Electric utilities face some of the world's strictest cybersecurity mandates. NERC CIP standards require continuous monitoring, rigorous access controls, fully auditable incident handling, and strict separation of critical assets - all without ever moving sensitive data outside your secure perimeter.

Alert Manager Enterprise (AME) helps grid operators meet these requirements with a structured, auditable alert lifecycle that stays entirely inside their existing Splunk environment.

If you already use Splunk for visibility and alerting, AME turns your current Splunk alerts into compliant workflows - without external tools, data egress, or heavy custom development.

No new consoles. No compliance gaps. Just reliable event management that supports grid protection and simplifies audits.

This release brings targeted improvements for quicker manual workflows, more customizable notifications, expanded vulnerability data sources (including native Microsoft Defender support), enhanced deployment flexibility, and stronger remediation tracking within Vulnerability Intelligence

Data ingestion failures often go unnoticed until it's too late. In this post, we share how a simple detection layer + Alert Manager Enterprise monitors ingestion health.

Splunk .conf23 is here and we are excited to share our latest innovations and updates with the community. This year, we are introducing a brand-new product and announcing significant updates to two of our existing applications.

The biggest Boss of the SOC event in the Alps regions has been held yesterday. A total of 48 teams with 160 participants played at the BOTS event organized by Splunk Switzerland and the Swiss branch of the Splunk User Group (i09).

This blog post provides the definitive answer to all questions regarding SSL usage in the Splunk Enterprise product suite. The blog describes every possible SSL configuration in the Splunk configurations and helpful tips and tricks. With the release of Splunk 9.0 on June 14, 2022, new configuration options were introduced. The configuration that only applies to Splunk versions after 9.0 are prefixed with an according prefix.

A huge thank you goes to Duane Waddle & George Starcher for their .conf 2015 talk Best Practices for Splunk SSL (TheSSLippery Slope Revisited) that served as a reference book for all things SSL for many years.

Splunk's annual user conference is fast approaching, packed with exciting talks, people, and innovation. What better time to announce that Datapunctum will be releasing not one but two new Splunk applications to the market!

Splunk Enterprise™ and Elasticsearch™ are often seen as the two most prominent players in the log analytics space. While Splunk Enterprise is mainly used for time series data, Elasticsearch acts as a database for all kinds of data. Due to this, more often than less, enterprises use both Splunk and Elasticsearch in their technology stack.