Zero to Splunk in Six Months: Threat Learning, Machine Hunting, and Anomaly Intelligence

Tuesday, May 02 | 1:00PM–2:30PM | Denver Ballroom 1-3, Lower Level 2
Session Type: Breakout Session
Delivery Format: Concurrent Session
Join us as we discuss our experiences getting Splunk up and running at UVA. Log and event correlation and searching have been our primary focus, but we have found some other fun uses for Splunk. We will share best practices and lessons learned and demonstrate some of our favorite integrations, dashboards, and searches. This is a topic specific/intermediate level session.

Outcomes: Understand the challenges and rewards in implementing a new SIEM * Learn about Splunk architecture, searches, dashboards, integrations, and visualizations, including quick reference resources * Meet and engage with other Splunk users to share experiences and collaborate on further development

Presenters

  • Jeff Collyer

    Information Security Engineer, University of Virginia
  • Michael Grinnell

    Deputy CISO, University of Virginia
  • Christina Joseph

    Information Security Engineer, University of Virginia