Any Splunk Wizards?

Anyone got any good tips, tricks, or reference book recommendations for the data-mangling syslog-ingesting application Splunk?

Looks like it will be part of my 2019-2020. And I thought I was just getting a free T-shirt.

(Splunk really likes giving out shirts. We had them on-site a month or two ago and they brought shirts for everyone covering 4-6 different designs. Here’s one of them:


We use Splunk very heavily at $work. I’m a long, long way from being a wizard, and learning more is on my ‘must do’ list.

Next week I’m off to a Splunk ‘Boss of the SOC’ event. Should be fun, and I hope to learn a lot.

1 Like

We got lucky and they’re doing short classes for us this week… I’ve got one scheduled for tomorrow. I figured I’d ask around as it’s becoming a more useful tool for our group and a system I’m front and center on has it’s own embedded Splunk environment.

There’s a couple books on it I’m looking at picking up.