SPLUNK PARTNER DAY – 09.04.24
For the 2nd consecutive year, we were thrilled to participate in Splunk’s Zurich offices for the Splunk Partner TechDay. It was an engaging event where we not only delved into a new and exciting Capture The Flag (CTF) game, Splunk’s automation game, but also had the privilege of attending various captivating talks.
- Soar Custom Functions: ChatGPT Integration by Andreas Buis @andreasbuis
- This initial presentation provided an introduction to Splunk SOAR, offering valuable insights into its role within companies and how it aids in reducing the workload of analysts by managing the influx of alerts.
- An MSP Must Have: App Content Manager for Splunk, by Frank Heerlein @frankheerlein
- In this presentation, we were introduced to an innovative method for managing application deployment and verifying their proper installation using an automated solution called the App Content Manager for Splunk.
- Datapunctum: Alert Manager Enterprise by Mika Borner @mikaborner
- A presentation focused on demonstrations, showcasing the Alert Manager for Splunk Enterprise developed by datapunctum. It emphasized essential approaches for enhancing operational efficiency and security through alert management in Splunk Enterprise.
- Data Management: Daten kosteneffektiv nutzen by Alex Pilger @alexpilger
- This presentation offered valuable insights into data management strategies, particularly focusing on data tiering and data access strategies within Splunk Enterprise and Splunk Cloud.
Splunk Automation Game
The Splunk Automation Game was a blast, offering a hands-on way to dive into Splunk SOAR. While Hacknowledge’s Analytics team primarily specializes in Splunk Enterprise, The gamified approach to managing alerts through playbook automation proved both captivating and rewarding, as evidenced by the satisfying ascent of our team’s score every time another alert popped up.
Splunk Automation Game was a fun and immersive way to discover Splunk SOAR solution. Although Hacknowledge Analytics expertise is mostly focused on the Splunk Enterprise product, we quickly got a good grasp of the solution and successfully flagged some points. The gamification of handling alerts through playbook automation was captivating, and seeing the score climb as the alerts pop up very satisfying.
Our Siem Savants team secured a commendable 7th place out of 16 teams. We eagerly anticipate the next Automation Game, aiming to return to our Morges headquarters with a well-deserved medal!
Misc
After demonstrating our SOAR skills at the automation game, we couldn’t resist revving up our drive expertise in the virtual world of gaming. It turns out, our Analytic’s expertise extends beyond Splunk Enterprise, to dominating the digital racetrack!
Hacknowledge Analytics
Are you concerned about the security of your business? Look no further than the Analytics team at Hacknowledge. Our team provides comprehensive guidance from log policy and management to threat detection and response.
All our team members are part of Hacknowledge’s SOC team, meaning they have firsthand experience handling alerts and writing detections. Our focus on excellence and customer-oriented service is reflected in all our senior engineers being Splunk Core Certified Consultants.
While we have a strong focus on Splunk technology, we remain vendor-neutral and provide unbiased advice to our customers, regardless of their existing technology. Trust us to provide the expertise and support you need to keep your business secure.