One of the most requested features in Splunk has been better audit logging for changes. With the introduction of Splunk Enterprise 9.0, a new feature has been introduced for configuration change tracking. Let’s take a look at how this new feature works…
Author: Tom Kopchak
Europe, Global Security News, North America
Security Advisory Regarding Splunk Enterprise Deployment Servers
by Tom Kopchak •
CVE-2022-32158 Details Hurricane Labs is aware of the recent vulnerability involving Splunk Enterprise deployment servers. This vulnerability was announced by Splunk on 2022-06-14. Successful exploitation of this vulnerability could result in a compro…
Europe, Global Security News, North America
Splunk Cloud: Determining Search Head Resources
by Tom Kopchak •
One common task that comes up when troubleshooting Splunk search performance issues is validating the correct resources are available. For on-premise Splunk Enterprise, you can easily do this through the Monitoring Console: Settings -> Monitoring C…
Europe, Global Security News, North America
How to Improve Your Data Model Acceleration in Splunk
by Tom Kopchak •
Data Model Acceleration (DMA) is critical to proper alerting in the Splunk Enterprise Security Suite. This tutorial will walk you through the process of auditing your DMA searches so they’re running as efficiently as possible. Why DMA? Splunk uses Dat…
Europe, Global Security News, North America
Using AWS Auto Scaling Groups with Splunk
by Tom Kopchak •
AWS Auto Scaling groups allow you to dynamically allocate resources for different types of usage scenarios. This approach can be very effective for allowing an application to scale to an unpredictable and varying level of users and needed compute resou…