Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Evento anual Splunk .conf24 Highlights recap

Rafael Santos
Rafael Santos

Encontro anual da comunidade Splunk, onde discutimos todas as novidades apresentadas na conferência anual da Spunk, a .conf24 realizada em junho deste ano em Las Vegas. Neste vídeo, trago os pontos chave do encontro, como: - AI Assistant para uso junto com a SPL - SPL2 para uso em Data Pipelines - Ingest Processor - Enterprise Security 8.0 (Maior atualização deste seu release) - Federated Analytics - Integração com Cisco XDR e Cisto Talos - E muito mais. Deixo ainda, alguns links com relatórios e conteúdo interessantes que podem ajudar no esclarecimento dos produtos e funções. https://www.splunk.com/en_us/campaigns/the-hidden-costs-of-downtime.html https://www.splunk.com/en_us/pdfs/gated/ebooks/building-a-leading-observability-practice.pdf https://www.splunk.com/en_us/pdfs/gated/ebooks/building-a-modern-security-program.pdf Nosso grupo oficial da Splunk: https://usergroups.splunk.com/sao-paulo-splunk-user-group/

Related slideshows

Splunk Cloud
Splunk CloudSplunk Cloud
Splunk Cloud
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
 
How Autodesk Leverages Splunk as an Assurance Platform on AWS
How Autodesk Leverages Splunk as an Assurance Platform on AWSHow Autodesk Leverages Splunk as an Assurance Platform on AWS
How Autodesk Leverages Splunk as an Assurance Platform on AWS
 
