Entries by Heejoon Byun

Enhancing Security Operations: The Unified Integration of Splunk ES and SOAR

Integrating Splunk Enterprise Security (ES) with Splunk Security Orchestration, Automation and Response (SOAR) can significantly enhance your organization’s security operations. By automating alert handling and response processes, this integration streamlines security incident management and enables faster, more effective threat mitigation. Splunk SOAR empowers security teams to automate actions based on Splunk ES detections using assigned […]

Deployment Server Clustering – An Easier Way to Manage Splunk Forwarders

Are you having trouble managing thousands and thousands of Splunk forwarders? Until now, many organizations have typically used numerous deployment servers in a scaling configuration, to manage a massive number of forwarders. However, to make life easier, Splunk has introduced a new feature called ‘Deployment Server Clustering’, which was introduced with Splunk version 9.2.