Lançamentos de Produtos: Saiba em primeira mão sobre as últimas atualizações e novidades da plataforma Splunk. Descubra como as novas funcionalidades podem aprimorar sua capacidade de análise de dados e otimizar suas operações. Casos de Sucesso: Ouça relatos de organizações que alcançaram resultados extraordinários ao implementar o Splunk em suas operações. Aprenda com as melhores práticas e lições aprendidas diretamente daqueles que já estão colhendo os benefícios dessa poderosa solução. Painéis de Discussão: Junte-se a debates animados e painéis de discussão sobre tópicos relevantes relacionados ao Splunk. Tenha a chance de fazer perguntas aos especialistas e obter insights valiosos. Networking: Amplie sua rede de contatos e interaja com outros profissionais que compartilham o mesmo interesse no Splunk. Conheça colegas da área, troque experiências e crie conexões significativas.

1. © 2023 SPLUNK INC.
.conf23
Highlights
User Group São Paulo
September 2023
Eduardo Almeida - Senior Manager, Sales Engineering
André Ribeiro - Senior Sales Engineer

3. © 2021 SPLUNK INC.
© 2023 SPLUNK INC.
Splunk's Strategy

4. © 2023 SPLUNK INC.
81%
of ITOps teams
are dealing with
more complex
environments
64%
of SOC teams
complain about
pivoting among too
many disparate tools
Detection,
Investigation and
Response have
gotten harder

5. © 2023 SPLUNK INC.
Building
digital
resilience
with Splunk
ITOps Engineering
Proactively prevent major
issues
Remediate threats and
disruptions fast
Adapt quickly to new
opportunities
SecOps

6. © 2023 SPLUNK INC.
We announced a prescriptive path to build
digital resilience
Digital Resilience at Enterprise Scale
Search and investigate
Troubleshoot with
log analytics
Expand monitoring
and alerting
Understand
service health
Deliver situational
awareness and
automation
Ensure reliability of
consumer-facing web
applications
Unify threat detection,
investigation and
response
Deliver exceptional
digital customer
experiences
Observability
ITOps, Engineering
Security
SecOps
Foundational
Visibility
Prioritized
Actions
Proactive
Response
Optimized
Experiences
See across hybrid
environments
Understand risk
and performance
Get ahead of
issues
Delight customers
and build trust

7. © 2023 SPLUNK INC.
Comprehensive
Visibility Across
Environments
Commitment to a
Multi-Cloud Hybrid
World
Our commitment to customers
World-Class Customer Experience
Unified Security
and Observability,
Powered by AI.

8. © 2023 SPLUNK INC.
The Unified Security and Observability Platform

9. © 2023 SPLUNK INC.
The Great
Resilience Quest
Your journey to resilience begins here.
Ready to achieve greater digital resilience? Join this
interactive challenge to level up with Splunk, have
fun, and win prizes while you’re at it!
Get prescriptive guidance on how to successfully
adopt each use case on the resilience journey
framework, using the entire breadth and depth of
Splunk resources, as you mature along the Security
and Observability paths.
Your quest awaits you...
experience.splunk.com/resiliencechallenge
Modernize Your Security
Operations
Security
Deliver Superior Digital
Services
Observability
Foundational
Visibility
Prioritized
Actions
Proactive
Response
Optimized
Experiences
Resilience Journey
Digital Resilience at Enterprise Scale

10. © 2023 SPLUNK INC.
Today
Deploy customer-managed Splunk on Azure
Purchase through Azure Marketplace
Coming Soon
Native Splunk as-a-service offering
Enhanced integrations across the
Microsoft Suite
Announcing
Strategic
Partnership
with Microsoft
MULTI-CLOUD HYBRID

11. © 2023 SPLUNK INC.
Choice and Efficiency Without Sacrifice
Edge
Processor
Federated
Search
S3
VISIBILITY

12. © 2023 SPLUNK INC.
Announcing Splunk AI
• Outlier Exclusions for Adaptive Thresholding: Splunk ITSI
• ML-assisted Thresholding (Preview): Splunk ITSI
• 6 ML-powered detections: Splunk ESCU
• Splunk App for Anomaly Detection
• Splunk AI Assistant (Preview)
• Splunk Machine Learning Toolkit 5.4
• Splunk App for Deep Learning & Data Science 5.1
Our approach
Human in the loop and trusted
Open and extensible
Domain and Splunk specific
Available today
Accelerate detection, investigation and response
POWERED BY AI

13. © 2021 SPLUNK INC.
© 2023 SPLUNK INC.
Product Announcements

14. © 2023 SPLUNK INC.
SPLUNK MISSION CONTROL
Splunk Enterprise Security Splunk Attack Analyzer Splunk SOAR
Detect | Investigate | Respond
The Industry-Defining TDIR Solution
SECURITY

