We use cookies to ensure that we give you the best experience on our website. By continuing your visit on the website, you consent to the use of the cookies. If you want to find out more about the cookies we use, you can access our Privacy Policy.
OK

Building Custom Apps and Managing Splunk Alerts - Edinburgh Splunk User Group - 21st May 2024

May 21, 2024, 5:00 – 7:00 PM (UTC)

Scotland Splunk User Group

We have two speakers for this session, streaming in from the USA and Switzerland: Jaco van der Schyff (Datapunctum AG) on "Managing Splunk Alerts with Alert Manager Enterprise 3.0" David Condliffe (VisiCore Technology Group) on "Building Custom Splunk Apps and Dashboards"

About this event

Welcome back to the May 2024 edition of Edinburgh Splunk User Group. We have two guest speakers coming in from across the world, so will be only livestreaming this session. Our post-.conf24 session should be in person and will be planned for not too long after .conf24 takes place.

 

This month we've got two speakers from across the world (order of speakers subject to change):

Firstly, Jaco van der Schyff from Datapunctum AG will discuss "Managing Splunk Alerts with Alert Manager Enterprise 3.0".

Then, David Condliffe from VisiCore Technology Group, will cover "Building Custom Splunk Apps and Dashboards"


Throughout the session, myself and Tom be in the event chat where attendees will be encouraged to bring up issues or ideas they've had with Splunk. If you want to bring your issue to the session, please get in touch with us prior to the event so we can ensure we can help with your issue. We'll also provide the link to our conference call on the day of the session if people want to attend.

Online

Our session will be hosted online through YouTube Live.

Agenda

Introductions and General Housekeeping

"Managing Splunk Alerts with Alert Manager Enterprise 3.0" - Jaco will cover 'Datapunctum Alert Manager Enterprise', what it can do and how to use it or similar apps/searches to triage and resolve events.

"Building Custom Splunk Apps and Dashboards" - David will cover what people can do with Dashboards, their use-cases and what you can really do creating them.

Any Other Business

Code of Conduct

We adopt and enforce the Berlin Code of Conduct (CoC) for all our events and all cases of abuse or harassment are dealt with swiftly and in accordance with this CoC.

Any concerns or issues should be reported to the organisers of this chapter:

Andrew McManus (andrewjohnmcmanus@googlemail.com / @Andrew McManus on Splunk Community Slack)

Tom Wise (tom.wise@adarma.com / @phanTom on Splunk Community Slack)

Contributing to the SUG

We are always looking out for new speakers or participants to this SUG. We can be contacted in many ways:

See above for our contact details as well as:

Splunk Community: Interact with us at our Splunk Community Hub page

Slack: Join up to the Splunk Community Slack at http://splk.it/slack and join us at #Edinburgh

LinkedIn: User Group LinkedIn Page

Discussions

No discussions are currently posted

When

When

Tuesday, May 21, 2024
5:00 PM – 7:00 PM (UTC)

Agenda

5:00 PM
Starting Steam
Introduction and housekeeping
5:15 PM
Managing Splunk Alerts with Alert Manager Enterprise 3.0
The talk will demonstrate how Splunk alerts can be managed using the AME Application available on SplunkBase https://splunkbase.splunk.com/app/6730. The talk will cover functionalities, features as well as how to model a use-cases within AME. Covering a use-case (security event for the UG) will be in the form of a demo and will be looking at AME features and functionalities to assist analysts in triage and event resolution.
5:45 PM
Building Custom Splunk Apps and Dashboards
Dashboards and Visualizations, Interesting Use Cases, The Realities, The Myths, The Future
6:15 PM
AOB
Any other Business

Organizers

  • Sahil Sharma

    Netcompany

    User Group Leader

  • Stuart Robertson

    User Group Leader

Contact Us