All times are in Pacific Daylight Time (UTC-0700).

  • Track: Main Channel: Friday 10/09 @ 1500-1555 PDT
  • Slides

So you’ve put a giant pile of data into Splunk… how do you get started digging into it, cleaning it up, making it useful and manageable so that you can derive value from it?

This is a simple methodology for getting started with a new unfamiliar data set that will help you figure out what’s useful so that you can start developing alerts, reports, dashboards etc.

If you want to play along at home, download and boot the VM (well) ahead of time: 30G available disk space required; configurable RAM/CPU

Mary is a member of the Splunk Trust, an elite brain trust of about 60 of the most experienced Splunk users around the globe who give back to the Splunk community. She has worked in the threat detection and response space for various industry leaders in gaming, media, and entertainment...

Read More

twitter @cyphoid_mary

© 2021 ShellCon