15. © 2023 SPLUNK INC.
ML-Powered
Analytics
New behavior-based
analytics and detection
capabilities add-on for
Splunk Enterprise Security
Preview
ANNOUNCING
SECURITY

16. © 2023 SPLUNK INC.
Splunk
Attack
Analyzer
Uncover complex attack
chains and streamline analysis
GA
SECURITY
ANNOUNCING

17. © 2023 SPLUNK INC.
Splunk
Mission
Control
Unify SecOps with a single
work surface
GA
SECURITY
ANNOUNCING

18. © 2023 SPLUNK INC.
How can I
learn more?
● Activate Mission Control, plus get a 6-month free
SOAR trial.
● Request a demo of Splunk Attack Analyzer and
or Mission Control
● Sign up for up-to-date security research with
SURGe Alerts
● Play the Splunk Great Resilience Quest
SECURITY

19. © 2023 SPLUNK INC.
Bringing
ITOps and
Engineering
Together to
Deliver
Amazing
Experiences
Splunk
Observability
Application
Performance
Monitoring
Infrastructure
Monitoring
Log
Analysis
Incident
Response
AIOps
Digital Experience
Monitoring
OBSERVABILITY

20. © 2023 SPLUNK INC.
Unified
Identity
Access your Splunk®
Cloud
and Splunk®
Observability
Cloud data with a single
user identity
GA
OBSERVABILITY
ANNOUNCING

21. © 2023 SPLUNK INC.
Outlier
Exclusions
and
ML-Assisted
Adaptive
Thresholding
Faster detection and improved
alerting in IT Service
Intelligence
GA
Preview
OBSERVABILITY
ANNOUNCING

22. © 2023 SPLUNK INC.
Splunk RUM
Session
Replay
Reconstruct end-user
experiences for faster
investigation and response
Preview
OBSERVABILITY
ANNOUNCING

23. © 2023 SPLUNK INC.
Collector as a TA
Manage the Collector and UF
agents side-by-side
Use your own tooling and processes
(like Ansible, Chef, Puppet, etc.) to
deploy OpenTelemetry Collectors,
Universal Forwarders, and configs
onto each host.
Deploy the Collector using Splunk
Deployment Server
You can now deploy the Collector
and its configuration files onto each
host using Splunk Deployment
Server, just as you would for any
other TA.
If you already rely on Deployment
Server, this is a great way to capture
metrics and traces from your hosts.
Use the OpenTelemetry Collector
to capture all data for Splunk
Use the Collector to capture all data
(including logs!) from your hosts and
applications.
Developing Now
More easily extend your Splunk Cloud Platform insights with Splunk Observability Cloud
Three ways to capture data from VMs for Splunk Observability Cloud and Splunk Cloud Platform
Splunk Observability Cloud gives you deep visibility into your production services and infrastructure. It makes your
developers more productive, reduces outages and their impact, and can help you optimize your cloud costs. However,
Observability Cloud requires new types of data, like metrics, spans / traces, and profiles, all of which are captured using
the OpenTelemetry Collector agent.
Splunk Cloud Platform, Splunk Observability Cloud New

24. © 2023 SPLUNK INC.
How can I
learn more?
● Play the Splunk Great Resilience Quest
For ITOps Teams:
● Request a demo of Splunk ITSI Outlier Exclusion &
ML-Assisted Adaptive Thresholding
For Engineering Teams:
● Request a demo of RUM Session Replay
● Start a trial of Splunk Observability Cloud, now with
unified identity
● See how one of Splunk’s engineering teams use
Observability Cloud
OBSERVABILITY

25. © 2023 SPLUNK INC.
Business
Critical
Tier A
Tier B
Tier C
Low Signal
Low Value
Higher Value Low Volume
Higher Value Low Volume
Manage
Data Across
Its Lifecycle
PLATFORM

26. © 2023 SPLUNK INC.
Edge
Processor
Flexible filtering, masking,
and routing capabilities for
your growing data volumes
GA
PLATFORM
ANNOUNCING

27. © 2023 SPLUNK INC.
Splunk
Edge Hub
Visibility to more
environments
LAR
PLATFORM
ANNOUNCING

28. © 2023 SPLUNK INC.
Federated Search for Amazon S3
● Search your Amazon S3 buckets at rest directly
from your Splunk® Cloud Platform instance on
AWS.
● Useful for investigations, analytics and enrichment
with historical data.
● Leverages AWS Glue Data Catalog tables to
read schematized data in your Amazon S3
buckets.
● Supports multiple data formats: JSON, CSV,
Parquet, ORC, and more. Can read encrypted
data with SSE-KMS and SSE-S3.
● Integration with Ingest Actions and Edge
Processor for data movement between Splunk
and Amazon S3.
Splunk Cloud Platform
Data movement with
Ingest Actions and
Edge Processor
Your Amazon S3
buckets
Ingestion of recent
data from multiple
sources
Federated
Search for
Amazon S3
Amazon Web Services (AWS) and Amazon Security Lake are trademarks of Amazon.com, Inc. or its affiliates.
Coming
Soon
PLATFORM

