This document discusses how Splunk provides value across IT operations, application delivery, business analytics, industrial data/IoT, and security/compliance. It highlights Splunk's capabilities for operational visibility, powerful developer platform, extensibility, and ecosystem for industrial/IoT data. An example deployment for oil and gas operations is shown. The document argues that a new approach to ICS/OT security is needed to analyze all relevant data and leverage threat intelligence. Splunk provides an application for enterprise security focused on ICS/OT environments.
This document provides an overview of how Splunk can be used to gain operational intelligence from machine data. It demonstrates how Splunk allows users to search machine data, correlate infrastructure entities with applications and services, monitor applications and services, and create tickets and alerts. Specifically, it shows how a user can search log data to troubleshoot a phone call about application issues, map entities to applications and services, view related dashboards, and ultimately create a ticket and scheduled alert to notify teams proactively about long database queries.
Splunk for Industrial Data and the Internet of ThingsSplunk
Splunk software provides a scalable and versatile platform for machine data generated by all of the devices, control systems, sensors, SCADA, networks, applications and end users connected by today's networks. In this session we will discuss and demo how you can use Splunk software to gain insights into machine data generated by devices and control systems. We’ll cover common themes in use cases, and show you how to access the free apps and add-ons that simplify the connection and collection of data from both industrial systems and the Internet of Things. In addition we will introduce you to Splunk’s growing ecosystem of IoT and Industrial focused technology partners.
Splunk Internet of Things Roundtable 2015Georg Knon
This document contains an agenda and presentation materials for an Internet of Things Day event by Splunk. The presentation provides an overview of Splunk as a company, its machine data platform for collecting and analyzing data from IoT devices, and use cases from customers across various industries utilizing Splunk for IoT applications. Examples include using machine data from manufacturing equipment to optimize energy usage and enable predictive maintenance, and aggregating data from vending machines for diagnostics and insights into customer behavior.
The document is a presentation about using Splunk for IT operations. It demonstrates how Splunk can be used to monitor applications and services, correlate issues across different tiers, create tickets and alerts when issues arise, and provide operational visibility and intelligence. Live demonstrations show searching log data to diagnose a webstore issue, visualizing applications and services, and setting up an alert to be proactively notified of database query performance problems.
Managing SCADA Operations and Security with Splunk EnterpriseSplunk
This document discusses how Enterprise Products Partners uses Splunk Enterprise to manage their SCADA operations and security. It describes how the SCADA Infrastructure and Cyber Security team transitioned from struggling to meet regulatory SLAs to using Splunk to improve visibility, detect issues faster, and resolve problems within 4 minutes. The presentation outlines how Splunk helps with infrastructure operations, cyber security tasks like firewall monitoring, and adhering to PHMSA requirements. It concludes by encouraging others to also use Splunk to be "SCADA superheroes" in managing their industrial control systems.
Splunk for Monitoring and Diagnostics in the Industrial EnvironmentSplunk
Splunk software provides a scalable and versatile platform for the machine data generated by automation and control systems and connected industrial assets and infrastructure. Learn how our customers, including oil and gas companies, use Splunk software to improve performance, reduce downtime and increase security in their critical industrial environments. In this session, we will cover industrial data collection, best practices for storage and enrichment, and how you can use Splunk’s advanced visualizations and analytics to become more data-driven in your industrial operations.
Managing SCADA Operations and Security with Splunk EnterpriseSplunk
This document summarizes how Enterprise Products Partners uses Splunk Enterprise to manage their SCADA infrastructure and cyber security operations. It discusses how they were previously challenged to meet regulatory SLAs without Splunk. With Splunk, they improved infrastructure monitoring, implemented cyber security measures like monitoring firewalls and industrial protocols, and can now adhere to PHMSA requirements by resolving issues within 4 minutes. The presentation encourages others in similar roles to also leverage Splunk Enterprise.
This document discusses building effective Splunk teams. It recommends taking a service-based approach by organizing teams around key services and appointing product owners for each. It also emphasizes the importance of inducing intelligence in teams by empowering members, extracting collective knowledge, enabling new insights, and sharing wisdom. Specific examples are provided, such as creating a consolidated report with correlated metrics for partners to better monitor performance. The overall message is that an intelligent, service-focused approach can help organizations maximize the value of their Splunk deployment.
This document provides an overview of how Splunk can be used to gain operational intelligence from machine data. It demonstrates how Splunk allows users to search machine data, correlate infrastructure entities with applications and services, monitor applications and services, and create tickets and alerts. Specifically, it shows how a user can search log data to troubleshoot a phone call about application issues, map entities to applications and services, view related dashboards, and ultimately create a ticket and scheduled alert to notify teams proactively about long database queries.
Splunk for Industrial Data and the Internet of ThingsSplunk
Splunk software provides a scalable and versatile platform for machine data generated by all of the devices, control systems, sensors, SCADA, networks, applications and end users connected by today's networks. In this session we will discuss and demo how you can use Splunk software to gain insights into machine data generated by devices and control systems. We’ll cover common themes in use cases, and show you how to access the free apps and add-ons that simplify the connection and collection of data from both industrial systems and the Internet of Things. In addition we will introduce you to Splunk’s growing ecosystem of IoT and Industrial focused technology partners.
Splunk Internet of Things Roundtable 2015Georg Knon
This document contains an agenda and presentation materials for an Internet of Things Day event by Splunk. The presentation provides an overview of Splunk as a company, its machine data platform for collecting and analyzing data from IoT devices, and use cases from customers across various industries utilizing Splunk for IoT applications. Examples include using machine data from manufacturing equipment to optimize energy usage and enable predictive maintenance, and aggregating data from vending machines for diagnostics and insights into customer behavior.
The document is a presentation about using Splunk for IT operations. It demonstrates how Splunk can be used to monitor applications and services, correlate issues across different tiers, create tickets and alerts when issues arise, and provide operational visibility and intelligence. Live demonstrations show searching log data to diagnose a webstore issue, visualizing applications and services, and setting up an alert to be proactively notified of database query performance problems.
Managing SCADA Operations and Security with Splunk EnterpriseSplunk
This document discusses how Enterprise Products Partners uses Splunk Enterprise to manage their SCADA operations and security. It describes how the SCADA Infrastructure and Cyber Security team transitioned from struggling to meet regulatory SLAs to using Splunk to improve visibility, detect issues faster, and resolve problems within 4 minutes. The presentation outlines how Splunk helps with infrastructure operations, cyber security tasks like firewall monitoring, and adhering to PHMSA requirements. It concludes by encouraging others to also use Splunk to be "SCADA superheroes" in managing their industrial control systems.
Splunk for Monitoring and Diagnostics in the Industrial EnvironmentSplunk
Splunk software provides a scalable and versatile platform for the machine data generated by automation and control systems and connected industrial assets and infrastructure. Learn how our customers, including oil and gas companies, use Splunk software to improve performance, reduce downtime and increase security in their critical industrial environments. In this session, we will cover industrial data collection, best practices for storage and enrichment, and how you can use Splunk’s advanced visualizations and analytics to become more data-driven in your industrial operations.
Managing SCADA Operations and Security with Splunk EnterpriseSplunk
This document summarizes how Enterprise Products Partners uses Splunk Enterprise to manage their SCADA infrastructure and cyber security operations. It discusses how they were previously challenged to meet regulatory SLAs without Splunk. With Splunk, they improved infrastructure monitoring, implemented cyber security measures like monitoring firewalls and industrial protocols, and can now adhere to PHMSA requirements by resolving issues within 4 minutes. The presentation encourages others in similar roles to also leverage Splunk Enterprise.
