Welcome to the Splunk Blog from bridge:com
Many of you will already know me, I’ve been around the country on numerous projects over the last few years and have seen quite a bit from stand-alone Splunk servers to very global multi-site installations. And even though I’ve been working with Splunk almost daily since 2011, there are new questions and different, exciting challenges with every project. For a long time I’ve wanted to share these experiences with other Splunkers, and in the spring of 2020 we finally managed to go live with the Splunk Blog. In the posts here, we will explain issues related to infrastructure and architecture at Splunk, but also highlight aspects of searches and visualizations. Think of this blog as a Splunk tutorial or even Splunk wiki. I hope you’ve gained some learnings for you and your current projects. If you have any questions or suggestions, please feel free to contact me at norbert.hamel@bridgecom.de.
Enjoy reading and happy Splunking!
Norbert
Time Zones in Splunk Part 1
In a Splunk PS deployment, I come into the office on Monday mornings and see something like the following when looking at my contact's desk: Three devices, all connected to the network, display three different times The customer's organization[...]
The Great 8 – Configuration of Sourcetypes Part 1
As Splunk PS Consultants, we often perform so-called health checks, in which we examine the customer's Splunk installation and document the opportunities for optimization. One of the issues that occurs in almost every health check is the sub-optimal configuration[...]
Switch on trellis layout based on multi-select input
In some cases, we don't know exactly what form of presentation in a dashboard will work best for users. Sometimes it depends on what previous knowledge the users have on the current topic, or on the time range chosen.[...]
Install Splunk UF on Windows automatically with batch script
Splunk Universal Forwarders can be installed on Windows in a number of ways, including through software distribution mechanisms common in the Windows world, such as SCCM. However, in some situations, e.g. during a PoC, it is not possible or[...]
Splunk ES + XDR – better together
XDR is currently one of the "hot" topics in cyber security: Providers are presenting new solutions and offers, and as is so often the case, the new technology is presented as the ultimate solution. This is reason enough to[...]
Newsletter
By providing your email address and clicking the “Subscribe” button, you agree to bridge:com sending you information about new blog posts or notices about our Big Data services in the form of newsletters. You can cancel your agreement at any time via the link “unsubscribe/edit profile” in the newsletters or by sending an email to datenschutz@bridgecom.de.