29. © 2023 SPLUNK INC.
Assistive intelligence chat bot
experience that lets you simply
write a description of the query
you want in English, and
translates the request into SPL
ideas!
You can have conversational
discussions about
❏ writing an SPL query that
answers a user’s question
❏ describing a given SPL query
in layman terms
❏ explaining the purpose of a
given search command
❏ optimizing an existing query
Splunk AI
Assistant
Preview
PLATFORM
ANNOUNCING

30. © 2023 SPLUNK INC.
Splunk App for Anomaly Detection 1.1
Find anomalies in time-series datasets in just a few clicks!
Beginner friendly
No need for complex SPL queries, parameter tuning, or
knowledge of statistics
Quick and simple
The app detects anomalies with a couple of clicks - no trial
and error required
Helps ensure accuracy
Health check diagnostics determine if the user’s dataset is
fit for anomaly detection with the app’s algorithm
End-to-end operationalization workflow
Create anomaly detection jobs to run at regular intervals
and generate alerts
Splunk Enterprise 9.1, Splunk Cloud Platform
GA

31. © 2023 SPLUNK INC.
Ingest Actions Improvements
Simply author and deploy ingest rules
More signal, less noise
● Dynamically re-set the index field value based on a rule
● Route data to multiple, distinct Amazon S3
destinations (max 8)
Seamless operations
● Live Data Preview for an even more accurate authoring
experience on your deployment server(s) and
standalone Splunk instance(s)
● Real-time health report indicators to detect output
latency or write failures
● Support for Windows platform (on-prem)
Enable downstream storage and search
● Easily partition your S3 output by date and sourcetype
● New output options like ‘ndjson’ and ‘_raw’
Splunk Enterprise 9.1, Splunk Cloud Platform

32. © 2023 SPLUNK INC.
Splunk Operator for Kubernetes 2.3
● Easily deploy, manage, and scale Splunk on your choice of cloud environment with
automated deployment and streamlined administration
● Recent enhancements:
○ Rapidly deploy Splunk Validated Architectures containerized with Helm Charts
○ Easily install Splunk on Microsoft’s Azure Kubernetes Service with Azure Blob
support for Splunk Operator App Management Framework
○ Plus, full support for Enterprise Security
Splunk Enterprise 9.1

33. © 2023 SPLUNK INC.
How can I
learn more?
● Explore how Splunk Edge Processor and
Federated Search for S3 can simplify data
onboarding and reduce storage costs
● Upgrade to Splunk Enterprise 9.1 for the most
efficient customer-managed Splunk Platform
experience
PLATFORM

34. © 2023 SPLUNK INC.
Announcements and Enhancements
Platform
Enterprise 9.1 and Splunk Cloud Platform
● Splunk Cloud Platform on Azure
● Cross-region Disaster Recovery
● Edge Processor
● Fed Search on Amazon S3 (p)
● Ingest Actions
● Dashboard Studio
● Admin Config Service
● Cloud Monitoring Console
● Splunk Mobile
Splunk Edge Hub
Cloud Monitoring
Console Update
Data Manager
Observability
Unified Identity
Open Telemetry Collector
Splunk Observability Cloud
● RUM Session Replay
● Infrastructure Monitoring Kubernetes
● Navigator 2.0
● APM Service Centric Views
OpenTelemetry Zero Configuration
Security
Splunk Attack Analyzer
Mission Control (Cloud)
Splunk SOAR
● Logic Loops
● Playbook Triggers
● Copy and Paste in Notes
Splunk Enterprise Security
● Multiple Drill-Down Searches in Correlations
● Timeline in Incident Review
● Auto Refresh for Incident Review
Splunk®
Security for SAP®
Splunk Add-On for AWS v.7 with support for Amazon
Security Lake and AWS AppFabric
Access to More Data Sources
Splunk to Splunk Federated
Search
Log Observer Connectv
Splunk AI
ML-Powered Detections
Model-Assisted Threat Hunting
ML-powered analytics
Outlier Exclusion for Adaptive Thresholding
ML-Assisted Thresholding
Splunk AI Assistant
Machine Learning Toolkit 5.4
Splunk App for Anomaly Detection
Splunk App for Data Science and Deep Learning 5.1

35. © 2023 SPLUNK INC.
Thank You