This document discusses building effective Splunk teams. It recommends taking a service-based approach by organizing teams around key services and appointing product owners for each. It also emphasizes the importance of inducing intelligence in teams by empowering members, extracting collective knowledge, enabling new insights, and sharing wisdom. Specific examples are provided, such as creating a consolidated report with correlated metrics for partners to better monitor performance. The overall message is that an intelligent, service-focused approach can help organizations maximize the value of their Splunk deployment.
Splunk for Monitoring and Diagnostics in the Industrial Environment Splunk
Splunk is a software platform that allows users to gain real-time insights from industrial machine data. It collects, indexes, enriches, and analyzes data from sensors and industrial assets. Splunk helps users monitor equipment performance, detect anomalies, avoid downtime, and optimize manufacturing processes. The presentation demonstrates how Splunk has helped a semiconductor manufacturer improve yields, increase uptime, expand reporting capabilities, and decrease operating expenses by analyzing data from their fabrication facilities.
This document discusses how Splunk provides new visibility and analytics for IT operations. It notes that IT environments are becoming increasingly complex with more servers, applications, virtualization, and cloud services. Splunk offers a platform for operational intelligence that can consolidate machine data from various sources and provide search, monitoring, and analytics capabilities. It also discusses how Splunk apps can provide deep insights into specific technology areas.
We are nearing the dawn of a very interesting age. From robotics, to smart homes, to web-connected lightbulbs, HVAC units, servers and routers—machines are in use everywhere. These machines have a lot to say, but what happens when you start listening? What things come to light and what new discoveries can you make? What questions can you now ask of your world? This session will explore the vast use cases where we have asked: Can I get data from that thing? If I can, what can it tell me? What happens if I Splunk it?
Enabling Airbus Digital Transformation with Splunk
Learn how Airbus are turning their data into doing across their organisation. From real time monitoring to IT Service Management to security operations – Airbus are maximising their use of data to deliver more services and continuous process improvement.
This document provides an overview of Harris Corporation's work in developing digital oilfield technologies using big data analytics. It discusses Harris' background in energy solutions and big data, how "big" oilfield data can be, and a prototype system developed by Harris to parse, store, visualize and analyze oilfield operational data using Splunk. The prototype demonstrated 3D and 5D visualization of distributed temperature sensor data across multiple wells over time. An upcoming project in Alberta, Canada will further test these digital oilfield technologies.
Splunk is used by Satcom Direct for monitoring aviation systems, tracking aircraft in flight, and analyzing business data. Logs from networking devices, phone systems, satellite communications systems and aircraft position reports are fed to Splunk. This allows Satcom Direct to provide a single dashboard for support technicians to monitor systems, see customer information and receive alerts. Splunk is also used to visualize aircraft flight paths on maps and analyze business metrics like call volumes to different countries to improve contracts.
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoTSplunk
- The document is a presentation about Splunk for Industrial IoT given by Ronald Perzul on November 21st 2018.
- It discusses challenges in industrial data like reactive maintenance and unplanned downtime, and how Splunk's solutions for industrial IoT like real-time monitoring, predictive analytics, and OT security can help address these challenges.
- Splunk Industrial Asset Intelligence is highlighted as a key solution, allowing users to monitor assets, create visualizations and formulas without programming, and set alerts to improve availability and performance.
Splunk - Verwandeln Sie Datensilos in Operational IntelligenceSplunk
Splunk Software ermöglicht den Interessierten unter uns, das anzusehen, was andere ignorieren - Maschinendaten - und das zu finden, was andere niemals sehen - wertvolle Einblicke, durch die Ihr Team und Unternehmen produktiver, profitabler, wettbewerbsfähiger und sicherer wird.
Sind Sie schon neugierig, welche Informationen in Ihren Maschinendaten stecken?
In diesem Webinar zeigen wir Ihnen, warum über 11 000 Unternehmen, Splunk Software für folgendes nutzen:
- Beseitigung von Applikationsproblemen und Investigation von Security-Vorfällen in Minutenschnelle
- Vermeidung von Service-Problemen oder Ausfällen
- Einhaltung von Compliance Vorschriften zu niedrigeren Kosten
- Neue Einblicke in die Geschäftstätigkeit
Nehmen Sie teil an dieser Operational Intelligence Demo-Session und erfahren Sie mehr darüber, wie Sie und Ihr Team effizienter und produktiver arbeiten können.
What is Splunk? At the end of this session you’ll have a high-level understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll see practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
The document discusses how Kepware enables Industry 4.0 and the Internet of Things (IoT) by providing connectivity solutions that allow industrial devices and systems to communicate and share data in real-time. Kepware's platform collects data from a variety of industrial assets via various protocols and sends the data to analytics tools like Splunk for monitoring, predictive maintenance, and other applications. The document also outlines Kepware's support services and how their solutions can provide benefits across different industrial sectors like manufacturing, building automation, and intelligent lighting systems.
Protect & Defend Your Critical InfrastructureQ1 Labs
This document discusses a partnership between Q1 Labs and Sourcefire to integrate their security solutions. It provides overviews of each company and their solutions. It then discusses how their integration provides security intelligence and compliance capabilities across the critical infrastructure lifecycle from risk management to post-exploit remediation. Specific examples of how their integrated solutions support NERC-CIP compliance requirements and provide threat detection capabilities for the energy and utilities sector are also summarized.
The document discusses how Splunk provides a platform for operational intelligence by unifying machine data from various IT systems and applications. It summarizes Splunk's capabilities for monitoring infrastructure components, applications, and virtual environments. The presentation includes an agenda, descriptions of IT complexity challenges and how Splunk addresses them with its platform. It also provides overviews and demonstrations of specific Splunk apps for monitoring Exchange, VMware, NetApp, and other systems.
Splunk for Monitoring and Diagnostics Breakout SessionSplunk
Splunk for Monitoring and Diagnostics is a presentation about using Splunk software to gain real-time insights from industrial machine data. The document discusses how Splunk can be used to collect, index, enrich, search, analyze, and report on data from industrial IoT sensors, equipment, and systems. It provides examples of how Splunk has helped companies in oil/gas, manufacturing, and other industries improve operations, maintenance, safety and security by turning their machine data into business value. The presentation includes a demo of Splunk's capabilities for industrial use cases.
Splunk for Industrial Data and the Internet of Thingsaliciasyc
The IoT is a natural evolution of the world’s networks. Just as people became more connected by devices and applications during the explosion of the social media revolution, devices, sensors and industrial equipment are also becoming more connected—and are consuming and generating data at an unprecedented pace. Disparate and deployed connected devices can provide a unique touchpoint to real-world operations and conditions. Only few architectures and applications are designed to handle the constant streams of real-time events, sensor readings, user interactions and application data produced by massive numbers of connected devices. Use Splunk to collect, index and harness the power of the machine data generated by connected devices and machines deployed on your local network or around the world.
Best Practices For Sharing Data Across The EnteprriseSplunk
The document discusses best practices for sharing data across an enterprise using Splunk. It provides an overview of Splunk's Business Value Consulting services and common value drivers they have identified for IT operations, security and compliance, and application development. These include reducing incident resolution times, improving security event detection and response times, and accelerating development cycles. It also lists many common data sources that are important for realizing these benefits, such as various log files, network devices, databases, and applications.
