Splunk [Enterprise] 2019 .conf Videos w/ Slides

Many Fortune 500 companies use Pivotal Cloud Foundry to push its high-quality code into production faster. While this helps companies enforce enterprise logging and application development standards, the traditional monitoring tools used to monitor development environments become the bottleneck because they are not architected to handle a firehose-nozzle connection. Learn how to use the new Splunk ITSI module for PCF, along with the new version of Splunk Firehose Nozzle for PCF to gain operational insight into PCF platform and increase developer satisfaction. Speaker(s) Kirk Kirk, ITOA Architect , Splunk Shubham Jain, Software Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/IT1388.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud, Splunk IT Service Intelligence Track: IT Operations Level: Beginner

Splunk Enterprise is powerful. Don't cheat yourself of its power. When making decisions as to how to expand or standup Splunk’s footprint, you need to know what matters when making platform decisions. Considering compute, storage, virtualization, cloud infrastructure is a lot. There isn’t one place to review all the options you have. We will share the Splunk way to think of performance and how it relates to the underlying system resources. This means getting into the real nuts and bolts of performance. If you want to know how search affects indexing and what resources get consumed, this is the session to attend. If you also want to know how it affects what you purchase as a platform choice, this also is the session to attend. We also will review how partners have built architectures to simplify this process. Speaker(s) Brian Wooden, Director, Sales Engineering GSA, Splunk Simeon Yep, AVP, Sales Engineering Global Partners, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1350.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security, Splunk IT Service Intelligence Track: Foundations/Platform Level: Intermediate

Stressed about Python 2.7 end-of-life? Terrified about how your Splunk deployment or apps will be impacted? Don’t be...we got you covered. It’s out with the old and in with the new, because Splunk is migrating to Python 3.7. As part of this migration, Splunk is also removing a handful of deprecated features. What’s the best way to learn if and what is changing for your Splunk? This session! Learn how to identify what’s impacted in your deployment or app and let us share our Python migration best practices. Soon, you too will be able to take advantage of the benefits of Python 3. Speaker(s) Aditya Tammana, Product Manager, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1172.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud Track: Foundations/Platform Level: Good for all skill levels

Be the Hero by bringing in your organization’s most important system into the world of Splunk! Join the team from RHONDOS as they show off real world use cases of how clients have leveraged SAP PowerConnect for Splunk to create a paradigm shift when it comes to monitoring SAP. Learn how to gain real-time visibility into system performance, monitor mission critical data flows and improve the security posture of your organization’s SAP environments. Speaker(s) Brant Hubbard, CEO, RHONDOS Slides PDF link - https://conf.splunk.com/files/2019/slides/ITS2726.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud Track: IT Operations Level: Good for all skill levels

Whether you have just SSE or all of Splunk's Premium Products, you can benefit from the ton of Security Content that Splunk produces. We'll start this session by setting a quick baseline on all of the fantastic detections that Security Essentials has had in the past, and then jump into the new prescriptive guides, MITRE ATT&CK™ integration, Auto-Dashboard-Magic, and all the related functionality that will help you plan your usage of any/all of Splunk's security products. We'll present all this information through the lens of helping you get the best possible detections deployed with the least amount of effort. Speaker(s) David Veuve, Principal Security Strategist, Splunk Johan Bjerke, Principal Sales Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2013.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security, Splunk User Behavior Analytics Track: Security, Compliance and Fraud Level: Good for all skill levels

If you’re not investing in new technology, you are going to be left behind! One of the key challenges within any state government agency is ensuring system and application performance, SLA enforcement, secure operations, and adhering to strict federal and state compliance mandates, all while operating with limited budgets and staff. With help from Splunk, Health and Human Services (HHS) agencies manage systems that issue public benefits to citizens, maintain child welfare, enforce child support, and monitor public health. Come to this session to learn how to leverage Splunk to help you understand the "complete picture" of your systems and business processes to help your team move toward proactive management and increase customer satisfaction within your governmental applications. Create something useful from millions and billons of lines of log data to improve your application! Speaker(s) Josh Scheurer, System Architect, State of Michigan Amy Hundley, Deputy Director for Field Operations Administration, State of Michigan - DHHS’, State of Michigan Sanjay Srivastava, Division Director (Eligibility) , Department of Technology Management and Budget, State of Michigan Slides PDF link - https://conf.splunk.com/files/2019/slides/IT2202.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk IT Service Intelligence, Splunk Mobile Track: IT Operations Level: Good for all skill levels

