How to Extract Complex Field from Nested {JSON} events using Splunk SPL
Category: Splunk, Splunk Search
Nowadays, we see several events being collected from various data sources in JSON format. Splunk has built powerful capabilities to extract the data from JSON and provide the keys into field names and JSON key-values for those fields for making JSON key-value (KV) pair accessible. spath is very useful command to extract data from structured data formats like JSON and XML. In this blog, an effective solution to deal with below mentioned JSON format will be presented. For example, we
Crest Data Systems Engineers Got Recognized in the Top 5 List of Winners of the April 2019 Karma Competition on Splunk Answers!
Category: Splunk, Splunk Answers
Crest Data Systems is proud to announce that our 2 employees made the top in the list of “Where Will Your Karma Take You” Contest sponsored by Splunk in April 2019. The contest recognizes the top 5 contributors of the competition based on the number of Karma points participants earn by contributing Splunk Answers community. If you are new to this – here’s how the users earn the Karma points: First, Splunk Answers is a
Recently one of our customers asked us to onboard data AWS GuardDuty threat intelligence data into Splunk. Since the process was not trivial, we decided to publish this for everyone’s benefit. What is AWS GuardDuty? AWS GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorised behaviour to help you protect your AWS accounts and workloads. AWS GuardDuty is a service provided by AWS that monitors activities such as unusual API
Hello Splunkers! Before we start, on behalf of Crest Data Systems, I would like to thank all our customers and Splunk for trusting us as your preferred vendor for their Splunk deployment to be recognized by Splunk APAC Services Partner of the Year at Splunk Global Partner Summit in March, 2019. This award is a validation of 5+ years of customer obsession helping 50+ customers around the globe successfully. Data is the new Oil: We
Splunk is an incredibly robust tool that can scale depending on the certain parameters: Number of users using the deployment Amount of data coming in Number of endpoints sending data to the deployment Depending upon the above parameters you can horizontally/vertically scale a deployment to accommodate to your needs. In this blog we will briefly discuss following deployments: Standalone deployment Distributed deployment Clustered deployment Before we dive into various deployments, let us go over some