Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data insights, key use cases, and tips on managing Splunk more efficiently.
We also host Getting Started Guides for a range of Splunk products, a library of Product Tips, and Data Descriptor articles that help you see everything that’s possible with data sources and data types in Splunk.
This month we’re excited to announce that the Use Case Explorer for the Splunk Platform has arrived! This new tool is designed to inspire as you develop new use cases using either Splunk Enterprise or Splunk Cloud Platform. We’ve also published a ton of new content covering a huge range of products, use cases, and industries! If you want to jump straight to our new articles, scroll to the bottom to read more.
Whether you're a seasoned Splunk user or just getting started, the Use Case Explorer for the Splunk Platform is a great tool to help you implement new use cases using either Splunk Enterprise or Splunk Cloud Platform.
It contains use cases that have been developed for five key industries - Financial Services, Healthcare, Retail, Technology Communications and Media, and Public Sector. Each of these industries operates in unique environments, with distinct challenges, so our use cases are carefully-tailored to fit these needs. Financial services, for example, holds a number of use cases to help customers detect fraud via ATMs, credit cards, and wire transfers. Healthcare contains guidance on maintaining HIPAA compliance. Or if you're looking to get inspired by a public sector use case, check out how NASA's ISS uses the Splunk platform to monitor metrics in its unique physical spaces.
But wait, there's more! The Use Case Explorer also contains a plethora of use cases designed to help you achieve your Security and IT Modernization goals - even if you're not using Splunk's premium Security and Observability products. (If you are using these products, you can check out the guidance for them within the Use Case Explorer for Security and Use Case Explorer for Observability.)
Like every use case in Lantern, every article comes with actionable, step-by-step guidance that you can follow to implement new use cases right away in your own environment.
Head on over to the Use Case Explorer for the Splunk Platform now and see for yourself. Happy exploring!
Team Lantern, along with experts from all across Splunk, have been working their tails off this month to publish a heap of new articles for you to explore. We're talking use cases galore and a huge range of tips that will make your head spin (in a good way, we promise!) Here are a few to start with:
Our Use Case Explorer for Security has undergone a number of new updates, with new Adoption Maturity guides to help you prepare for, implement, and measure a number of critical security outcomes. See the new guides here:
- Threat intelligence
- Risk-based alerting
- Automation and orchestration
- Cyber frameworks
If you’re interested in learning about using MITRE ATT&CK with Splunk Enterprise Security, check out another new Use Case Explorer for Security article on . It contains SPL queries you can run to assess your coverage, and step-by-steps you can follow to quickly expand it.
We’ve also made a few updates to the Use Case Explorer for Observability. Identifying DNS reliability and latency issues and Monitoring availability and performance in non-public applications are two new articles that help Splunk Infrastructure Monitoring users investigating Kubernetes network issues, and Splunk Synthetic Monitoring users who want to improve digital experience.
We’re excited to have launched a new Getting Started Guide: Getting Started Guide for Log Observer Connect. Log Observer Connect is an integration that allows logs on Splunk Enterprise or Splunk Cloud Platform to be queried and associated with Related Content in Splunk Observability Cloud. This guide shows you how to get it set up, from ingesting logs to verifying success.
Finally, Lantern is a home for FAQs relating to Splunk Enterprise upgrades, and we’ve released a Splunk 9.0.4 FAQ that addresses all the main questions you’ll have about updating to this version.
Those are just a few highlights of what’s been published on Lantern this month. Here’s everything else that we haven’t mentioned yet:
- Building a data-driven law enforcement strategy
- Identifying DNS reliability and latency issues
- Detecting malicious activities with Sigma rules
- Setting data retention rules in Splunk Cloud Platform
- Securing infrastructure-as-code with Zscaler Posture Control
- Data source: JupiterOne
- Optimizing and automating SecOps with JupiterOne
- Leveraging critical vulnerability insights for effective incident response
- Setting up deployment server apps for the enterprise environment
We hope you’ve found this update helpful. Thanks for reading!
Kaye Chapman, Customer Journey Content Curator for Splunk Lantern