DATEV provides information services to ~2.5 million payrolling, accounting, and tax clients. Given the sensitivity of the personal and financial data that our clients process, DATAEV decided to establish a SOC to secure our clients' information, and we put Splunk at the core of its operations. In this session we will discuss four key elements relevant to building a successful SOC with Splunk. We'll first discuss how we formed our SOC and orchestrated its activities internally. We'll then discuss how we use MITRE's ATT&CK™ framework to prioritize activities, how we spread our SOC's security knowledge to all relevant groups at DATEV, and how we use Splunk to create real-time situational awareness for different SOC customers, for stakeholders, and for management. Speaker(s) Sebastian Schmerl, Head of Cyber Defense, Computacenter Christian Heger, SOC Architect / Technical Head of SOC & Analyst, DATEV eG Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1411.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Business Flow Track: Security, Compliance and Fraud Level: Good for all skill levels

Winston Churchill once said, “Success is not final, failure is not fatal: it is the courage to continue that counts." Then again, Churchill wasn’t in cybersecurity...While our successes are certainly never final, our failures can absolutely be fatal—to a company and our continued employment. What's a good way to actually measure success and failure, though, outside of not appearing on the front page of the paper? Well, as CrowdStrike notes, you have on average one minute to detect an attack in progress, ten minutes to understand it, and sixty minutes to contain it. We will show how to use this 1-10-60 Rule as a measuring metric and leverage the data and capabilities within Splunk and its ecosystem to ensure that we win the survival of the fastest. Speaker(s) Wissam Ali-Ahmad, Lead Solutions Architect, Splunk Tim Sullivan, Global Senior Strategic Solutions Architect, CrowdStrike Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1573.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security, Phantom Track: Security, Compliance and Fraud Level: Intermediate

Are you frustrated with the task of configuring syslog servers yourself to properly ingest data into Splunk? Take control of the syslog beast once and for all and point your "514" traffic to the new Splunk Connect for Syslog! This new Splunk-supported connector makes quick work of past struggles with syslog servers, sourcetyping, data enrichment, and scale. In this session we will dive into the configuration of the Splunk Connect for Syslog to properly filter, sourcetype, and format your data. We will demonstrate several out-of-the-box examples, highlighting new functionality such as HEC and Kafka transport for resiliency and scale, simple extensions for new device types, and data enrichment that extends far beyond simple sourcetyping of the raw message. Lastly, we will look forward to the integration of syslog with Splunk's new Data Stream Processor, and highlight appropriate use cases for each solution. By the time we wrap up, you will know how to tame the syslog beast! Speaker(s) Ryan Faircloth, Security Product Manager, Splunk Mark Bonsack, Staff Sales Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1651.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud, Splunk Data Fabric Search and Data Stream Processor Track: Foundations/Platform Level: Good for all skill levels

Are you drowning in a sea of data that expands daily? Overwhelmed by 1000s of events and alarms? Tasked with tracking a dynamic, ever-morphing infrastructure? Expected to resolve requests, incidents, and performance issues in seconds, not days… without adding any more headcount to your team? You’re not alone.Enter Automation, AIOps, and machine learning (ML). It’s finally IT’s turn to harness these powerful technologies to improve operational efficiency, reduce MTTR, eliminate alarm noise, streamline service requests, increase performance without lifting a finger, and tame the beast of IT complexity. Join our session as we explore practical applications for these technologies today and in the future to transform the way you approach IT operations. Get real world examples from other IT professionals and see how you can maximize your investments in Splunk, ITSM, monitoring tools, and more by bringing AI, ML, and automation to the mix.​ Speaker(s) Rob Kelsall, VP, Global Sales Engineering, Resolve Systems Slides PDF link - https://conf.splunk.com/files/2019/slides/ITS2752.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk IT Service Intelligence, Splunk Machine Learning Toolkit Track: IT Operations Level: Good for all skill levels

