SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...Splunk
Presented at SplunkLive! Paris 2018:
- Challenges with Security Operations Today
- Overview of Splunk Adaptive Response Initiative
- Technology behind the Adaptive Response Framework
- Demonstrations
- How to build your own AR Action
- Resources
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...Splunk
Presented at SplunkLive! Munich 2018:
- What data do we need?
- We need Machine Learning
- Real Use Case Example
- Let's Drive Into How it Works
- Next Steps
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...Splunk
Presented at SplunkLive! Frankfurt 2018:
Introduction
SIEM Migration Methodology
Use Cases
Datasources & Data Onboarding
ES Architecture
Third-Party Integrations
You Got This!
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...Splunk
Presented at SplunkLive! Paris 2018:
- Challenges with Security Operations Today
- Overview of Splunk Adaptive Response Initiative
- Technology behind the Adaptive Response Framework
- Demonstrations
- How to build your own AR Action
- Resources
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...Splunk
Presented at SplunkLive! Munich 2018:
- What data do we need?
- We need Machine Learning
- Real Use Case Example
- Let's Drive Into How it Works
- Next Steps
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...Splunk
Presented at SplunkLive! Frankfurt 2018:
Introduction
SIEM Migration Methodology
Use Cases
Datasources & Data Onboarding
ES Architecture
Third-Party Integrations
You Got This!
SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AISplunk
Presented at SpluknLive! Frankfurt 2018:
Why AI & Machine Learning?
What is Machine Learning?
Splunk's Machine Learning Tour
Use Cases & Customer Stories
Wrap Up
Presented at SplunkLive! Paris 2018: Get More From Your Machine Data With Splunk AI
- Why AI & Machine Learning?
- What is Machine Learning?
- Splunk's Machine Learning Tour
- Use Cases & Customer Stories
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AISplunk
Presented at SplunkLive! Munich 2018:
- Why AI & Machine Learning?
- What is Machine Learning?
- Splunk's Machine Learning Tour
- Use Cases & Customer Stories
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service IntelligenceSplunk
Presented at Splunk Discovery Warsaw 2018:
What's Service Intelligence and Why You Should Care
Introduction to Splunk IT Service Intelligence
IT Service Intelligence Key Concepts
Demo
Presented by Sebastian Schoer, Senior IT & Business Consultant for MARVES GmbH at SplunkLive! Zurich:
Operational Area & Responsibility
ITSI Project
Data Analysing, Processing & Visualisation
Examples
Next Steps
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...Splunk
Presented at Splunk Discovery Warsaw 2018:
SIEM Replacement Methodology
Use Cases
Data Sources & Data Onboarding
Architecture
Third Party Integration
You Got This!
SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AISplunk
Presented at SpluknLive! Frankfurt 2018:
Why AI & Machine Learning?
What is Machine Learning?
Splunk's Machine Learning Tour
Use Cases & Customer Stories
Wrap Up
Presented at SplunkLive! Paris 2018: Get More From Your Machine Data With Splunk AI
- Why AI & Machine Learning?
- What is Machine Learning?
- Splunk's Machine Learning Tour
- Use Cases & Customer Stories
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AISplunk
Presented at SplunkLive! Munich 2018:
- Why AI & Machine Learning?
- What is Machine Learning?
- Splunk's Machine Learning Tour
- Use Cases & Customer Stories
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service IntelligenceSplunk
Presented at Splunk Discovery Warsaw 2018:
What's Service Intelligence and Why You Should Care
Introduction to Splunk IT Service Intelligence
IT Service Intelligence Key Concepts
Demo
Presented by Sebastian Schoer, Senior IT & Business Consultant for MARVES GmbH at SplunkLive! Zurich:
Operational Area & Responsibility
ITSI Project
Data Analysing, Processing & Visualisation
Examples
Next Steps
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...Splunk
Presented at Splunk Discovery Warsaw 2018:
SIEM Replacement Methodology
Use Cases
Data Sources & Data Onboarding
Architecture
Third Party Integration
You Got This!
Splunk Webinar – IT Operations auf den nächsten Level bringenSplunk
Verwertbare Einblicke in Ihre Daten gewinnen und IT Operations auf den nächsten Level bringen
In unserem Webinar zeigen wir Ihnen anhand einer Demo:
- wie Sie Service-Kontext gewinnen, in dem Sie Verhaltens- und Performance-Daten kombinieren.
- wie Sie ein genaues Bild Ihrer Umgebung erhalten, damit Sie Prozesse optimieren können
- wie Sie Kernursachen-Analysen beschleunigen und so Ausfälle auf Kundenseite entgegenwirken können
- wie Sie Incident Investigation priorisieren und die Time-to-Resolution durch Verhaltens- und Event-Analysen verkürzen
- wie Analytics und Machine Learning Service Intelliegence verbessern können
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...Splunk
IT operations is only continuing to grow in complexity. There are too many alerts for human operators to process and little to no visibility into which alerts are business impacting. And it’s only getting worse with the addition of new devices and the growing list of services being employed by organisations — slowing detection and resolution times. Why is this a problem? Legacy IT solutions have left organisations in a complex and manual state. With too many siloed tools, productivity for IT remains low, and they’re often plagued in their inability to find the exact root cause.