The document discusses Splunk security solutions including Splunk Enterprise and Splunk User Behavior Analytics (UBA). It begins with an agenda that includes a demo of the Zeus ES security product and a UBA demo. The document then provides an overview of challenges in securing against advanced threats and how Splunk addresses these challenges through security analytics and machine data. Examples are given of how Splunk has helped customers including Nasdaq and PostFinance address security issues. The presentation concludes with a discussion of features in Splunk Enterprise Security 4.0.
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Splunk
Travis Perkins has a complex hybrid IT infrastructure and is in midst of migrating to the cloud. This session will outline the pitfalls from their initial infrastructure-heavy ‘legacy SOC’ approach with a legacy SIEM and the success they gained when they moved to a cloud-based, data-driven ‘lean SOC’.
Splunk Discovery: Warsaw 2018 - IT Operations TrackSplunk
This document discusses an introduction to Splunk presented by George Merhej, a Senior Solutions Engineer at Splunk. The presentation covers how Splunk can be used for IT troubleshooting and monitoring by integrating both metrics and logs. It provides an overview of metrics and how Splunk has evolved to support analysis of both raw log events and metrics data. The agenda includes an introduction to Splunk, a metrics overview, and a demo. Key points are that Splunk provides a single platform to analyze events and metrics, and has optimized over time to support statistical queries on both.
SplunkLive! Utrecht - Splunk for IT Operations - Rick FitzSplunk
This document discusses how increasing IT complexity from technologies like virtualization, SaaS applications, and custom applications has made IT operations more difficult. It presents Splunk as a solution for capturing data from all IT systems and applications in order to perform operational analytics. This allows organizations to gain insights across their IT infrastructure and applications for tasks like root cause analysis, capacity planning, security monitoring, and service level reporting. The document highlights some of Splunk's key capabilities and differentiators like indexing data once for multiple uses, scaling to large environments, and providing a fast time to value. It also includes two customer examples of how Credit Suisse and Surrey Satellite have benefited from using Splunk for IT operations.
SplunkLive! Customer Presentation - Penn State Hershey Medical CenterSplunk
This document discusses Jeff Campbell's role as the Information Security Architect at Penn State Hershey Medical Center and their use of Splunk. It describes how Penn State Hershey Medical Center has over 9,000 employees and a combined $1.5 billion budget across its institutes and hospitals. It outlines some of the challenges they faced with decentralized logging prior to Splunk, and how Splunk provided a centralized log repository allowing for faster searching and correlation across systems. It provides examples of how Penn State Hershey is using Splunk for security use cases, operational improvements, and additional sources. It also discusses their Splunk architecture and future plans to expand Splunk usage.
This document provides an overview of how Garmin International uses Splunk to monitor and analyze machine data. It introduces Tyler Rutschman, a Linux systems administrator at Garmin, and describes how Garmin started using Splunk in 2009 to help with Sarbanes-Oxley compliance. Splunk has provided benefits like reduced mean time to resolution, better reporting capabilities, cost savings, and improved compliance. The implementation collects up to 150 GB of data per day from sources like servers, databases, and load balancers. Future plans include indexer upgrades and adding more Garmin application data to Splunk.
SplunkLive! Wien 2016 - Use Case TTTech ComputertechnikSplunk
TTTech Computertechnik is a globally-oriented high-tech company based in Vienna, Austria with over 400 employees. They provide networking and control solutions for automotive, aerospace, industrial, and off-highway markets. TTTech implemented Splunk in 2015 to address new compliance obligations and improve troubleshooting across their IT infrastructure. Splunk has become integral to their compliance reporting, faster troubleshooting, and centralized monitoring of IT operations. They plan to expand Splunk's use within development and with external partners.
Splunk for Monitoring and Diagnostics in the Industrial Environment Splunk
Splunk is a software platform that allows users to gain real-time insights from industrial machine data. It collects, indexes, enriches, and analyzes data from sensors and industrial assets. Splunk helps users monitor equipment performance, detect anomalies, avoid downtime, and optimize manufacturing processes. The presentation demonstrates how Splunk has helped a semiconductor manufacturer improve yields, increase uptime, expand reporting capabilities, and decrease operating expenses by analyzing data from their fabrication facilities.
This document discusses how Splunk provides new visibility and analytics for IT operations. It notes that IT environments are becoming increasingly complex with more servers, applications, virtualization, and cloud services. Splunk offers a platform for operational intelligence that can consolidate machine data from various sources and provide search, monitoring, and analytics capabilities. It also discusses how Splunk apps can provide deep insights into specific technology areas.
We are nearing the dawn of a very interesting age. From robotics, to smart homes, to web-connected lightbulbs, HVAC units, servers and routers—machines are in use everywhere. These machines have a lot to say, but what happens when you start listening? What things come to light and what new discoveries can you make? What questions can you now ask of your world? This session will explore the vast use cases where we have asked: Can I get data from that thing? If I can, what can it tell me? What happens if I Splunk it?
Enabling Airbus Digital Transformation with Splunk
Learn how Airbus are turning their data into doing across their organisation. From real time monitoring to IT Service Management to security operations – Airbus are maximising their use of data to deliver more services and continuous process improvement.
This document provides an overview of Harris Corporation's work in developing digital oilfield technologies using big data analytics. It discusses Harris' background in energy solutions and big data, how "big" oilfield data can be, and a prototype system developed by Harris to parse, store, visualize and analyze oilfield operational data using Splunk. The prototype demonstrated 3D and 5D visualization of distributed temperature sensor data across multiple wells over time. An upcoming project in Alberta, Canada will further test these digital oilfield technologies.
Splunk is used by Satcom Direct for monitoring aviation systems, tracking aircraft in flight, and analyzing business data. Logs from networking devices, phone systems, satellite communications systems and aircraft position reports are fed to Splunk. This allows Satcom Direct to provide a single dashboard for support technicians to monitor systems, see customer information and receive alerts. Splunk is also used to visualize aircraft flight paths on maps and analyze business metrics like call volumes to different countries to improve contracts.
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoTSplunk
- The document is a presentation about Splunk for Industrial IoT given by Ronald Perzul on November 21st 2018.
- It discusses challenges in industrial data like reactive maintenance and unplanned downtime, and how Splunk's solutions for industrial IoT like real-time monitoring, predictive analytics, and OT security can help address these challenges.
- Splunk Industrial Asset Intelligence is highlighted as a key solution, allowing users to monitor assets, create visualizations and formulas without programming, and set alerts to improve availability and performance.
Splunk - Verwandeln Sie Datensilos in Operational IntelligenceSplunk
Splunk Software ermöglicht den Interessierten unter uns, das anzusehen, was andere ignorieren - Maschinendaten - und das zu finden, was andere niemals sehen - wertvolle Einblicke, durch die Ihr Team und Unternehmen produktiver, profitabler, wettbewerbsfähiger und sicherer wird.
Sind Sie schon neugierig, welche Informationen in Ihren Maschinendaten stecken?
In diesem Webinar zeigen wir Ihnen, warum über 11 000 Unternehmen, Splunk Software für folgendes nutzen:
- Beseitigung von Applikationsproblemen und Investigation von Security-Vorfällen in Minutenschnelle
- Vermeidung von Service-Problemen oder Ausfällen
- Einhaltung von Compliance Vorschriften zu niedrigeren Kosten
- Neue Einblicke in die Geschäftstätigkeit
Nehmen Sie teil an dieser Operational Intelligence Demo-Session und erfahren Sie mehr darüber, wie Sie und Ihr Team effizienter und produktiver arbeiten können.