If we hear a nearby gunshot, we instinctively react. A mechanic often knows their machine's sound so well that they can diagnose issues by sound alone. While machines can be given analytical capabilities with machine learning (ML), sensing human inputs - like auditory or other sensory data - in a form that machines can understand is challenging. In Splunk, we have been all about making machine data accessible to humans, but what if we flip that and make human data accessible to machines? I take audio captured from live and recorded sources and using Fast Fourier transform feed it into Splunk's Machine Learning Toolkit (MLTK) for classification and anomaly detection. Can we use Splunk to detect gunshots? Can we learn a machine’s normal sounds to detect pending failures? This presentation uses Splunk to apply superhuman ML detection and learning capabilities to human data to show that the MLTK contains accessible tools you can apply to your IT and security problems. Speaker(s) Joshua Marsh, Senior Sales Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/IoT1560.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Machine Learning Toolkit, AI/ML Track: Internet of Things Level: Good for all skill levels

Nick Hayes, VP of Strategy at IntSights, will take you on a tour of the dark web and explain how CISOs can successfully implement a dark web intelligence strategy to neutralize threats outside the wire and at the earliest stages of the cyber kill chain. Now equipped with IntSights External Threat Intelligence, learn how you can take advantage of it through seamless integrations with your Splunk SIEM and Phantom toolsets. Enrich your threat data with internal network security observables, expedite incident reviews and prioritization, and automate your threat prevention and response with SOAR and integrated playbooks. Speaker(s) Nick Hayes, IntSights Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2887.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security, Phantom Track: Security, Compliance and Fraud Level: Good for all skill levels

Aflac measures risk to provide financial protection to more than 50 million people worldwide. Join this session to learn how Aflac mitigates fraud by using Splunk's Machine Learning Toolkit (MLTK) to find outliers and cluster events. Using Splunk and the MLTK reduced the time needed to conduct necessary analyses (e.g. link analysis) from weeks and months to just minutes—we will share with you how we use Splunk's MLTK to iterate quickly, develop new anomaly detection techniques, and improve our overall fraud mitigation perfomance. Speaker(s) Matthew Harper, Director, Cyber Crime Prevention, Aflac Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1904.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Machine Learning Toolkit, AI/ML Track: Security, Compliance and Fraud Level: Advanced

Splunk .conf is our favorite event every year and we wanted to extend the excitement while getting even more Splunky. So we grabbed an RV, set up some sensors, built an edge computing environment, and packed up the Big Data Beard recording equipment for a road-trip across the country for the week leading up to .conf, traveling from New York City to Las Vegas. We stopped along the way to hear awesome stories from fellow Splunk users, sharing them online via live chats and podcasts. With the power of Splunk, we captured data, discovered trends, predicted failures, and discovered more exciting ways to use Splunk to drive value from machine-generated data across the country. Hear the full story of how three engineers had the most interesting trip to .conf2019 of all! Speaker(s) Brett Roberts, Senior Systems Engineer, Dell Kyle Prins, Senior Systems Engineer , Dell Slides PDF link - https://conf.splunk.com/files/2019/slides/IoT2066.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk for Industrial IoT, VictorOps Track: Internet of Things Level: Good for all skill levels

So you saw the new Splunk Dashboards framework and PNG export on the main stage and want to know more? You want to understand what this will mean for your Enterprise, Cloud, ITSI, ES and/or IAI deployments? You've come to the right place. In this session, we'll provide an overview and extended demo of the new dashboarding framework and context export service. We'll cover what's different about this new framework in comparison to both SimpleXML and Glass Tables. We'll also cover the support roadmap for Simple XML and Glass Tables as well as what you need to know in order to migrate. If you're planning to attend any of the other dashboard deep dive sessions, we recommend attending this one first. Speaker(s) Nachi Mistry, Sr. Engineering Manager, Splunk Miranda Luna, Product Management, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1815.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk IT Service Intelligence, Splunk Developer Cloud Track: Foundations/Platform Level: Intermediate

Hey mad scientist, why so angry? Learn how Splunk is rethinking experiments in the Machine Learning Toolkit (MLTK) to make your life easier. Find out how we're changing the experiment workflow to reflect real-world usage of the MLTK, and make it easier for people new to the MLTK to get up and running. Strap on your safety goggles and let's get experimenting! Speaker(s) Gyanendra Rana, Senior Product Manager, Splunk Ryan Oriecuia, Principal Software Developer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1553.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Machine Learning Toolkit, AI/ML Track: Foundations/Platform Level: Good for all skill levels