1 of 35
Download to read offline
© 2024 SPLUNK INC. .conf24 Highlights Splunk User Group São Paulo Julho/2024
© 2023 SPLUNK INC. Presenters Splunk Solution Engineers Intro + Platform André Ribeiro Security Victor Calvo Observability Carlos Coqueiro
© 2023 SPLUNK INC. RECAP .conf23 Platform Enterprise 9.1 and Splunk Cloud Platform ● Splunk Cloud Platform on Azure ● Cross-region Disaster Recovery ● Edge Processor ● Fed Search on Amazon S3 (p) ● Ingest Actions ● Dashboard Studio ● Admin Config Service ● Cloud Monitoring Console ● Splunk Mobile Splunk Edge Hub Cloud Monitoring Console Update Data Manager Observability Unified Identity Open Telemetry Collector Splunk Observability Cloud ● RUM Session Replay ● Infrastructure Monitoring Kubernetes ● Navigator 2.0 ● APM Service Centric Views OpenTelemetry Zero Configuration Security Splunk Attack Analyzer Mission Control (Cloud) Splunk SOAR ● Logic Loops ● Playbook Triggers ● Copy and Paste in Notes Splunk Enterprise Security ● Multiple Drill-Down Searches in Correlations ● Timeline in Incident Review ● Auto Refresh for Incident Review Splunk® Security for SAP® Splunk Add-On for AWS v.7 with support for Amazon Security Lake and AWS AppFabric Access to More Data Sources Splunk to Splunk Federated Search Log Observer Connect Splunk AI ML-Powered Detections Model-Assisted Threat Hunting ML-powered analytics Outlier Exclusion for Adaptive Thresholding ML-Assisted Thresholding Splunk AI Assistant Machine Learning Toolkit 5.4 Splunk App for Anomaly Detection Splunk App for Data Science and Deep Learning 5.1
Evento anual Splunk .conf24 Highlights recap
© 2024 SPLUNK INC. digital resilience is the foundation for success.
© 2024 SPLUNK INC. Splunk launches new research that shows digital resilience is a Up to 9% drop in stock price drop after a single downtime event. 95% of organizations report slower innovation velocity due to downtime.
© 2024 SPLUNK INC. Splunk across your entire digital footprint.
© 2024 SPLUNK INC. The Unified Security and Observability Platform
© 2024 SPLUNK INC. Accelerated by AI Delivering the next wave of digital resilience Revolutionize data access and management Power the SOC of the future Observability for the entire enterprise
© 2024 SPLUNK INC. ANNOUNCEMENTS FROM .CONF24
© 2024 SPLUNK INC. data platform Federation | Data re-use | Filtering, redacting, routing
© 2024 SPLUNK INC. Unblock cloud adoption. Save money with Azure credits. Get data in faster. Microsoft Azure ITSI Splunk ES Splunk Cloud Private Preview Splunk available natively on Azure
© 2024 SPLUNK INC. Splunk Unified Data Ingestion Ingest data once and send to any Splunk security or observability solution, as well as AppDynamics and ThousandEyes. Extend visibility across the digital footprint.
© 2024 SPLUNK INC. Data Management Experience Vision Filter Normalize Mask Enrich Agent Management Aggregate Public Cloud Private Cloud On Premise Unified data configuration, processing, and management Data Lake Splunk Cloud Splunk Enterprise Data Management Experience (DMX) End to End Monitoring UF, HEC, OTel Metrics Logs Routing Traces Events Splunk O11y Cloud Amazon S3
© 2024 SPLUNK INC. Private Preview Ingest Processor End-to-end data management Gain unprecedented visibility into the quality, performance, and volumes of data. Filter, enrich, route, and transform your data. Private Preview
© 2024 SPLUNK INC. Logs Ingestion + Metricization on Splunk Cloud Splunk Cloud Mask PII Route Filter Noise Splunk Observability Cloud Splunk Ingest processor Convert Logs to Metrics Splunk Cloud Index Ingest logs data and generate metrics to power real-time dashboards and alerts HEC S2S Ingest Layer I n P r e v i e w +other sources AWS S3
© 2024 SPLUNK INC. Splunk GDI Data Processing Capabilities Managed Platform (CMP) Edge Processor Ingest Actions Splunk® Ingest Processor Customer Infrastructure (edge node) + Splunk® Cloud Platform Managed Control Plane Fully Splunk Cloud Platform hosted and managed Optimizing in existing infrastructure Author and deploy pipelines across multiple location within customer infrastructure Optimizing data in a fully SaaS solution Use Case : Data Filtering, Masking and Routing Cloud ` Cloud What matters to you?
© 2024 SPLUNK INC. Using SPL2 for Data Pipelines $pipeline = | from $source | <processing command> | into $destination;
© 2024 SPLUNK INC. General Availability Get your job done faster using natural language. Drill down to deeper insights. Accelerate your learning journey. AI Assistant for SPL Increased efficiency for users
© 2024 SPLUNK INC. UX and control Workload Dashboard & Overview Dashboard Public Preview Early Access General Availability Cross-Region Disaster Recovery Splunk Cloud Platform on Azure Gold Standard TAs Private Preview
© 2024 SPLUNK INC. The SOC 99% faster incident detection, investigation & response potential reduction in alert volumes 90% faster response time with orchestration & automation 5x
© 2024 SPLUNK INC. Splunk SOAR 6.3 User-response-driven Automation Deliver real-time secure prompts to users and teams beyond the SOC. Choose from 300+ SOAR integrations. Take immediate response actions. General Availability
© 2024 SPLUNK INC. General Availability Accelerate investigation with more accurate asset context. Identify compliance gaps in security controls. Splunk Asset and Risk Intelligence Early Access Comprehensive asset visibility to reduce risk exposure
© 2024 SPLUNK INC. Federated Analytics Investigate data across destinations. Manage and analyze data in Amazon Security Lake Implement cost-effective data tiering. Private Preview Amazon Security Lake Integration
© 2024 SPLUNK INC. AI Assistant in Enterprise Security Guided Enterprise Security workflows Answer analyst questions to guide daily workflows. Save time while addressing threats more rapidly. Use natural language queries to get answers during investigations. Coming Soon AI Assistant in Enterprise Security is currently unavailable. UI shown is for illustration; not final product.
© 2024 SPLUNK INC. The Market-Leading SIEM ES 8.0 currently available by private preview only. UI shown is for illustration; not final product. Improved case management capabilities. Native Splunk® SOAR integration. Enhanced detection engineering capabilities. Simplified terminology for security analytics. Enterprise Security 8.0 Coming Soon
© 2024 SPLUNK INC. Accelerates investigations and response Integrations to power the SOC of the future Splunk Enterprise Security + Cisco XDR Enhances defense against threats Splunk + Cisco Talos
© 2024 SPLUNK INC. Build a leading 97% reduction in alert noise faster application development, increasing developer productivity 96% reduction in mean time to resolve (MTTR) 83%
© 2024 SPLUNK INC. General Availability Related content in Splunk Cloud Streamline root-cause analysis. Access apps and infrastructure quickly. Visualize IM and APM data within Splunk Cloud. Unified view of content
© 2024 SPLUNK INC. APM Service- centric Views Accelerate troubleshooting with complete view of services. Access centralized data dashboard. Save time with easier data correlation. Deeper insights to service performance General Availability
© 2024 SPLUNK INC. Faster and guided workflows Lower MTTD and MTTR Flatten the learning curve AI Assistant in Observability Cloud Find and fix issues faster using natural language. Private Preview
© 2024 SPLUNK INC. Archived Metrics Control over data and cost Redirect metrics data to low-cost storage. Optimize MTS management. Scale observability practice with confidence. General Availability
© 2024 SPLUNK INC. Fast, in-context troubleshooting AppDynamics + Splunk Platform Common look and feel AppDynamics + Observability Cloud End-to-end visibility of IT health AppDynamics + ITSI Integrations to deliver observability for the entire enterprise
© 2024 SPLUNK INC. Bring on the future. Next steps ● Check out new content ‒ Cost of Downtime report ‒ Path to Resilience: Building a Leading Observability Practice ‒ Path to Resilience: Building a Modern Security Program ● Schedule a demo ● Attend .conf Go in your region ● Watch session replays
© 2024 SPLUNK INC. WhatsApp User Group SP