Do you have an "analytics"? How analytics tools workSPLYT
Originally presented April 24, 2014 to Orlando's Tech on Tap meetup by Paul Fleetwood, Sr. Software Engineer at SPLYT. Paul gives an overview of how analytics platforms work and how SPLYT's revolutionary process delivers better answers to all your questions.
How to Build an Invincible Incident Management PlanDevOps.com
We all know that service degradation and outages are going to happen, especially as organizations increase their system complexity and their pace of change. It’s not a matter of if your organization will face this threat, but when.
However, total disaster is not inevitable. With a robust incident management plan in place, your team can recover from downtime quickly to mitigate revenue loss, customer churn, brand backlash and employee burnout. The answer is not to slow down the business, it’s to respond more effectively when incidents occur.
Join Splunk + VictorOps' Director of Product Marketing, Bill Emmett, for a live webinar on Thursday, June 27th at 1pm EDT to learn:
The essential components of an effective incident management plan
How to instill key downtime recovery principles in a team of any size or level
Tools to reduce MTTA/MTTR and power continuous improvement with greater automation, transparency and collaboration
A story about Continuous Monitoring, which takes you as an engineer through the various aspects of monitoring to survive high competitive business and demanding customers by applying the DevOps approach.
Life of an event - A never ending tool chainDevoteam
Devoteam Netherlands hosted the DevOps Amsterdam Meetup on 26th of March 2015.
Arnold Van Wijnbergen, Principal Consultant IT Service Excellence gave a presentation about "Life of an event - A never ending tool chain" which gives a overview on Monitoring and DevOps and finally how to support Continuous Monitoring within your Delivery Pipeline.
Splunk is a powerful platform for understanding your data. This session will provide an overview of machine learning capabilities available across Splunk’s portfolio. We'll dive deeply into Splunk's Machine Learning Toolkit App, which extends Splunk Enterprise with a rich suite of advanced analytics, machine learning algorithms, and rich visualizations. It also provides customers with a guided model-building and operationalization environment. The demonstration will include the guided model-building UI for tasks such as predictive analytics, outlier detection, event clustering, and anomaly detection. We’ll also review typical use cases and real-world customers who are using the Toolkit to drive business results.
SplunkLive! Paris 2018: Legacy SIEM to SplunkSplunk
Presented at SplunkLive! Paris 2018: Legacy SIEM to Splunk, How to Conquer Migration and Not Die Trying:
- Why?
- SIEM Replacement
- Use Cases
- Data Sources & Data Onboarding
- Architecture
- Third Party Integrations
- You Got This
-
View Related videos:-
Truth about Supply Demand Planning:-
http://www.youtube.com/watch?v=K66q2o1ED3c
Demantra Vs Oracle Demand Planning
http://www.youtube.com/watch?v=QwAzP3T6ut4
Another slideshare PPT:-
http://www.slideshare.net/amitforu78/demantra-vs-oracle-demand-planning
Contact me at www.ezdia.com
<a>AsiaLinks</a>
Event-driven architectures have been around for a long time, but new trends and innovations in "serverless" computing, data streaming, and Agile practices have created the ground for an evolutionary step that will have significant impact on the way we design and build software over the next decade or more. Much like APIs drove a revolution in public services for RPC, REST, and similar "pull" use cases across organization boundaries, the market now promises to similarly define standard mechanisms to enable "push" notifications of discrete data and activities. This practice, which we call Flow, will drive a revolution in interconnectivity similar to what we saw with HTML and REST.Agile is central to the success of these mechanisms, and is one of the key reasons why this will happen sooner rather than later. The ability to adapt quickly to customer needs, combined with the ability to react quickly to new and changing event sources, is required to make event-driven practices work. In this presentation, James Urquhart describes the changes on our horizon, discuss existing architectures, mechanisms and organizations that are leading the way, and talk specifically about how Agile teams are well prepared to both drive and benefit from Flow systems. The presentation is targeted at technology, development, and product leaders who wish to understand how Flow fits into their architecture portfolio.
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
.conf Go 2023 presentation:
"Das passende Rezept für die digitale (Security) Revolution zur Telematik Infrastruktur 2.0 im Gesundheitswesen?"
Speaker: Stefan Stein -
Teamleiter CERT | gematik GmbH M.Eng. IT-Sicherheit & Forensik,
doctorate student at TH Brandenburg & Universität Dresden
.conf Go 2023 presentation:
De NOC a CSIRT
Speakers:
Daniel Reina - Country Head of Security Cellnex (España) & Global SOC Manager Cellnex
Samuel Noval - Global CSIRT Team Leader, Cellnex
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
BMW is defining the next level of mobility - digital interactions and technology are the backbone to continued success with its customers. Discover how an IT team is tackling the journey of business transformation at scale whilst maintaining (and showing the importance of) business and IT service availability. Learn how BMW introduced frameworks to connect business and IT, using real-time data to mitigate customer impact, as Michael and Mark share their experience in building operations for a resilient future.
