorial For Beginner.pptxoperationspcvita
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...Fwdays
Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless.
As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency.
We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.