Have you ever wondered what Joe meant when he referred to “Wire Data”? Today, you'll see the applicability of wire data in your organization, and you'll be amazed. Solve fraud, cybersecurity, ops, and business challenges, all with one single source of data. Wire data is the information that passes over computer and telecommunications networks to define communications between client and server devices. It is the result of decoding wire and transport protocols containing the bi-directional data payload. We will cover the use of wire data to solve security, IT operations, and business use cases, and see how the Splunk Stream platform is easily integrated into your existing data flows. The Splunk Essentials for Wire Data app from Splunkbase will be used to showcase dozens of examples using wire data to solve common business and technical issues. We will cover how to deploy and configure Splunk Stream in a distributed environment, including a demonstration. Speaker(s) Simon O’Brien, Principal Sales Engineer, Splunk Vinu Alazath, Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1206.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security, Splunk IT Service Intelligence Track: Foundations/Platform Level: Good for all skill levels

This presentation will discuss how Security Operation Centers (SOCs) will need to change to meet the cybersecurity challenges of the 2020s. The speaker will draw on his experience as a founder of the first SOC-as-a-Service company that delivers managed security services using Splunk. Most industry analysts envision that the next generation of SOCs will leverage AI, Big Data, and the Cloud, but how far can automation take us and is the concept of an autonomous SOC really practical? How will the SOC of the Future address the global shortage of cyber professionals? How will the role of security analysts need to change? Will the SOC of the Future still need to be housed in dedicated physical facilities? The speaker will provide a blueprint of Proficio’s vision of the SOC of the Future using Splunk and provide a playbook for IT leaders and aspiring IT leaders on how to drive continuous improvement in productivity and measurable outcomes. Speaker(s) Brad Taylor, Proficio Slides PDF link - https://conf.splunk.com/files/2019/slides/SECS2839.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security, Splunk User Behavior Analytics Track: Security, Compliance and Fraud Level: Good for all skill levels

Tired of relying on static threshold-based alerts that don’t seem to provide much value? Do you typically end up finding outliers in your data by staring at lines on your dashboards? We are told machine learning is going make alerts and dashboards smarter, but how? We will help demystify machine learning and provide a practical guide to apply machine learning techniques for numeric outlier detection, and forecasting to make alerts and dashboards smarter and easier to use for actionable results. We will show you the basics of how you can understand your data, get them ready for machine learning, and get the machine to start working for you! You will leave the session beginning to think like a data scientist and knowing how to apply purpose-driven machine learning to your searches in Splunk! Speaker(s) Eurus Kim, Staff ML Architect, Splunk Amir Malekpour, Principal Software Engineer, Machine Learning, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1213.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Machine Learning Toolkit, AI/ML Track: Foundations/Platform Level: Intermediate

Does your IT environment look like a huge bowl of spaghetti? Is it even possible to untangle that vast, complex, and diverse ecosystem? Is moving from reactive to proactive even a possibility? Join us to learn how United Health Group is using Splunk IT Service Intelligence to provide end-to-end visibility and proactive incident response to its critical business applications. We’ll show you how mapping service dependencies and defining meaningful key performance indicators from the front end all the way back to the mainframe is providing value to the DevOps teams and the businesses they support. Speaker(s) Ben Nolan, Splunk IT Service Intelligence Administrator, Optum Jacob Edelen, Splunk ITSI Administrator, Optum Slides PDF link - https://conf.splunk.com/files/2019/slides/IT2139.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk IT Service Intelligence Track: IT Operations Level: Intermediate

Seeking guidance to help create amazing Splunk dashboards? Want to wow your team as well as your execs and become THE dashboard master? Come learn about Splunk's new dashboarding capabilities, and experience rich dashboard examples as well as the art of the possible. We will demo a variety of dashboards, and we’ll share tips and tricks, tutorials and templates to ensure you can build your own. Attend this session and you’ll be on the path to becoming a Splunk dashboard ninja in no time.  Speaker(s) Stephen Luedtke, Sr. Data Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1933.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud, Splunk IT Service Intelligence Track: Foundations/Platform Level: Good for all skill levels

Most of us have had (or still have) nightmares about an alert that someone's exfltrating data from our organization. We've lived that nightmare at Harris, and we've learned from it. In this session, we'll discuss how we used red and purple teaming to improve our security posture post-breach. Learn from our experience so that you can strengthen your team's alerting, staff comptency, and policies, and reduce the risk of a breach at your company. Speaker(s) Nate Piquette, Sr. Detection & Response Engineer, L3Harris Technologies Adam Parsons, Sr. Detection & Response Engineer, L3Harris Technologies Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1375.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security Track: Security, Compliance and Fraud Level: Good for all skill levels

