Splunking with Sysmon Series Part 1: The Setup

In this multipart tutorial series, you will learn how to set up Sysmon to monitor Windows Endpoints and forward to Splunk. Part 1 shows you how to navigate the initial configuration steps of your Sysmon build.

Read More



Leveraging Windows Event Log Filtering and Design Techniques in Splunk

Leveraging Windows Event Log Filtering and Design Techniques in Splunk

Are you suffering from too much (or too little) Windows event data in your Splunk environment? This post will teach you...

Read More
How to Deploy Splunk SmartStore for Improved Data Storage

How to Deploy Splunk SmartStore for Improved Data Storage

Splunk SmartStore is a fundamental change in how Splunk stores data, allowing the use of an S3 compliant object store to...

Read More
Splunk Certificates: Master Guide

Splunk Certificates: Master Guide

Many of the administrative tasks surrounding Splunk certificates are confusing and lack helpful step-by-step...

Read More
Splunk Universal Forwarder Series: Windows Uninstall Walk-through

Splunk Universal Forwarder Series: Windows Uninstall Walk-through

This series will help you as you’re working with the Splunk Universal Forwarder (UF). There are a variety of reasons you...

Read More
Splunk Universal Forwarder Series: Windows Install Validation

Splunk Universal Forwarder Series: Windows Install Validation

This series will help you as you’re working with the Splunk Universal Forwarder (UF). In this part of the tutorial, Tom...

Read More
Splunk Universal Forwarder Series: Windows Install

Splunk Universal Forwarder Series: Windows Install

This series is designed to help you as you work to deploy and troubleshoot the Splunk Universal Forwarder (UF). In this...

Read More


Close off Canvas Menu