Posts tagged: Splunk

April 7, 2026 6 min read ✎ Blog

Splunk + Cisco ISE: Syslog Integration and RADIUS Dashboard

Send Cisco ISE syslogs to Splunk — parse with props.conf, build SPL queries for RADIUS auth visibility, and create a live ISE operations dashboard.

cisco ise splunk

May 11, 2020 4 min read ✎ Blog

Splunk Series III: System Administrator Class (File Structure, Settings and CLI)

Splunk SPLUNK_HOME directory layout, etc/system/default vs local precedence, conf-file merging, and essential splunk CLI commands for administrators.

data it-security machine-data

May 10, 2020 4 min read ✎ Blog

Splunk Series III: System Administrator Class (Installation and Recommendations)

Splunk Enterprise install on Linux and Windows: ulimit tuning, THP disable, indexer and search-head sizing, and production-ready admin class advice.

data it-security machine-data

May 6, 2020 3 min read ✎ Blog

Splunk Series III: System Administrator Class (Splunk Components, Processes and Installation)

Splunk admin notes — search heads, indexers, forwarders, deployment server roles — and the planning steps required before a production install.

data it-security machine-data

May 6, 2020 3 min read ✎ Blog

Splunk Series III: System Administrator Class (Splunk Deployment)

Splunk Certified Architect prep — System Admin class topics: license management, configuration files, indexers, user management, and distributed search.

data it-security machine-data

April 20, 2020 2 min read ✎ Blog

Splunk Series II: Correlating Events

Correlate events in Splunk using transactions — group related events with maxspan, maxpause, startswith, endswith — and when to use stats instead.

data it-security machine-data

April 20, 2020 2 min read ✎ Blog

Splunk Series II: Filtering/Formatting Data

Filter and format Splunk data with eval, search, and where commands — calculate field values, apply conditional logic, and clean up report output.

data it-security machine-data

April 20, 2020 3 min read ✎ Blog

Splunk Series II: Fundamentals II

Splunk Fundamentals 2 topics — transforming commands, transactions, knowledge objects, field aliases, tags, macros, data models, and the CIM.

data it-security machine-data

April 20, 2020 1 min read ✎ Blog

Splunk Series II: Knowledge Objects and Managing Fields

Splunk knowledge objects explained — field extractions, event types, lookups, workflow actions, tags, and data models for sharing reusable assets.

data it-security machine-data

April 20, 2020 1 min read ✎ Blog

Splunk Series II: Visualizations

Splunk visualization types — line charts, bubble charts, cluster maps, choropleth maps, single-value panels — turning search results into dashboards.

data it-security machine-data