Entries by Caroline Lea

Using Collect for Summary Indexing in Splunk

  By: Karl Cepull | Senior Director, Operational Intelligence   Splunk can be a valuable tool in cybersecurity. Attacks from outside forces, along with questionable activity within a network, put sensitive data and corporate assets at tremendous risk. Using Splunk to find bad actors or malicious events can help an organization protect itself and discover […]

How to Configure SSL for a Distributed Splunk Environment

  By: Bruce Johnson  | Director, Enterprise Security   Many organizations use Splunk today. Of those adopters, most have a distributed Splunk environment. Often, organizations have sensitive data traversing their network, which makes its way into Splunk. More now than ever, security is at the forefront of everyone’s mind, and securing your Splunk environment is […]

SignalFx Agent Configuration for Docker and Gunicorn

  By: William Phelps  |  Senior Technical Architect   This blog covers the basic steps for configuring the SignalFx agent and configuring a Python application running in Gunicorn to send trace data to SignalFx via the agent if Gunicorn is being executed within a Docker container. Let’s start with a high-level overview of the technologies […]

Don’t Be a Karen: Rebuilding the Terraform State File and Best Practices for Backend State File Storage

  By: Brandon Prasnicki  |  Technical Architect   It happened. It finally happened. After talking to the manager, Contractor Karen quit. She was solely responsible for managing the project’s cloud architecture with Terraform. Now that Karen left, a new resource needs to take her place and continue managing and building the cloud infrastructure. Luckily, the […]

How to Merge Two Multi-Site Indexer Clusters into One

  By: Jon Walthour  |  Team Lead, Senior Splunk Consultant   Problem: Take two multi-site indexer clusters and meld them into one with all the buckets from cluster A residing in and being managed by cluster B. Then, with all the buckets transferred to cluster B, cluster A indexer hardware can be decommissioned. TL;DR: It […]

Oracle Visual Builder Can Bring It All Together

How to Use Oracle Visual Builder to Create Fast, Custom Interfaces for Integrations, Process Workflows, and Custom Functionality     By: Courtney Dooley  |  Technical Architect   Oracle Integration Cloud service is a robust Platform-as-a-Service (PaaS) offering that combines integration orchestration with business process workflows to provide custom solutions for any complex business routines. Visual […]

Re-Index Raw Splunk Events to a New Index

      By: Zubair Rauf  |  Splunk Consultant, Team Lead   A few days ago, I came across a very rare use case in which a user had to reindex a specific subset of raw Splunk events into another index in their data. This was historical data and could not be easily routed to […]

Splunk Upgrade Script

      By: Chris Winarski  |  Splunk Consultant   We have all run into occasional difficult situations when upgrading Splunk environments, but have you ever had to upgrade many boxes all at once? The script below may help with that, and if properly tailored to your environmental settings, can ease the pain of Splunk […]