Vectra customers and security researchers respond to some of the world’s most consequential threats. And they tell us that there’s a consistent set of questions they must answer when investigating any attack scenario.Yet, security data today is broken and unable to effectively answer those questions. It is either incomplete or storage and performance intensive. Most teams don’t have the information necessary to properly answer the questions required to support their use cases; whether it be for threat hunting, investigations or supporting custom tools and models.In this session, hear about real-world use cases where security teams use machine learning engines to derive unique security attributes and how it is embedded into security workflows. Speaker(s) Kevin Sheu, Vectra Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2589.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud Track: Security, Compliance and Fraud Level: Good for all skill levels

As a high-profile public-sector organization, the Dutch Tax and Customs Administration deals with criminals claiming to be representatives of the organization and contacting the public with phishing e-mails every day. By using Splunk and RFC’s like, RFC7208 – Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, we have developed a technique to identify phishing attacks that are carried out under the disguise of the Dutch Tax and Customs Administration. This technique is universally applicable. A precondition is access to the DNS logging. By means of this technique, insight can be obtained where the phishing e-mails are sent from and to whom the phishing e-mails are sent. In this talk we will start by explaining which standards are available to increase e-mail security and how we have build an app in Splunk, including dashboard and a wizard to create the necessary DNS records to gain insight information about the abuse of our domains. Speaker(s) Karl Lovink, Lead Security Operations Center, Dutch Tax and Customs Administration Arnold Holzel, Senior Security Consultant, SMT Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1106.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security Track: Security, Compliance and Fraud Level: Advanced

As more technology organizations pursue agility and move towards continuous delivery, a stable and reliable IT infrastructure is the foundation that enables the transformation. However, the increasing complexity of the underlying infrastructure also brings a lot of challenges. Splunk has built a variety of solutions on top of our platform to deal with this complexity and deliver analytics and troubleshooting data to our engineering teams and decision makers. We will share a bit about our continuous integration process for triaging automated tests using Splunk, how we build IT infrastructure monitoring/analytics system based on Splunk ITSI, and how we take corresponding actions via VictorOps. Speaker(s) Scott Lu, Senior Engineering Manager, Splunk Alfie You, Principal Software Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/IT1962.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk IT Service Intelligence, VictorOps Track: IT Operations Level: Intermediate

Do you wish to modify your incoming data before ingestion? How about using Splunk's real-time search feature more efficiently? Splunk Data Stream Processor (DSP) can help. DSP allows you to analyze, transform and act on your data in real-time before it is indexed by Splunk indexers.Join us in this session to learn more about how you can use DSP as an alerting and action engine and transform your incoming data in real-time! Speaker(s) Dirk Nitschke, Staff Sales Engineer, Splunk Bashar Abdul-Jawad, Principal Software Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN2033.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud Track: Foundations/Platform Level: Intermediate

We helped our client use Splunk to disrupt theft rings plaguing its retail stores. We'll present how we took in public wifi data, tracked MAC addresses that appeared in multiple stores, and ultimately created a system in Splunk that alerted in-store loss prevention teams when individuals likely to be involved in theft rings entered the store. We'll go over the steps taken to operationalize our theft deterrence program so that you can adopt it in your organization or modify it to fit your needs. Speaker(s) Nic Haag, Splunk Professional Services Consultant, Aditum Partners Logan Foshee, Threat Analyst, Lowe's Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1336.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security Track: Security, Compliance and Fraud Level: Advanced

How about having an immersive data experience on your mobile device via augmented reality? Think about being in a data center where you just need to scan the QR code/NFC tag on your stacked devices to know the critical device metrics on your mobile. This session will show you how Splunk AR can be used to visualize the dashboard data that users create on the Splunk platform. Visit this session and you will learn how to create apps, dashboards and immersively reflect the data on your mobile using Splunk AR.  Speaker(s) Sulabh Agarwal, Network Consulting Engineer, Cisco Systems Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1486.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud Track: Foundations/Platform Level: Intermediate

Business operations teams have relied on Splunk for operational intelligence, helping them to discover bottlenecks, fallout, and other issues in order to deliver more efficient business processes and customer experiences with higher conversions. In this session, learn about Splunk's latest innovations for business operations professionals. Speaker(s) Faya Peng, Senior Director, Product Management, Splunk Lizzy Li, Product Manager, Business Flow, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/BA2130.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Business Flow Track: Business Analytics Level: Good for all skill levels