What is Splunk? At the end of this session you’ll have a high-level understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll see practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
The document discusses how Kepware enables Industry 4.0 and the Internet of Things (IoT) by providing connectivity solutions that allow industrial devices and systems to communicate and share data in real-time. Kepware's platform collects data from a variety of industrial assets via various protocols and sends the data to analytics tools like Splunk for monitoring, predictive maintenance, and other applications. The document also outlines Kepware's support services and how their solutions can provide benefits across different industrial sectors like manufacturing, building automation, and intelligent lighting systems.
Protect & Defend Your Critical InfrastructureQ1 Labs
This document discusses a partnership between Q1 Labs and Sourcefire to integrate their security solutions. It provides overviews of each company and their solutions. It then discusses how their integration provides security intelligence and compliance capabilities across the critical infrastructure lifecycle from risk management to post-exploit remediation. Specific examples of how their integrated solutions support NERC-CIP compliance requirements and provide threat detection capabilities for the energy and utilities sector are also summarized.
The document discusses how Splunk provides a platform for operational intelligence by unifying machine data from various IT systems and applications. It summarizes Splunk's capabilities for monitoring infrastructure components, applications, and virtual environments. The presentation includes an agenda, descriptions of IT complexity challenges and how Splunk addresses them with its platform. It also provides overviews and demonstrations of specific Splunk apps for monitoring Exchange, VMware, NetApp, and other systems.
Splunk for Monitoring and Diagnostics Breakout SessionSplunk
Splunk for Monitoring and Diagnostics is a presentation about using Splunk software to gain real-time insights from industrial machine data. The document discusses how Splunk can be used to collect, index, enrich, search, analyze, and report on data from industrial IoT sensors, equipment, and systems. It provides examples of how Splunk has helped companies in oil/gas, manufacturing, and other industries improve operations, maintenance, safety and security by turning their machine data into business value. The presentation includes a demo of Splunk's capabilities for industrial use cases.
Splunk for Industrial Data and the Internet of Thingsaliciasyc
The IoT is a natural evolution of the world’s networks. Just as people became more connected by devices and applications during the explosion of the social media revolution, devices, sensors and industrial equipment are also becoming more connected—and are consuming and generating data at an unprecedented pace. Disparate and deployed connected devices can provide a unique touchpoint to real-world operations and conditions. Only few architectures and applications are designed to handle the constant streams of real-time events, sensor readings, user interactions and application data produced by massive numbers of connected devices. Use Splunk to collect, index and harness the power of the machine data generated by connected devices and machines deployed on your local network or around the world.
Best Practices For Sharing Data Across The EnteprriseSplunk
The document discusses best practices for sharing data across an enterprise using Splunk. It provides an overview of Splunk's Business Value Consulting services and common value drivers they have identified for IT operations, security and compliance, and application development. These include reducing incident resolution times, improving security event detection and response times, and accelerating development cycles. It also lists many common data sources that are important for realizing these benefits, such as various log files, network devices, databases, and applications.
The document discusses Splunk security solutions including Splunk Enterprise and Splunk User Behavior Analytics (UBA). It begins with an agenda that includes a demo of the Zeus ES security product and a UBA demo. The document then provides an overview of challenges in securing against advanced threats and how Splunk addresses these challenges through security analytics and machine data. Examples are given of how Splunk has helped customers including Nasdaq and PostFinance address security issues. The presentation concludes with a discussion of features in Splunk Enterprise Security 4.0.
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Splunk
Travis Perkins has a complex hybrid IT infrastructure and is in midst of migrating to the cloud. This session will outline the pitfalls from their initial infrastructure-heavy ‘legacy SOC’ approach with a legacy SIEM and the success they gained when they moved to a cloud-based, data-driven ‘lean SOC’.
Splunk Discovery: Warsaw 2018 - IT Operations TrackSplunk
This document discusses an introduction to Splunk presented by George Merhej, a Senior Solutions Engineer at Splunk. The presentation covers how Splunk can be used for IT troubleshooting and monitoring by integrating both metrics and logs. It provides an overview of metrics and how Splunk has evolved to support analysis of both raw log events and metrics data. The agenda includes an introduction to Splunk, a metrics overview, and a demo. Key points are that Splunk provides a single platform to analyze events and metrics, and has optimized over time to support statistical queries on both.
SplunkLive! Utrecht - Splunk for IT Operations - Rick FitzSplunk
This document discusses how increasing IT complexity from technologies like virtualization, SaaS applications, and custom applications has made IT operations more difficult. It presents Splunk as a solution for capturing data from all IT systems and applications in order to perform operational analytics. This allows organizations to gain insights across their IT infrastructure and applications for tasks like root cause analysis, capacity planning, security monitoring, and service level reporting. The document highlights some of Splunk's key capabilities and differentiators like indexing data once for multiple uses, scaling to large environments, and providing a fast time to value. It also includes two customer examples of how Credit Suisse and Surrey Satellite have benefited from using Splunk for IT operations.
SplunkLive! Customer Presentation - Penn State Hershey Medical CenterSplunk
This document discusses Jeff Campbell's role as the Information Security Architect at Penn State Hershey Medical Center and their use of Splunk. It describes how Penn State Hershey Medical Center has over 9,000 employees and a combined $1.5 billion budget across its institutes and hospitals. It outlines some of the challenges they faced with decentralized logging prior to Splunk, and how Splunk provided a centralized log repository allowing for faster searching and correlation across systems. It provides examples of how Penn State Hershey is using Splunk for security use cases, operational improvements, and additional sources. It also discusses their Splunk architecture and future plans to expand Splunk usage.
This document provides an overview of how Garmin International uses Splunk to monitor and analyze machine data. It introduces Tyler Rutschman, a Linux systems administrator at Garmin, and describes how Garmin started using Splunk in 2009 to help with Sarbanes-Oxley compliance. Splunk has provided benefits like reduced mean time to resolution, better reporting capabilities, cost savings, and improved compliance. The implementation collects up to 150 GB of data per day from sources like servers, databases, and load balancers. Future plans include indexer upgrades and adding more Garmin application data to Splunk.
SplunkLive! Wien 2016 - Use Case TTTech ComputertechnikSplunk
TTTech Computertechnik is a globally-oriented high-tech company based in Vienna, Austria with over 400 employees. They provide networking and control solutions for automotive, aerospace, industrial, and off-highway markets. TTTech implemented Splunk in 2015 to address new compliance obligations and improve troubleshooting across their IT infrastructure. Splunk has become integral to their compliance reporting, faster troubleshooting, and centralized monitoring of IT operations. They plan to expand Splunk's use within development and with external partners.
Get your Service Intelligence off to a Flying StartSplunk
The document provides guidance to customers on getting started with Splunk IT Service Intelligence. It recommends bringing subject experts together to identify a problem worth solving, such as issues impacting critical business services. It also suggests designing service models before configuring tools to help map business, application, and infrastructure layers and define key performance indicators. The document offers to help customers with workshops, assessments, and best practices to maximize their investment in Splunk IT Service Intelligence.
Daten anonymisieren und pseudonymisieren in Splunk Enterprisejenny_splunk
This document discusses data obfuscation techniques in Splunk Enterprise, including anonymization and pseudonymization. It covers securing data in flight using encryption and authentication. For data at rest, it discusses integrity controls and encryption using OS, devices, or Vormetric. It then details how Splunk supports anonymization through SEDCMD transforms or at search time. Pseudonymization techniques include hashing or duplicating data to different indexes. The document demonstrates modular inputs and a custom data handler to encrypt and anonymize fields before indexing.
Ecetera uses Splunk to facilitate DevOps in forexOcean Software
This presentation describes how we deployed Splunk within the Forex and Fixed Interest divisions of one of Australia's big 4 trading banks.