More Related Content

Evento anual Splunk .conf24 Highlights recap

  • 1. © 2024 SPLUNK INC. .conf24 Highlights Splunk User Group São Paulo Julho/2024
  • 2. © 2023 SPLUNK INC. Presenters Splunk Solution Engineers Intro + Platform André Ribeiro Security Victor Calvo Observability Carlos Coqueiro
  • 3. © 2023 SPLUNK INC. RECAP .conf23 Platform Enterprise 9.1 and Splunk Cloud Platform ● Splunk Cloud Platform on Azure ● Cross-region Disaster Recovery ● Edge Processor ● Fed Search on Amazon S3 (p) ● Ingest Actions ● Dashboard Studio ● Admin Config Service ● Cloud Monitoring Console ● Splunk Mobile Splunk Edge Hub Cloud Monitoring Console Update Data Manager Observability Unified Identity Open Telemetry Collector Splunk Observability Cloud ● RUM Session Replay ● Infrastructure Monitoring Kubernetes ● Navigator 2.0 ● APM Service Centric Views OpenTelemetry Zero Configuration Security Splunk Attack Analyzer Mission Control (Cloud) Splunk SOAR ● Logic Loops ● Playbook Triggers ● Copy and Paste in Notes Splunk Enterprise Security ● Multiple Drill-Down Searches in Correlations ● Timeline in Incident Review ● Auto Refresh for Incident Review Splunk® Security for SAP® Splunk Add-On for AWS v.7 with support for Amazon Security Lake and AWS AppFabric Access to More Data Sources Splunk to Splunk Federated Search Log Observer Connect Splunk AI ML-Powered Detections Model-Assisted Threat Hunting ML-powered analytics Outlier Exclusion for Adaptive Thresholding ML-Assisted Thresholding Splunk AI Assistant Machine Learning Toolkit 5.4 Splunk App for Anomaly Detection Splunk App for Data Science and Deep Learning 5.1
  • 5. © 2024 SPLUNK INC. digital resilience is the foundation for success.
  • 6. © 2024 SPLUNK INC. Splunk launches new research that shows digital resilience is a Up to 9% drop in stock price drop after a single downtime event. 95% of organizations report slower innovation velocity due to downtime.
  • 7. © 2024 SPLUNK INC. Splunk across your entire digital footprint.
  • 8. © 2024 SPLUNK INC. The Unified Security and Observability Platform
  • 9. © 2024 SPLUNK INC. Accelerated by AI Delivering the next wave of digital resilience Revolutionize data access and management Power the SOC of the future Observability for the entire enterprise
  • 10. © 2024 SPLUNK INC. ANNOUNCEMENTS FROM .CONF24
  • 11. © 2024 SPLUNK INC. data platform Federation | Data re-use | Filtering, redacting, routing
  • 12. © 2024 SPLUNK INC. Unblock cloud adoption. Save money with Azure credits. Get data in faster. Microsoft Azure ITSI Splunk ES Splunk Cloud Private Preview Splunk available natively on Azure
  • 13. © 2024 SPLUNK INC. Splunk Unified Data Ingestion Ingest data once and send to any Splunk security or observability solution, as well as AppDynamics and ThousandEyes. Extend visibility across the digital footprint.
  • 14. © 2024 SPLUNK INC. Data Management Experience Vision Filter Normalize Mask Enrich Agent Management Aggregate Public Cloud Private Cloud On Premise Unified data configuration, processing, and management Data Lake Splunk Cloud Splunk Enterprise Data Management Experience (DMX) End to End Monitoring UF, HEC, OTel Metrics Logs Routing Traces Events Splunk O11y Cloud Amazon S3
  • 15. © 2024 SPLUNK INC. Private Preview Ingest Processor End-to-end data management Gain unprecedented visibility into the quality, performance, and volumes of data. Filter, enrich, route, and transform your data. Private Preview
  • 16. © 2024 SPLUNK INC. Logs Ingestion + Metricization on Splunk Cloud Splunk Cloud Mask PII Route Filter Noise Splunk Observability Cloud Splunk Ingest processor Convert Logs to Metrics Splunk Cloud Index Ingest logs data and generate metrics to power real-time dashboards and alerts HEC S2S Ingest Layer I n P r e v i e w +other sources AWS S3
  • 17. © 2024 SPLUNK INC. Splunk GDI Data Processing Capabilities Managed Platform (CMP) Edge Processor Ingest Actions Splunk® Ingest Processor Customer Infrastructure (edge node) + Splunk® Cloud Platform Managed Control Plane Fully Splunk Cloud Platform hosted and managed Optimizing in existing infrastructure Author and deploy pipelines across multiple location within customer infrastructure Optimizing data in a fully SaaS solution Use Case : Data Filtering, Masking and Routing Cloud ` Cloud What matters to you?
