Blog

  • Blog
  • Splunk

Splunk Index Earliest and Index Latest

Dynamically set field names based on values in your Splunk events, and set them to corresponding field values.
  • Blog
  • Splunk

How to Dynamically Extract and Set Field Names in Splunk

Read what the CEO of TekStream thinks of cybersecurity and how his team uses Splunk and AWS to create safe environments.
  • Blog
  • Splunk

Letter from the CEO 

  • Blog
  • Splunk

Cybersecurity Just Got Personal – My County Was Held Hostage

Data is the lifeblood of any organization, and harnessing its insights is paramount for making informed decisions. In the realm of data analytics, Splunk stands out as a powerful tool for searching, monitoring, and analyzing vast datasets.
  • Blog
  • Splunk

Best Practices for Writing Efficient Splunk SPL Queries

This blog details a step-by-step process on how to create and run a prediction model with Splunk MLTK. The use case explained in this blog is specifically, how to predict the number of incident tickets created for an Operation Team during a busy holiday time, so the team can prepare for the workload.
  • Blog
  • Splunk

Predict Your Incident Tickets With Splunk MLTK 

Splunk timestamp extraction can be tricky until you work with it a couple times. Follow along with me through a couple different examples and you should be able to extract a timestamp out of any data. There are a few settings in Splunk’s “Magic 8” that go into props.conf of the data you are trying to ingest.
  • Blog
  • Splunk

Splunk Timestamp Extraction – Where and How to Find Time!

Helpful Splunk resources from the TekStream developer team
  • Blog
  • Splunk

Useful Online Resources for the Aspiring Splunk Admin

Get Your Custom App to Pass App Vetting on the First Try
  • Blog
  • Splunk

Get Your Custom App to Pass App Vetting on the First Try

What is serverless automation, you ask? It's a game-changing approach that combines the best of serverless computing with the magic of automation. With serverless automation, you can automate tasks, workflows, and integrations without the need for manual intervention or the hassle of managing infrastructure. Thanks to nifty tools like AWS Lambda and EventBridge, businesses can achieve seamless automation, real-time data processing, and make agile decisions that drive success.
  • AWS
  • Blog

Unleashing the Power of Serverless Automation

Splunk’s Compliance Essentials provides several features that can help organizations meet the requirements of various compliance frameworks like CMMC, DFARS, FISMA and more. This app comes pre-packaged with a library of compliance practices, dashboards that can be used to monitor compliance status & track progress, and reports that can be used to demonstrate compliance to auditors.
  • Blog
  • Splunk

Splunk Compliance Essentials: Your One-Stop Shop

Splunk SOAR: HUD Tutorial
  • Blog
  • Splunk

Splunk SOAR: Introduction to the HUD Space

The goal here is to aggregate the detections to maximize your chances of detecting this critical attack. A part of that is gathering the list of IOCs scattered in multiple locations on the internet and looking at activity that could point to the MeowCorp Ransomware exploitation. Here at TekStream, we have several security engineers that are intimate with cybersecurity knowledge and especially the logs of our clients. To get help building detection for your specific client, fill in the form below and get access to our Splunk/security expertise. 
  • Blog
  • Security Bulletin

TekStream Security Bulletin: APT Spotlight Ransomware from MeowCorp

TekStream Security Bulletin: Splunk Takes Out SysJoker Variant
  • Blog
  • Security Bulletin

TekStream Security Bulletin: Splunk Takes Out SysJoker Variant Written in Rust