The deployment enabled the bank to move closer towards a DevOps environment, while also saving them considerable money with the consolidation of FX & FI platforms.
AWS Loft London: Finding the signal in the noise - Effective SecOps with Soph...Splunk
This document outlines an agenda for a presentation on effective security operations with Sophos and Splunk Cloud. The agenda includes an introduction and overview of Splunk by Andrew Morris, followed by a presentation from Ross McKerchar of Sophos on finding threats in machine data using Sophos and Splunk Cloud. The agenda concludes with a demo of Splunk Enterprise Security and App for AWS and a question and answer session.
Tyler Rutschman presented on how Garmin uses Splunk for system and application monitoring, reporting, and alerting. Some key details:
- Garmin collects logs from over 5,800 servers into Splunk.
- Teams across Garmin use Splunk for monitoring, reporting on availability metrics, and creating alerts such as for load balancer failovers.
- Splunk has helped Garmin move from manual log collection and reporting to centralized, real-time search and visualization of machine data.
Driving Efficiency with Splunk Cloud at Gatwick AirportSplunk
Gatwick Airport, the busiest single runway airport in the world, needed to ensure a high degree of efficiency for a record-breaking 925 daily flights and 38 million annual passengers. This presentation covers how they:
- Combine historical fact with "in the moment" data and events to predict success or failure, enabling the operation to prevent issues before they occur
- Support other organisations (e.g., airlines and ground handlers) with dashboards to improve their performance
- Moved from "how did we do?" to "how are we doing?" and are on the edge of answering "How will we do?”
- Plan to expand the use of Splunk Cloud in the future: tracking travel disruption, predicting passenger flow and getting real-time feedback via social media monitoring
Also, learn why a cloud solution gives Gatwick Airport the agility and scalability to achieve what they need.
Splunk conf2014 - Onboarding Data Into SplunkSplunk
This document provides an overview and disclaimer for a Splunk presentation on best practices for data onboarding. It introduces the speaker and outlines the topics to be covered, including data, Splunk components, indexing data, proper parsing, challenging data types, and advanced inputs. The presentation cautions that forward-looking statements are based on current expectations and may differ from actual results.
John Villacres works in network automation and tools at Nationwide. He demonstrated Splunk to colleagues in 2012 and they now use it extensively. Splunk has improved their ability to troubleshoot issues by providing timely access to network data through custom dashboards. It has reduced resolution times for problems from days to minutes by integrating data from sources like firewalls, routers, and packet captures. More teams now use Splunk as its efficiency has allowed employees to take on new tasks while maintaining productivity.
The document discusses migrating log ingestion from Splunk's S3 connector to using AWS Kinesis and Lambda functions to send logs directly to Splunk's HTTP Event Collector. It describes setting up Kinesis, configuring Lambda functions to batch and send logs to the HTTP Event Collector, and tuning various parameters like Lambda memory, batch size, and HTTP Event Collector limits to reduce latency from 15 minutes to under 5 seconds. Metrics and dashboards are used to measure the progress of reducing latency.
This document provides an overview and agenda for a Splunk lunch and learn session. It discusses what Splunk is, its key capabilities including searching, alerting, and reporting on machine data, and its universal indexing approach. The document also outlines deployment options and includes a demonstration. It explains how Splunk eliminates finger pointing across IT silos by enabling users to search and investigate issues more quickly. It also discusses how Splunk supports proactive monitoring, operational visibility, and real-time business insights.
Framework and Product Comparison for Big Data Log Analytics and ITOA Kai Wähner
IT systems and applications generate more and more machine data due to millions of mobile devices, Internet of Things, social network users, and other new emerging technologies. However, organizations experience challenges when monitoring and managing their IT systems and technology infrastructure. They struggle with network and server monitoring/troubleshooting, security analysis, custom application monitoring and debugging, compliance standards, and others.
This session discusses how to solve the challenges of analyzing Terabytes and more of different log data to leverage the “digital business” – a term defined by Gartner and others to explain that IT is not just a tool to enable a business, but IT is the business.
The main part of the session compares different solutions for operational intelligence and log analytics to create “digital business”, such as Splunk, TIBCO LogLogic and the open source “ELK stack” (ElasticSearch, Logstash, Kibana).
A common use case will be demonstrated in a live demo: Monitoring, analyzing and correlating a complex E-Commerce transaction running through different custom applications such as a Java EE web application, an integration middleware and analytics processes.
The end of the session explains the distinction of the discussed solutions to Apache Hadoop, and how they can complement each other in a big data architecture.
Softcat Splunk Discovery Day Manchester, March 2017Splunk
This document provides an agenda for a Splunk conference on March 15th 2017 in Manchester. The agenda includes:
- An introduction and welcome from 09:30-09:45
- Two session from 09:45-12:15 on data-driven IT operations and best practices for security investigations
- A lunch break from 12:30-13:30
- The event concludes at 13:30
Delivering New Visibility and Analytics for IT OperationsGabrielle Knowles
The document discusses how Splunk provides visibility and analytics for IT operations. It outlines Splunk's ability to ingest data from various sources like applications, databases, networks and more. This gives organizations a universal platform to gain operational visibility, enable proactive monitoring, and obtain business insights from their machine data in real-time. Splunk differentiators include analyzing all data, scaling for large environments, and reducing MTTR, costs and improving user experiences.
The document discusses how Splunk provides visibility and analytics for IT operations. It describes how Splunk can ingest data from various sources like applications, databases, networks, virtualization and more. This gives organizations operational visibility across their infrastructure and enables proactive monitoring, search and investigation capabilities for troubleshooting and problem solving. Splunk offers a universal platform for machine data that can scale to handle large, complex environments.
The document discusses how Splunk provides visibility and analytics for IT operations. It outlines Splunk's ability to ingest data from various sources like applications, databases, networks and more. This gives organizations a universal platform to gain operational visibility, enable proactive monitoring, and power search and investigation across machine data for improved IT operations and business insights.
SplunkLive! São Paulo 2014 - Overview by markus zirnSplunk
1. The document discusses how Splunk software provides operational intelligence by collecting data from anywhere, allowing users to search and analyze everything, and gain real-time operational insights.
2. It highlights several Splunk customers and how they use Splunk across various industries and use cases such as IT operations, security, application management, and business analytics.
3. The document promotes Splunk's 5th Annual Worldwide User Conference in October 2014 with sessions, speakers, and opportunities to learn about Splunk's platform and ecosystem.
Splunk is used by many large financial services companies to gain operational intelligence and insights across diverse business processes. Some key uses of Splunk mentioned in the document include enabling high performance global trade infrastructure, gaining visibility across FIX order routing systems, providing end to end visibility across applications and infrastructure to deliver $6M annual ROI, enabling timely transaction settlement processing, and being integrated into a risk metrics group's high performance cloud computing offering.
Splunk provides a platform for operational intelligence that allows users to analyze machine data from any source. The document discusses Splunk products and solutions for IT service management, security intelligence, and Internet of Things applications. Splunk has over 11,000 customers across various industries.
Virtual SplunkLive! for Higher Education Overview/CustomersSplunk
The document outlines the agenda for a virtual SplunkLive! event for higher education on January 28, 2015. It includes an overview of Splunk, presentations from various universities on their Splunk implementations, and breakout sessions on getting started with Splunk, security, and IT operations. It also provides information on Splunk products and capabilities for IT operations, security, application delivery, business analytics, industrial data, and the Internet of Things.
