Blog

We are excited to announce the release of ElasticSPL 1.1, which introduces the Community Edition, a free tier that allows you to connect one Elasticsearch cluster to your Splunk instance.

After months of development, we're happy to announce the availability of Alert Manager Enterprise (*) today.

The biggest Boss of the SOC event in the Alps regions has been held yesterday. A total of 48 teams with 160 participants played at the BOTS event organized by Splunk Switzerland and the Swiss branch of the Splunk User Group (i09).

Welcome to the last part of our Alert Manager Enterprise introduction blog series.

Our previous blog post looked closely at Notifications and Workflow Actions. This time we're looking at one of the most exciting new features of AME: Multi-Tenancy.

We will also discuss our release plan, feature packs, support plan, and roadmap. Let's get started!

In our previous blog post, we introduced you to tags and rules. This time we're taking a closer look at Notifications and Workflow Actions.

Welcome to the second part of our Alert Manager Enterprise blog series!

In our first part, we talked about the new Event Summary view and how to configure alerts. You may have already caught a glimpse of tags in the screenshots. Let's take a deeper look!

This blog post provides the definitive answer to all questions regarding SSL usage in the Splunk Enterprise product suite. The blog describes every possible SSL configuration in the Splunk configurations and helpful tips and tricks. With the release of Splunk 9.0 on June 14, 2022, new configuration options were introduced. The configuration that only applies to Splunk versions after 9.0 are prefixed with an according prefix.

A huge thank you goes to Duane Waddle & George Starcher for their .conf 2015 talk Best Practices for Splunk SSL (TheSSLippery Slope Revisited) that served as a reference book for all things SSL for many years.

In our last blog post, we wrote about our efforts to bring you a brand-new Alert Manager. We named the app "Alert Manager Enterprise," short for AME.

It's still the Alert Manager app that helps you in your everyday business, but "Enterprise" highlights that we are improving everything around the app and its development process to shift it to an enterprise level.

So what's in it? Let's start with the two most important features (we will dive into more features in our upcoming blog posts).

Our last blog post discussed how "Alert Manager" was created and about the unexpected success after the Apptitude contest. Running an open-source project comes with its own distinct set of challenges. One of the most common misconceptions about open-source software is that it is not "free" for everyone. Indeed, the maintainers have to invest much time and commit to the project on top of a full-time job.

Back in November 2014, Splunk announced its first Apptitude App challenge. The concept of a KVStore was just added to Splunk and opened many new possibilities to develop complex Splunk Apps.