Data ingestion failures often go unnoticed until it's too late. In this post, we share how a simple detection layer + Alert Manager Enterprise monitors ingestion health.

Splunk .conf23 is here and we are excited to share our latest innovations and updates with the community. This year, we are introducing a brand-new product and announcing significant updates to two of our existing applications.

The biggest Boss of the SOC event in the Alps regions has been held yesterday. A total of 48 teams with 160 participants played at the BOTS event organized by Splunk Switzerland and the Swiss branch of the Splunk User Group (i09).

This blog post provides the definitive answer to all questions regarding SSL usage in the Splunk Enterprise product suite. The blog describes every possible SSL configuration in the Splunk configurations and helpful tips and tricks. With the release of Splunk 9.0 on June 14, 2022, new configuration options were introduced. The configuration that only applies to Splunk versions after 9.0 are prefixed with an according prefix.

A huge thank you goes to Duane Waddle & George Starcher for their .conf 2015 talk Best Practices for Splunk SSL (TheSSLippery Slope Revisited) that served as a reference book for all things SSL for many years.

Splunk's annual user conference is fast approaching, packed with exciting talks, people, and innovation. What better time to announce that Datapunctum will be releasing not one but two new Splunk applications to the market!

Splunk Enterprise™ and Elasticsearch™ are often seen as the two most prominent players in the log analytics space. While Splunk Enterprise is mainly used for time series data, Elasticsearch acts as a database for all kinds of data. Due to this, more often than less, enterprises use both Splunk and Elasticsearch in their technology stack.