All Together Now: Connected Analytics for the Internet of EverythingInside Analysis
The Briefing Room with Mark Madsen and Cisco
Live Webcast August 18, 2015
Watch the archive: https://bloorgroup.webex.com/bloorgroup/lsr.php?RCID=0eff120f8b2879b582b77f4ff207ee54
Today's digital enterprises are seeing an explosion of data at the edge. The Internet of Everything is fast approaching a critical mass that will demand a sea change in how companies process data. This new world of information is widely distributed, streaming, and overall becoming too big to move. Experts predict that within two to three years, the bulk of analytic processing will take place on the fringes of information architectures. As a result, forward-thinking companies are dramatically shifting their analytic strategies.
Register for this episode of The Briefing Room to hear veteran Analyst Mark Madsen of Third Nature explain how a new era of information architectures is now unfolding, paving the way to much more responsive and agile business models. He'll be briefed by Kim Macpherson of the Cisco Data and Analytics Business Unit, who will explain how her company's platform is uniquely suited for this new, federated analytic paradigm. She'll demonstrate how edge analytics can help companies address opportunities quickly and effectively.
Visit InsideAnalysis.com for more information.
Data Science Case Studies: The Internet of Things: Implications for the Enter...VMware Tanzu
The Internet of Things: Implications for the Enterprise
The Internet Of Things (IoT) is already a reality but getting value out of that is still in its infancy. This session analyzes the implications of IoT for the enterprise with examples from the work we have done.
Rashmi Raghu is a Principal Data Scientist at Pivotal with a focus on the Internet-of-Things and applications in the Energy sector. Her work has spanned diverse industry problems including uncovering patterns & anomalies in massive datasets to predictive maintenance. She holds a Ph.D. in Mechanical Engineering with a minor in Management Science & Engineering from Stanford University. Her doctoral work focused on the development of novel computational models of the cardiovascular system to aid disease research. Prior to that she obtained Master’s and Bachelor’s degrees in Engineering Science from the University of Auckland, New Zealand.
Originally presented on April 11, 2017
Watch on-demand: https://event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&referrer=&eventid=1383298&sessionid=1&key=96B34B2E00F5FAA33C2957FE29D84624®Tag=&sourcepage=register
An overview of Splunk Enterprise 6.3. Presented by Splunk's Jim Viegas at GTRI's Splunk Tech Day, December 8, 2015.
Visit http://www.gtri.com/ for more information.
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...Splunk
Learn what is new in Splunk App for Stream and how it can help you utilize wire/network data analytics to proactively resolve applications and IT operational issues and to efficiently analyze security threats in real-time, across your cloud and on-premises infrastructures. Additionally, you will learn about Splunk MINT, which allows you to gain operational intelligence on the availability, performance, and usage of your mobile apps. You’ll learn how to instrument your mobile apps for operational insight, and how you can build the dashboards, alerts, and searches you need to gain real-time insight on your mobile apps.
SplunkLive! London - Splunk App for Stream & MINT BreakoutSplunk
The document discusses new features in Splunk's App for Stream and Splunk MINT. It introduces the Splunk App for Stream, which enables real-time insights into private, public and hybrid cloud infrastructures through efficient wire data capture. It also discusses Splunk for Mobile Intelligence (MINT), which provides mobile analytics capabilities. The document promotes these products as enhancing operational intelligence through efficient and cloud-ready wire data collection.
What’s New: Splunk App for Stream and Splunk MINTSplunk
Join us to learn what is new in Splunk App for Stream and how it can help you utilize wire/network data analytics to proactively resolve applications and IT operational issues and to efficiently analyze security threats in real-time, across your cloud and on-premises infrastructures. Additionally, you will learn about Splunk MINT, which allows you to gain operational intelligence on the availability, performance, and usage of your mobile apps. You’ll learn how to instrument your mobile apps for operational insight, and how you can build the dashboards, alerts, and searches you need to gain real-time insight on your mobile apps.
You Can't Protect What you Can't See. AWS Security Best Practices - Session S...Amazon Web Services
AWS utilises a shared security model where both AWS and the customer share responsibility for the security of data, applications and resources. As part of this model, it is critical that customers leverage services such as AWS CloudTrail, Config, and more. Attend this session to learn best practices on how to leverage these and other AWS services to gain end-to-end visibility and robust security on AWS. You will also hear how customers leverage third-party tools such as the Splunk App for AWS as critical elements of their security posture.
Speakers: Dan Miller, Cloud Sales Director, APAC, Splunk & Simon O'Brien, Senior Systems Engineer, Splunk
Webinar: Neuigkeiten zu Splunk Enterprise 6.3Splunk
This document discusses a presentation about the new features of Splunk Enterprise 6.3. It highlights breakthrough performance and scale improvements including doubling search and indexing speed, increasing capacity by 20-50%, and reducing total cost of ownership by over 20%. It also mentions new capabilities for advanced analysis, visualization, high-volume event collection, and supporting enterprise-scale requirements. The presentation aims to demonstrate how Splunk Enterprise 6.3 provides significant performance gains and lower costs compared to previous versions.
The document discusses analyzing data from the Internet of Things (IoT) to gain actionable intelligence. It describes how deriving value from IoT data requires collecting data from devices and sensors, performing analytics on the device, at the network edge and in the cloud, and having capabilities for streaming, real-time, and historical analytics as well as data integration and event management. Challenges of analyzing IoT data include a lack of standardization, need for real-time analysis of fast data, inconsistent security practices, and lack of integration platforms.
Splunk provides a fully integrated platform for collecting, analyzing, and visualizing machine data from any source. The Splunk App for AWS integrates with AWS services like CloudTrail, Config, and VPC Flow Logs to provide visibility into AWS environments. It collects data from AWS SQS queues and S3 buckets using the AWS SDK. Setting up the Splunk App for AWS requires installing the Splunk Add-on for AWS and configuring permissions for AWS services. Users add their AWS account, and then must wait 5-10 minutes for dashboards and reports to populate with AWS log data.
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingGeorg Knon
This document provides an overview of Splunk's IT operations software. It discusses the challenges facing IT operations, including siloed tools and reactive problem solving. It presents Splunk as a solution, with its ability to index and analyze machine data from any source in real-time. Key benefits highlighted include faster troubleshooting to reduce downtime, proactive monitoring to address issues before they become problems, and increased operational visibility across the IT environment. The document concludes with a demonstration of Splunk's IT service intelligence capabilities.
.conf Go 2023 - Raiffeisen Bank InternationalSplunk
This document discusses standardizing security operations procedures (SOPs) to increase efficiency and automation. It recommends storing SOPs in a code repository for versioning and referencing them in workbooks which are lists of standard tasks to follow for investigations. The goal is to have investigation playbooks in the security orchestration, automation and response (SOAR) tool perform the predefined investigation steps from the workbooks to automate incident response. This helps analysts automate faster without wasting time by having standard, vendor-agnostic procedures.
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
.conf Go 2023 presentation:
"Das passende Rezept für die digitale (Security) Revolution zur Telematik Infrastruktur 2.0 im Gesundheitswesen?"
