Splunk Lantern is a customer success center providing advice from Splunk experts on valuable data insights, key use cases, and tips on managing Splunk more efficiently.
We also host Getting Started Guides for a range of Splunk products, a library of Product Tips, and Data Descriptor articles which help you see everything that’s possible with data sources and data types in Splunk.
Our library is constantly growing, and we’ve got a fresh new batch of articles to share with you! Here’s a full breakdown of everything we’ve published in the past month.
New Data Articles
Splunk Lantern’s Data Type and Data Source link you to all of the relevant apps and add-ons you’ll need to work with, as well as listing out all of the use cases we have for that data descriptor. These articles are great if your deployment is already ingesting a data source and want to see what other use cases you can accomplish with it, or if you’re curious about what you could gain through ingesting a new data source or type of data into your deployment.
This month we’ve launched a new data source article for Syslog and a new in-depth guide that helps you set up a Windows-only computer network to run Splunk Connect for Syslog (SC4S) on a Windows server. Together with another article,s we published a few months ago, Understanding best practices for Splunk Connect for Syslog, these new articles provide you with a solid base of information that helps you implement S4CS smoothly and efficiently.
AWS: Migrating inputs to Data Manager is another new article that shows you how to use Splunk’s Data Manager to improve your existing processes for onboarding AWS data, or help you onboard this data source easily if you’re looking to ingest it into your deployment for the first time. Check it out if this data source is one you’d like to explore further, and don’t forget to take a look at our other AWS data source articles too for more information about the use cases you can achieve.
Getting started with the Splunk App for Ethereum is a new addition to our range of Blockchain articles, with this new guide walking you through how to set up and use the dashboards, macros, and searches in this app.
9.0.1 Updates and Product Learning
One of our most popular new articles this month is our Splunk 9.0.1 FAQ, which covers the most commonly asked questions from Splunk's August 2022 security advisories that can be addressed by upgrading to Splunk Enterprise 9.0.1. While you should also check the Splunk Product Security page for the latest updates, this FAQ covers specific questions that Splunk Enterprise and Splunk Cloud Platform users might have.
Another handy piece of product learning that’s just gone live is Preventing concurrency issues and skipped searches in Enterprise Security. Multiple, simultaneous correlation searches can cause search concurrency issues and skipped searches, so they should be scheduled differently, and this article provides you with a step-by-step guide so you can be sure you’re configuring your searches correctly to prevent this issue.
New Security and Observability Articles
Identifying high-value assets and data sources is a fresh addition to our Use Case Explorer for Security, which is designed to help you identify and implement prescriptive Security use cases that drive incremental business value. This article helps you prepare for attacks that specifically target your organization's high-value assets, preventing disruption to business continuity, reputational, or regulatory risk.
On the Observability side, we’ve published two articles this month that help you work with Content Packs for Splunk IT Service Intelligence or IT Essentials Work. Gaining better visibility into your third-party APM solutions shows you how you can use the Content Pack for Third-party APM to gain insights across legacy APM vendors. Gaining better visibility into Microsoft Exchange explains how you can use the Content Pack for Microsoft Exchange to see everything going on across your Microsoft Exchange environment, so you can find and fix issues quickly.
Finally, Monitoring AWS Fargate deployments powered by Graviton2 processors shows you how you can use Splunk software to track AWS Fargate clusters, SLA resource utilization, identify the root cause for task crashes, and create alerts and respond to them in real-time.
What else?
We’ve launched a new feedback widget on our site! This tab on the left-hand side allows you to tell us how articles are working for you, or where improvement is needed.
The survey is completely anonymous, so you won’t be able to receive a direct response to any comments you leave - however, you can always talk to us directly at Splunk User Groups Slack or Reddit.
Please take the time to leave feedback on our articles so we can make sure our content is effective in helping you succeed with Splunk!
Lastly, if you have been accessing Splunk Lantern articles using the knowledge bots of the Splunk Product Guidance app in the Splunk Cloud Platform, please note that those bots have been removed based on feedback. We apologize if you found those bots helpful, but don't worry - none of the great content has gone away. You can still search for help with SPL and data source onboarding at any time on lantern.splunk.com.
We hope you’ve found this update helpful. Thanks for reading!
— Kaye Chapman, Customer Journey Content Curator for Splunk Lantern
