Tag: Splunk Cloud

Learn how to close the detection-to-response gap in your security operations by integrating Amazon Security Lake, Splunk Enterprise Security, and Recorded Future Autonomous Threat Operations into a unified SOC architecture that centralizes dispersed security data, automates event correlation, and accelerates threat mitigation through intelligence-driven response. This post walks through a phased implementation approach that transforms your security posture from reactive alert triage to proactive threat hunting.

Data transfer cost is a key component to consider when selecting your strategy to get data into Splunk Cloud on AWS. Customers using Splunk Cloud on AWS for their security, operational, and observability use cases may manage large volumes of data. Having a thorough understanding of AWS data transfer charges can help them optimize their architectures and costs. This post discusses the data transfer costs for five of the most common Splunk use cases.

Splunk recently announced the availability of Armv8 64-bit architecture support for the Splunk Universal Forwarder. This allows AWS Graviton2 customers with Linux workloads to collect and forward machine data to their Splunk environment. Follow a step-by-step guide to set up a Universal Forwarder on a Graviton2 instance running Linux, and learn how to configure the instance and the Universal Forwarder to forward data to Splunk Cloud.

Customers are always looking for new ways to improve operational efficiency and the security posture of applications running in their virtual private clouds (VPCs). Amazon Route 53 recently launched a Resolver Query Logs capability which lets customers log the DNS queries originating in their Amazon VPC. Follow along with our step-by-step instructions for logging VPC DNS queries in Amazon Route 53, ingesting them into Splunk, and then analyzing them with Splunk.