This session will detail new innovations and features included in the .conf19 release of Splunk Cloud and Splunk Enterprise. This is one of the most well-attended .conf19 sessions. Be sure to add it to your agenda. Speaker(s) Sundeep Gupta, Director, Splunk Cloud, Splunk Skip Bacon, VP, Enterprise Products, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN2516.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud Track: Foundations/Platform Level: Good for all skill levels

This session will be all about exciting Foundations/Platform-related content that we'll announce at .conf19. We can't tell you about it now, but trust us — it's awesome. Speaker(s) Geoffrey hendrey, Sr Principal Engineer, splunk Aditi Nath, Software Development Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1735.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Developer Cloud Track: Foundations/Platform Level: Intermediate

Too many tools, too many silos between data and collaboration, Outages take too long to Identify Root Cause and There is So Much Noise Abstract:  TIAA had a goal – to replace Legacy Monitoring with an AIOps approach.  What did that mean?  They had to find a better way to break down the silos between data and collaboration and start focusing attention on the right things with the right people.  Monitoring had become about MTTI (mean time to innocence) instead of fixing the fight issues more quickly and finding a way to move from ‘reacting’ to outages to ‘preventing’ them.  ITSI has become the ‘aggregator’ of monitoring data and will help TIAA move from the old Dinosaur Approach of being event driven to the AiOps approach of Service and Priority Driven.  Learn about the Journey, the Lessons Learned, and the Best Practices to Ensure Success.   Speaker(s) Emily Duncan, ITOA Specialist, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/IT1346.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud, Splunk IT Service Intelligence Track: IT Operations Level: Good for all skill levels

Want to use your custom model with the data already in Splunk? Want to contribute to an open library for Machine Learning Toolkit (MLTK) algorithms? Want to use your favorite Machine Learning library? This session will help you to create custom algorithms and leverage the power of any ML algorithm you have ever wanted to use for your application. Traverse the entire process from building a custom algorithm, fitting the model to your data, testing your application, to contributing to the MLTK Algorithms library on Github. Speaker(s) Karthika Krishnan, Senior Forward Deployed Software Engineer, Splunk Ankit Bhagat, Forward Deployed Software Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1540.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Machine Learning Toolkit Track: Foundations/Platform Level: Intermediate

Red Hat and Splunk are partners in providing solutions to manage and monitor Kubernetes deployments. This joint RedHat and Splunk session will cover the benefits of Red Hat OpenShift to run your Kubernetes deployments and how Splunk can provide the monitoring capabilities and insights you need to get the most out of your Kubernetes deployment.  Speaker(s) Matt Modestino, ITOA Practitioner, Splunk Mattia Mascia, Senior Consultant, Red Hat Slides PDF link - https://conf.splunk.com/files/2019/slides/IT2240.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Business Flow Track: IT Operations Level: Good for all skill levels

A large volume of known production incidents and end-user issues are still being resolved manually. This becomes worse when it happens in unusual hours and no one is there to fix it. Every minute of downtime is detrimental to business and waking up an engineer at the middle of the night to fix simple known issues is not worthwhile. Our self-healing (Event-Driven Remediation) solution fixes simple and known incidents automatically. For complex alerts, it gets relevant diagnostics and context from the logs. This could massively improve customers' and employees' experience in any organization. Speaker(s) Karthick Muruganantham, JPMorgan Chase Slides PDF link - https://conf.splunk.com/files/2019/slides/IT1186.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk IT Service Intelligence Track: IT Operations Level: Intermediate

Many government agencies and for-profit companies require that you run Splunk on a network disconnected from the outside Internet. This presents many challenges, including how to cross air gaps and one-way transfers, how to operate indexers in an air-gapped environment, and how to automate backwards. This session will cover lessons learned from a variety of air-gapped deployments. Speaker(s) Steve Schohn, Staff Sales Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1190.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security, Phantom Track: Foundations/Platform Level: Intermediate