Speaker: Stefan Stein -
Teamleiter CERT | gematik GmbH M.Eng. IT-Sicherheit & Forensik,
doctorate student at TH Brandenburg & Universität Dresden
El documento describe la transición de Cellnex de un Centro de Operaciones de Seguridad (SOC) a un Equipo de Respuesta a Incidentes de Seguridad (CSIRT). La transición se debió al crecimiento de Cellnex y la necesidad de automatizar procesos y tareas para mejorar la eficiencia. Cellnex implementó Splunk SIEM y SOAR para automatizar la creación, remediación y cierre de incidentes. Esto permitió al personal concentrarse en tareas estratégicas y mejorar KPIs como tiempos de resolución y correos electrónicos anal
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)Splunk
Este documento resume el recorrido de ABANCA en su camino hacia la ciberseguridad con Splunk, desde la incorporación de perfiles dedicados en 2016 hasta convertirse en un centro de monitorización y respuesta con más de 1TB de ingesta diaria y 350 casos de uso alineados con MITRE ATT&CK. También describe errores cometidos y soluciones implementadas, como la normalización de fuentes y formación de operadores, y los pilares actuales como la automatización, visibilidad y alineación con MITRE ATT&CK. Por último, señala retos
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
BMW is defining the next level of mobility - digital interactions and technology are the backbone to continued success with its customers. Discover how an IT team is tackling the journey of business transformation at scale whilst maintaining (and showing the importance of) business and IT service availability. Learn how BMW introduced frameworks to connect business and IT, using real-time data to mitigate customer impact, as Michael and Mark share their experience in building operations for a resilient future.
The document is a presentation on cyber security trends and Splunk security products from Matthias Maier, Product Marketing Director for Security at Splunk. The presentation covers trends in security operations like the evolution of SOCs, new security roles, and data-centric security approaches. It also provides updates on Splunk's security portfolio including recognition as a leader in SIEM by Gartner and growth in the SIEM market. Maier highlights some breakout sessions from the conference on topics like asset defense, machine learning, and building detections.
Data foundations building success, at city scale – Imperial College LondonSplunk
Universities have more in common with modern cities than traditional places of learning. This mini city needs to empower its citizens to thrive and achieve their ambitions. Operationalising data is key to building critical services; from understanding complex IT estates for smarter decision-making to robust security and a more reliable, resilient student experience. Juan will share his experience in building data foundations for a resilient future whilst enabling digital transformation at Imperial College London.
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
Learn how Vodafone has provided end-to-end visibility across services by building an Operational Analytics Platform. In this session, you will hear how Stefan and his team manage legacy, on premise, hybrid and public cloud services, and how they are providing a platform for complex triage and debugging to tackle use cases across Vodafone’s extensive ecosystem.
.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own.
Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo.
So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including:
Top challenges faced in improving security posture
Key KPIs implemented in order to measure success
Strategies and approaches applied in the SOC
How MITRE ATT&CK and Splunk Enterprise Security were utilised
Next steps in their maturity journey ahead
This document summarizes a presentation about observability using Splunk. It includes an agenda introducing observability and why Splunk for observability. It discusses the need for modernization initiatives in companies and the thousands of changes required. It presents that Splunk provides end-to-end visibility across metrics, traces and logs to detect, troubleshoot and optimize systems. It shares a customer case study of Accenture using Splunk observability in their hybrid cloud environment. Finally, it concludes that observability with Splunk can drive results like reduced downtime and faster innovation.
This document contains slides from a Splunk presentation covering the following topics:
- Updated Splunk logo and information about meetings in Zurich and sales engineering leads
- Ideas for confused or concerned human figures in design concepts
- Three buckets of challenges around websites slowing, apps being down, and supply chain issues
- Accelerating mean time to detect, identify, respond and resolve through cyber resilience with Splunk
- Unifying security, IT and DevOps teams
- Splunk's technology vision focusing on customer experience, hybrid/edge, unleashing data lakes, and ubiquitous machine learning
- Gaining operational resilience through correlating infrastructure, security, application and user data with business outcomes
This document summarizes a presentation about Splunk's platform. It discusses Splunk's mission of helping customers create value faster with insights from their data. It provides statistics on Splunk's daily ingest and users. It highlights examples of how Splunk has helped customers in areas like internet messaging and convergent services. It also discusses upcoming challenges and new capabilities in Splunk like federated search, flexible indexing, ingest actions, improved data onboarding and management, and increased platform resilience and security.
The document appears to be a presentation from Splunk on security topics. It includes sections on cyber security resilience, the data-centric modern SOC, application monitoring at scale, threat modeling, security monitoring journeys, self-service Splunk infrastructure, the top 3 CISO priorities of risk based alerting, use case development, a security content repository, security PVP (posture, vision, and planning) and maturity assessment, and concludes with an overview of how Splunk can provide end-to-end visibility across an organization.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
CAKE: Sharing Slices of Confidential Data on BlockchainClaudio Di Ciccio
Presented at the CAiSE 2024 Forum, Intelligent Information Systems, June 6th, Limassol, Cyprus.
Synopsis: Cooperative information systems typically involve various entities in a collaborative process within a distributed environment. Blockchain technology offers a mechanism for automating such processes, even when only partial trust exists among participants. The data stored on the blockchain is replicated across all nodes in the network, ensuring accessibility to all participants. While this aspect facilitates traceability, integrity, and persistence, it poses challenges for adopting public blockchains in enterprise settings due to confidentiality issues. In this paper, we present a software tool named Control Access via Key Encryption (CAKE), designed to ensure data confidentiality in scenarios involving public blockchains. After outlining its core components and functionalities, we showcase the application of CAKE in the context of a real-world cyber-security project within the logistics domain.
Paper: https://doi.org/10.1007/978-3-031-61000-4_16
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
13. Powerful IoT and Industrial Data Ecosystem
13
APIs, SDKs, App Framework, User Interface
SDKs UI
Legacy Data and
Sensors
IoT/ICS SecurityIoT Platforms Native Inputs
REST
Advanced Analytics and ML Custom Interfaces
22. Why the Growing Interest in ICS Security?
22
Everyday Headlines
23. Preventing Control
System Service
Interruption
Prevent Damage
Health and Safety of
Employees
Meet Compliance
Logging Capabilities
Reporting Capabilities
Correlation Between OT
and IT
Data Silos
Existing ICS Security Problem Space
23
Weaknesses
Drivers
24. A New Approach to ICS Security is Needed
24
Analyze all relevant data
Contextual and Behavioral Relevance
Rapid learning loops and responses
Collaborative & Coordinated
Leverage IOC & Threat Intel
Fusion of Technology/People/Process
• Goal-oriented
• Human directed
• Multiple tools, steps
& activities
• Dynamic
• New evasion
techniques
• Coordinated
28. Connecting the “Data Dots”
28
28
Machine data
Traffic data
Abnormal behavior
High confidence event
Med confidence event
Low confidence event
Malware
download
Program
installation
Access to ICS
Malware install
Malware &
endpoint
execution data
User on machine
Link to program
And process
Authenticated
Sessions used to
pivot into Control
Systems LAN
Delivery, exploit
installation
Gain trusted
access
Access Operations
Environment
Upgrade (escalate)
Lateral movement
Threat intelligence
Auth - User Roles
Host
Activity/Security
Network
Activity/Security
Control System LAN
31. 31
The 6th Annual Splunk Worldwide Users’ Conference
• September 21-24, 2015
• The MGM Grand Hotel, Las Vegas
• 4000 IT & Business Professionals
• 2 Keynote Sessions
• 3 days of technical content
– 165+ sessions
• 3 days of Splunk University
– Sept 19-21, 2015
– Get Splunk Certified for FREE!
– Get CPE credits for CISSP, CAP, SSCP, etc.
– Save thousands on Splunk education!
• 80 Customer Speakers
• 80 Splunk Speakers
• 35+ Apps in Splunk Apps Showcase
• 65 Technology Partners
• Ask The Experts and Security Experts,
Birds of a Feather, Chalk Talks and a new
& improved Partner Pavilion!
• Register at conf.splunk.com
32. We Want to Hear your Feedback!
After the Breakout Sessions conclude
Text Splunk to 878787
And be entered for a chance to win a $100 AMEX gift card!