  • 18. © 2024 SPLUNK INC. Using SPL2 for Data Pipelines $pipeline = | from $source | <processing command> | into $destination;
  • 19. © 2024 SPLUNK INC. General Availability Get your job done faster using natural language. Drill down to deeper insights. Accelerate your learning journey. AI Assistant for SPL Increased efficiency for users
  • 20. © 2024 SPLUNK INC. UX and control Workload Dashboard & Overview Dashboard Public Preview Early Access General Availability Cross-Region Disaster Recovery Splunk Cloud Platform on Azure Gold Standard TAs Private Preview
  • 21. © 2024 SPLUNK INC. The SOC 99% faster incident detection, investigation & response potential reduction in alert volumes 90% faster response time with orchestration & automation 5x
  • 22. © 2024 SPLUNK INC. Splunk SOAR 6.3 User-response-driven Automation Deliver real-time secure prompts to users and teams beyond the SOC. Choose from 300+ SOAR integrations. Take immediate response actions. General Availability
  • 23. © 2024 SPLUNK INC. General Availability Accelerate investigation with more accurate asset context. Identify compliance gaps in security controls. Splunk Asset and Risk Intelligence Early Access Comprehensive asset visibility to reduce risk exposure
  • 24. © 2024 SPLUNK INC. Federated Analytics Investigate data across destinations. Manage and analyze data in Amazon Security Lake Implement cost-effective data tiering. Private Preview Amazon Security Lake Integration
  • 25. © 2024 SPLUNK INC. AI Assistant in Enterprise Security Guided Enterprise Security workflows Answer analyst questions to guide daily workflows. Save time while addressing threats more rapidly. Use natural language queries to get answers during investigations. Coming Soon AI Assistant in Enterprise Security is currently unavailable. UI shown is for illustration; not final product.
  • 26. © 2024 SPLUNK INC. The Market-Leading SIEM ES 8.0 currently available by private preview only. UI shown is for illustration; not final product. Improved case management capabilities. Native Splunk® SOAR integration. Enhanced detection engineering capabilities. Simplified terminology for security analytics. Enterprise Security 8.0 Coming Soon
  • 27. © 2024 SPLUNK INC. Accelerates investigations and response Integrations to power the SOC of the future Splunk Enterprise Security + Cisco XDR Enhances defense against threats Splunk + Cisco Talos
  • 28. © 2024 SPLUNK INC. Build a leading 97% reduction in alert noise faster application development, increasing developer productivity 96% reduction in mean time to resolve (MTTR) 83%
  • 29. © 2024 SPLUNK INC. General Availability Related content in Splunk Cloud Streamline root-cause analysis. Access apps and infrastructure quickly. Visualize IM and APM data within Splunk Cloud. Unified view of content
  • 30. © 2024 SPLUNK INC. APM Service- centric Views Accelerate troubleshooting with complete view of services. Access centralized data dashboard. Save time with easier data correlation. Deeper insights to service performance General Availability
  • 31. © 2024 SPLUNK INC. Faster and guided workflows Lower MTTD and MTTR Flatten the learning curve AI Assistant in Observability Cloud Find and fix issues faster using natural language. Private Preview
  • 32. © 2024 SPLUNK INC. Archived Metrics Control over data and cost Redirect metrics data to low-cost storage. Optimize MTS management. Scale observability practice with confidence. General Availability
  • 33. © 2024 SPLUNK INC. Fast, in-context troubleshooting AppDynamics + Splunk Platform Common look and feel AppDynamics + Observability Cloud End-to-end visibility of IT health AppDynamics + ITSI Integrations to deliver observability for the entire enterprise
  • 34. © 2024 SPLUNK INC. Bring on the future. Next steps ● Check out new content ‒ Cost of Downtime report ‒ Path to Resilience: Building a Leading Observability Practice ‒ Path to Resilience: Building a Modern Security Program ● Schedule a demo ● Attend .conf Go in your region ● Watch session replays
  • 35. © 2024 SPLUNK INC. WhatsApp User Group SP