This article deals with querying Splunk from within Phantom to enable automation of security use-cases. Often it is required to act upon data within Splunk, or to augment case details in Phantom by querying Splunk for additional information.
Nmon Performance for Splunk VERSUS Splunk app for unix and TA-unix
As a fellow Splunker since many years now, I had the chance to develop and maintain the Nmon Performance application for Splunk, with the goal to get the best features and user experience to provide a strong and complete monitoring solution for your Unix and Linux servers. In this article, I will compare (as much […]
Monitoring system load average with Nmon Performance
For my own development purposes, I am using a great Linux VPS server from vpsdime.com, their offer is great and cheap, 4 vCPUS, 6GB of memory and 30 GB of disk for 7$ per month, nice. Cool isn’it ? But… there is a “but”, yesterday I received this kind of message: Excessive load on your virtual […]
WINDOWS PERFORMANCE MONITORING TIPS WITH SPLUNK
At Octamis we love Splunk, and we love to share our knowledge and experience, so let’s study some tips on Windows monitoring with Splunk ! PREPARING YOUR SPLUNK Let’s proceed in the order, we want first to get Splunk ready to receive Windows performance data. This is quite simple and relies on deploying the Windows technical add-on […]