Data foundations building success, at city scale – Imperial College LondonSplunk
Universities have more in common with modern cities than traditional places of learning. This mini city needs to empower its citizens to thrive and achieve their ambitions. Operationalising data is key to building critical services; from understanding complex IT estates for smarter decision-making to robust security and a more reliable, resilient student experience. Juan will share his experience in building data foundations for a resilient future whilst enabling digital transformation at Imperial College London.
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
Learn how Vodafone has provided end-to-end visibility across services by building an Operational Analytics Platform. In this session, you will hear how Stefan and his team manage legacy, on premise, hybrid and public cloud services, and how they are providing a platform for complex triage and debugging to tackle use cases across Vodafone’s extensive ecosystem.
.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own.
Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo.
So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including:
Top challenges faced in improving security posture
Key KPIs implemented in order to measure success
Strategies and approaches applied in the SOC
How MITRE ATT&CK and Splunk Enterprise Security were utilised
Next steps in their maturity journey ahead
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
4. What is Truth? Event Management?
Terminology within the “Event Management” space is loose
Event, alert, notification, alarm, incident, timer-series message, …
Event manager, element manager, monitor, fault manager, manager of managers...
We have to speak the same language
At least during this session
5. ▶ Event - time-series message describing a change of state for a target entity
• Often generated by a 3rd party entity
• Usually includes target component (server17), alert description (“node is down”),
state/status/severity (“down”)
• NOTE: This is different than most Splunkers think of an “event”
▶ Logged Data - time-series message from an entity, describing something that
occurred to the entity itself
• App log, O/S log, win-event, syslog (usually)
Data Terms
6. ▶ Metric Data - time series message with a performance value. Usually a number.
• Collected on a regular basis (every minute, every 15 minutes, etc.)
• “CPU % usage,” “Filesystem capacity,” “Interface bytes received”
▶ Wire Data - time-series message collected indirectly by capturing raw network
traffic ”off the wire.”
• Often metrics
• Splunk Stream, wireshark, etc.
Data Terms
7. ▶ Time-Series Data - the stuff that Splunk indexes
• Formerly called “events” by many Splunkers
• Includes all of the previous data types
▶ Notable Event - an actionable message
• Intended specifically for human in Operations
• Splunk ITSI & Splunk ES
▶ Incident - unplanned interruption or reduction in quality of an IT or Business
service
• ServiceNow, Remedy
Data Terms
8. ▶ Event Manager or Element Manager or Monitor
• Monitors stuff and spews “events”
▶ Manager of Managers or Fault Manager
• A tool which correlates events
▶ AIOps
• The “latest thing,” uses Machine Learning
▶ Event Analytics
• Splunk’s vision for next-gen IT Operations
Other Terms
33. ▶ Creative KPIs allow us to move beyond traditional events
• KPI: Average vehicle speed (metric data)
• KPI: Vehicle throughput (wire data)
• KPI: Count of 911 calls tagged with "Interstate-25" (logged data)
▶ Machine Learning – based thresholding allows us to see
"normal" vs. "not normal"
• Slower vehicle speeds during rush hour are normal
Events Aren't Enough
Metrics, Logged and Wire Data Fill in the Blind Spots
34. Notable Events at Human Scale
1000s to 100s – Events with
important service contexts
35. Notable Events at Human Scale
100s to Dozens – Events with
the specific service context
36. Notable Events at Human Scale
Dozens to Handfuls
– Use ML to find
"not normal" within
this specific service context
37. The Old IT Ways Don't Work Anymore
Event Fatigue
38. ▶ Event Fatigue
▶ Complex
Environments
▶ Components multiply,
Silos abound
The Old IT Ways Don't Work Anymore
39. Help!
▶ Which busted components should we focus on?
▶ When a component fails in such a complex environment,
what does it even mean?
▶ What important services are impacted, if any?
▶ How do we identify those failures which are actually
impacting the business – customers, clients & revenue?
40. ▶ ML is the latest approach to magically reduce the huge volume to find
that "elusive root cause event"
▶ ML IS a powerful new capability which can be useful, but...
▶ ML alone will not solve our fundamental problems
▶ Without a service context, adding ML to the old deluge of events isn't
enough
Machine Learning Won't Save Us
42. Apply a Flexible Service Context
Focusing on High Value Services
• Customer Purchases
• Financial Transactions
• Claims Processing
43. ▶ No more filtering, reducing
▶ Use all types of data:
Traditional events
Metrics
Wire data
▶ "OK" & "Not OK" info
Use All the Data– At Scale
44. ▶ Dealing with gigabytes is easy
▶ Must be able to handle terabytes and even petabytes
If You Can't Scale, You'll Fail
45. ▶ At Every Step
▶ On All Types of Data
▶ From High vs. Low to
Normal vs. Not Normal
▶ Move Beyond Alerts
▶ Get Proactive
Use Machine Learning the Right Way
51. ORLANDO FLORIDA
Walt Disney World Swan and Dolphin Hotels
.conf18:
Monday, October 1 – Thursday, October 4
Splunk University:
Saturday, September 29 – Monday, October 1
Save the Date 2018