Copper River ES, a strategic partner for Splunk public sector, is working with a large federal agency that has restructured their NOC and SOC organizations into a single unified entity as part of operational optimization.  The agency is responsible for protecting IP and other assets totaling $4.3 trillion as part of safeguarding the nation’s food supply chain.   The goal was to enhance the ability to handle problem escalations quickly and improve communications between teams. They are currently ingesting more than 3TB daily across 65 data sources where Splunk is leveraged as an integrated data platform and framework service to act as a nerve center for the combined NOC and SOC teams. Implementation has resulted in dramatically reducing MTTD to an average of less than 30 min compared to previous times of up to 12 hours, MTTR times from 16 hours to often less than 1 with overall outage times having now been reduced by about 68%. From a security perspective, it is used to identify data exfiltration and insider threats, as well as for security operations and compliance.  Increasing visibility into all aspects of system operations and troubleshooting efforts is now supported through a series of custom Splunk App’s, glass tables, reports and alerts with operational guides and training to best leverage the capabilities Splunk has generated. Speaker(s) Sandy Voellinger, Copper River Enterprise Services Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1921.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security, Splunk User Behavior Analytics Track: Foundations/Platform Level: Good for all skill levels

As the types of devices and applications used in IT organizations increase exponentially, scaling the analytics-driven SOC becomes even more imperative. In this session Splunk Professional Services will help you learn from its past experiences architecting Splunk Enterprise Security environments for scale into the terabytes per day. We will share technical details on improvements to search technology and Data Model Acceleration in Splunk Enterprise that will help you increase performance and decrease total cost of ownership. We will also take a deep dive under-the-hood into Splunk Enterprise Security Frameworks in which you should make special considerations for high volume.  Finally, we'll share important metrics on how to monitor the ongoing health of your Enterprise Security deployment, ensuring you stay on track over time, even in periods of rapid growth. Speaker(s) Marquis Montgomery, Principal Security Architect, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2120.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security Track: Security, Compliance and Fraud Level: Intermediate

Your network is speaking to you! Listen to what your applications are saying. Monitoring the metrics already present in your wire data can provide the key to understanding and characterizing their performance. Using tools like Splunk Stream, you can collect dozens of metrics at the IP, TCP, and Application layers. This session will show you how to characterize the performance of your applications and the network, and how to tell which is the source of trouble. We'll also explore how to perform service and asset discovery with wire data as a basis of fact, correlating it with your database "of record" to ensure its accuracy. Speaker(s) David Cavuto, Staff Sales Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/IT1761.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk IT Service Intelligence Track: IT Operations Level: Intermediate

Women are underrepresented across all levels of the technology industry. Find out how these four female leaders advanced their careers to lead the industry. Join us for an in-depth discussion about female diversity and the importance of including women in leadership from those who've made it to the top. Speaker(s) Suzanne McGovern, Chief Diversity Officer & Head of Talent, Splunk Jane Hite-Syed, NGS CIO, National Government Services Patty Morrison, Splunk Board Member, Splunk Monika Panpaliya, Senior Director, Digital Common Services, Boeing Carol Jones, CIO, Sandia National Laboratories Slides PDF link - https://conf.splunk.com/files/2019/slides/FND1268.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud, Splunk Enterprise Security Track: Foundations/Platform Level: Good for all skill levels

Let's face it, sometimes you don't know what you don't know. With vast amounts of cloud data coming in at cloud-speed, it can be difficult to see through the noise and know what to look for. Are malicious adversaries attempting to comprise the environment? Is my environment under- or over-provisioned? Do I have an insider possibly exfiltrating company data? Are employees actually using the services? What is all of this costing per service, department, business unit? Don't worry, we will help you figure all this out in a prescriptive manner by showcasing these and other use cases. Then, we will show you the "how" by exposing the searches, the data needed, and showing you how to onboard that data. You will walk away with use cases that can be implemented immediately in your own environment. Speaker(s) Jason Conger, Solution Architect, Splunk Ry Lait, Senior Sales Engineer, Splunk Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1328.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security, Splunk Machine Learning Toolkit Track: Foundations/Platform Level: Intermediate

Data is growing exponentially; however IT budgets are not.  Growth in internal use cases and additional data sources can put organizations under intense pressure to manage spiraling costs. The good news is that help is on the way. We will show how to size and configure Splunk SmartStore to yield significant cost savings, for both current and future data growth. In addition, learn how to configure the Splunk deployment for optimal search performance. Spare a few minutes of your time at .conf19 and see it yield big returns for your organization. Speaker(s) Bharath Aleti, Director, Product Management, Splunk Jon Rust, Splunk Architect, ADP Jane Jokl, Offering Manager, IBM Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1435.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Cloud Track: Foundations/Platform Level: Good for all skill levels