Splunk Tutorial: How To Bulk Enable Splunk Searches
In the Splunk GUI, you can select and enable multiple searches. However, what if you want to enable only a set of searches that match specific conditions?. There’s no built-in way to do this yet, but we can use a Splunk query and a python script using the API to ... Read More
How to Detect Anomalies in Splunk Using Streamstats
Detecting anomalies is a popular use case for Splunk. Standard deviation, however, isn’t always the best solution despite being commonly used. In this tutorial we will consider different methods for anomaly detection, including standard deviation and MLTK. I will also walk you through the use of streamstats to detect anomalies ... Read More
Using Splunk Streamstats to Calculate Alert Volume
Dynamic thresholding using standard deviation is a common method we used to detect anomalies in Splunk correlation searches. However, one of the pitfalls with this method is the difficulty in tuning these searches. This is where the wonderful streamstats command comes to the rescue. This Splunk tutorial will cover why ... Read More
