Solutions Archives - Page 2 of 10 - Discovered Intelligence

Export Your Splunk Cloud Apps

November 25, 2024/in Big Data, Education, Solutions, Splunk, Splunk Cloud/by Anoop Ramachandran

Splunk Cloud Platform recently got an exciting new feature, it’s the new app export feature which provides cloud admins self-service capability to export app configuration files and associated app data.

Running a Splunk Search in a Different Time Zone

November 15, 2024/in Big Data, Education, Solutions, Splunk/by Darren Fuller

We had a recent request to create a Splunk alert that runs hourly with a time range of midnight UTC of current date to current time. This sounds like an easy request, but when you look into it it’s a bit more complicated than it seems.

Asset Risk with Splunk Asset and Risk Intelligence

October 28, 2024/in Asset and Risk Intelligence, Security, Solutions, Splunk/by Discovered Intelligence

Splunk Asset and Risk Intelligence (ARI) provides teams with detailed and powerful visibility into risks affecting discovered assets. This helps teams to quickly identify and address gaps in security controls, understand compliance with cybersecurity frameworks and offers greater context during security investigations.

Asset Activity with Splunk Asset and Risk Intelligence

October 7, 2024/in Asset and Risk Intelligence, Security, Solutions, Splunk/by Discovered Intelligence

Splunk Asset and Risk Intelligence (ARI) provides detailed insights into how active an asset has been over time. Instantly identify who had what asset and when, view any asset changes or even identify unusual asset activity within your network.

Enhancing Security Operations: The Unified Integration of Splunk ES and SOAR

September 30, 2024/in Big Data, Education, Solutions, Splunk/by Discovered Intelligence

Integrating Splunk Enterprise Security (ES) with Splunk Security Orchestration, Automation and Response (SOAR) can significantly enhance your organization’s security operations. By automating alert handling and response processes, this integration streamlines security incident management and enables faster, more effective threat mitigation. Splunk SOAR empowers security teams to automate actions based on Splunk ES detections using assigned playbooks, enabling seamless incident resolution.

Upgrader App for Splunk: Effortlessly Upgrade Your Splunk Instance

September 23, 2024/in Apps, Big Data, Splunk/by Discovered Intelligence

Upgrading on-premise Linux Splunk Enterprise instances has historically been a complex and challenging task, but the new Upgrader App for Splunk (UA4S) app is designed to change that. In this review, we’ll take a closer look at how this app simplifies the upgrade process and makes this task accessible for anyone, even those without extensive technical expertise.

Asset Investigations with Splunk Asset and Risk Intelligence

September 16, 2024/in Asset and Risk Intelligence, Security, Solutions, Splunk/by Discovered Intelligence

Splunk Asset and Risk Intelligence (ARI) enables your team to quickly perform complete and thorough asset investigations. An interactive and holistic approach provides security teams with much needed context about assets, including asset health, network activity and associations.

Setting Up a Splunk Testing Environment Using Terraform & GCP

September 9, 2024/in Big Data, Education, Solutions, Splunk/by Darren Fuller

Overview

Have you ever wished you had a fresh ephemeral Splunk instance that you could quickly spin up, run some tests and then kill it, with maximum speed and minimum cloud costs?

Enter Hashi Terraform to the rescue. The industry-leading infrastructure-as-code tool makes the standup, setup and teardown of cloud compute nodes simple, speedy and repeatable so that an environment can be built, a complete set of tests can be run, results received and the test nodes destroyed in minutes rather than hours.

In this whitepaper, I show how I set up my computer and built the Search Head and Deployment server, as well as how I set up the many Splunk Universal Forwarders to satisfy the test plan.

Download Whitepaper

Get access to this exciting whitepaper now, by completing the form below.

Looking to expedite your success with Terraform? Click here for more information about our Terraform Professional Service offerings, including:

Terraform Implementation
Infrastructure Migration using Terraform
Implementing Zero Trust Architectures
Terraform Operational Assessment

Asset Discovery with Splunk Asset and Risk Intelligence

August 11, 2024/in Asset and Risk Intelligence, Security, Solutions, Splunk/by Discovered Intelligence

Splunk Asset and Risk Intelligence (ARI) continuously discovers all assets on the network using a unique approach that creates a single source of truth from multiple sources of record, resulting in comprehensive and accurate asset visibility and reporting.

Introducing Splunk Asset and Risk Intelligence

August 9, 2024/in Asset and Risk Intelligence, Security, Solutions, Splunk/by Discovered Intelligence

What is Splunk Asset and Risk Intelligence?

Splunk Asset and Risk Intelligence (ARI) is a powerful, premium application from Splunk which delivers proactive risk mitigation through continuous asset discovery and compliance monitoring.

Overview

Download Whitepaper

What is Splunk Asset and Risk Intelligence?

From Our Blog