POSCO is a multi-national steel making company headquartered in Korea. They are the world’s 4th largest steelmaker.
Data for one process coming from: sensors, devices, and servers. Each data type has different formats and fields and is stored in a different place. Existing SCADA tools only show current values. Cannot see past data or trends over time.
For refinery operators to access data for investigations, must get permission from IT departments in each factory. Extract data from several databases into Excel files, mash it up and compare levels and trends over time to deduce root cause.! Between obtaining permissions, transforming data and actual analysis, investigations can take up to 2 weeks.
The Perseus is a OI platform powered by Splunk that deliver three key values such as Experience Visualization, Operation Playback and Map Search in order to bridge gap of OI for the industry customers who want to get an operational visibility from their business infrastructures unlike the other siloed approaches.
Perseus can integrate, correlate, manipulate and visualize data with contents such as images, maps, SCADA, remote desktops and even live streaming videos using next generation UX technology called POD (Pixel On Demand) which is powered by N3N.
Most of all, Perseus is tightly integrated with Splunk in order to get world best BigData capability with valuable advantages.
Experience Visualization – integrate all types of data needed to provide operators with complete operational visibility: Video, Links, Documents, Charts, Tables, Text, Images
Map search: Always search within the context of the current view. Clicking the “search” button brings up the search view with all of the metrics in the current view pre-selected. Operators can easily change the visualization to get a different perspective on the data.
Operation Playback: Adjust the time range for any view in the Perseus UI to see the values of each component in the view at any point in the past. This is incredibly useful for troubleshooting where existing systems make it hard to access and manipulate past data.
Lumo Energy is an Australian energy retailing business with several power stations throughout Eastern Australia. They use a customized SCADA (supervisory control and data acquisition) system to monitor and control its machinery and equipment. They wanted to extend the capacity of their SCADA system to improve their ability to respond to price fluctuations in real time. They were also seeking more visibility into the infrastructure of their many power stations.
Lumo uses Splunk to automate its monitoring of base electricity prices and predictions, which are provided by the Australian Energy Market Operator (AEMO). Splunk indexes all of the inbound data from AEMO, runs specific analysis and calculations specific to Lumo, and then securely provides pricing execution proposals to the stations. This way, AEMO can better predict and react to pricing fluctuations, thereby maximizing revenue.
Lumo Energy also has greater control over their custom SCADA environment. Splunk dashboards display market demand and pricing information, power station status and output, resource utilization and other telemetry. Lumo Energy can respond faster to market fluctuations with greater operational intelligence and unparalleled visibility into plant and equipment efficiency. Splunk also provides fail-safe security for private online control of their energy assets operating in the Australian market.
Splunk’s customer, Royal Flying Doctor Service, uses Splunk to better manage the systems and aircraft through which they provide rural healthcare in Australia’s most remote environments. Sensor data from the cooling systems that keep the medicine safe during transport, avionic data from the aircraft, and precise location data give the RFDS team a unique view into overall operations – which is incredibly important as the number of med flights they execute makes them the third largest Australian Airline!
In addition to troubleshooting and ops using sensor data, RFDS management is able to re-purpose the precise location data to deliver a unique fundraising opportunity – Buy the sky: buythesky.com.au
As planes are servicing patients around Australia, individuals and businesses are able to sponsor patches of sky. As planes fly through these patches, Splunk alerts Salesforce, and a custom email Is sent to the sponsors letting them know their money is being put to good use!
At CeBit2014, Volkswagen’s Data Lab chose splunk to demonstrate the power of the machine data generated by their next generation of electric vehicle – the e-up.
There are some very interesting concepts and innovations in this dashboard. First is its capability to replay any vehicle’s journey for the selected time range. In the lower left, you can see the scrub controls, and vehicle activity is marked by a simple histogram. All available sensors on the vehicle are “played back” in real-time or fast-forward mode, including vehicle speed, engine RPM, battery status, vehicle range, outdoor temperature, door and headlight status.
This is a really great example of Splunk’s capabilities as a developer platform. Using Splunk 6’s built in web framework, a web developer was quickly able to develop an engaging and compelling dashboard in far less time than it would have taken using traditional or competing web data frameworks.
What does this platform look like?
The platform consists of 2 layer:
A core engine and an interface layer
On top of the platform you can’t run a broad spectrum of content that supports use cases
Use cases range from application mgmt. and IT operations, to ES and PCI compliance, to web analytics
The core engine provides the basic services for real time data input, indexing and search as well alerting, large scale distributed processing and role based access
The Interface layer consist of the basic UI for search, reporting and visualization – it contains developer interfaces, the REST API and SDKs
The SDKs provide a convenient access to core engine services in a variety of programing language environments.
These programmatic interfaces allow you to eithe:r:
extend Splunk
integrate Splunk with other applications
build completely new applications from scratch that require OI or analytical services that Splunk provides
Endpoints designed to have long life spans with availability in mind
Usually has an Embedded Operating System and Software
Limited memory and storage
Different Components – HMI, Historian, PLC, Embedded
Cyber to Physical – A software based system that has the capability to have a physical effect
Lets start with today’s ever changing threat landscape:
With all the news on cyber attacks and security breaches, you know we are constantly up against 3 very sophisticated adversaries:
the cyber criminals,
the nation states
and also the malicious Insiders;
All going after major stakes of our life, our company and our nation.
SANS SCADA Security Survey found that 70% of respondents are most concerned about “Preventing Control System Service Interruption” and are most worried about “HMI, Servers and Workstations”.
https://www.sans.org/reading-room/whitepapers/analyst/results-scada-security-survey-35135
One of the top ICS CERT Recommended Practices is to “Increase Logging Capabilities”. The other top recommendation is user behavior analysis.
https://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B
https://ics-cert.us-cert.gov/Recommended-Practices#nogo
Most technology in the ICS / SCADA industry is decades old and the market is looking for new solutions.
Operations staff need solutions to decrease MTTR and keep facilities operational
Security staff are looking for better visibility and monitoring capabilities for Control Systems
Management wants to leverage IoT, ICS, SCADA data for better business intelligence solutions
Audit often has regulatory requirements to meet and need improved capabilities in reporting and compliance
What role doe Splunk’s solution play in the new security Universe ?
Splunk is the Brain, the Nerve center.
There are four key categories of solutions we work with :
They bring the sensory info from end points to the network, contextual info from users to business Apps, and threat trends& visibility at global level
(It is about intelligence, collecting information, deriving intelligence and sharing them!)
Intelligence sharing is front and center of the WH Security summit, we are enabling our customers to do exactly that!
----- Meeting Notes (4/22/15 10:47) -----
Splunk Apptitude is live and open.
You've got 90 days.
To win more than $150,000 in cash and prizes.
Last day to submit is July 20th, 2015.
We'll announce the winners at Black Hat in August.
Good luck!
2 inspired Keynotes – General Session and Security Keynote
150+ Breakout sessions addressing all areas and levels of Operational Intelligence – IT, Business Analytics, Mobile, Cloud, IoT, Security…and MORE!
Join the 50%+ of Fortune 100 companies who attended .conf2014 to get hands on with Splunk. You’ll be surrounded by thousands of other like-minded individuals who are ready to share exciting and cutting edge use cases and best practices. You can also deep dive on all things Splunk products together with your favorite Splunkers.
Head back to your company with both practical and inspired new uses for Splunk, ready to unlock the unimaginable power of your data! Arrive in Vegas a Splunk user, leave Vegas a Splunk Ninja!