Splunk User Group

As the founder and leader of the Splunk User Group in Edinburgh, I have added the below resources and links to our sessions, slides and how to get involved with the community.

Key Resources

When / WhereWhat / WhoResources
May 22, 2018

Edinburgh Napier University

Using Splunk & Phantom for Automation/Orchestration and Using Splunk with Docker for Building a Lab

Join us for an evening where we’ll take a look at Phantom (Splunk’s latest purchase), how it can be integrated with the Splunk platform and used for automation/orchestration. We’ll also be taking a look at using Splunk with Docker for slim but useful development environments. Finally, an introduction into Splunk Enterprise Security Content Updates which align new/best practices security use cases to the attack chain and more!

Presenters: Tom WiseTomasz Dziwok, Harry McLaren

Event / Recording
March 13, 2018

Edinburgh Napier University

TSTATS, the Life of a Splunk Trainer and using DevOps in Splunk Development

Session on using TSTATS and the internal Splunk logs, have a Splunk Trainer share his journey with Splunk and how he’s managed to achieve every possible Splunk certification (over 10!), and a short discussion about emerging thoughts of using development/release frameworks with Splunk.

Presenters: Tom Wise, Andrew McManusHarry McLaren

Event / Slides
January 11, 2018

Edinburgh Napier University

The Missing Layers: Syslog Collection & HTTP Event Collection 

Session to discuss the [often] missing layers of event collection within Splunk deployments. The ins and outs of traditional syslog collection and also explored how the Splunk HTTP Event Collector can be used to similar effect.

Presenters: Graeme CurtisHarry McLaren

Event / Slides
October 16, 2017

Edinburgh Napier University

Latest Updates to Splunk Enterprise, Enterprise Security & IT Service Intelligence from .conf

Session to detail some of the best announcements from the recent Splunk users conference.

Presenters: Harry McLaren

Event / Slides
August 22, 2017

Edinburgh Napier University

Securing the Enterprise/Cloud with Splunk at the Centre

Session to cover the topics of using Splunk to secure the Cloud (AWS), then coving a number of use cases or orchestration with Adaptive Response.

Presenters: Robert Williamson, Harry McLaren

Event / Slides
June 27, 2017

Edinburgh Napier University

Supporting Splunk at Scale, Splunking at Home & Introduction to Enterprise Security

Session to cover the topics of supporting Splunk within a large enterprise, using Splunk to gather and report on personal email metadata and an introduction to Splunk Enterprise Security.

Presenters: Chris Chalmers, David PriorAdam Thomson

Event / Slides
April 04, 2017

Edinburgh Napier University

Building Splunk Apps, Development Paths with Splunk & User Behaviour Analytics

Session to cover the topics of building Apps, the various education/certification development paths and exploring Splunk User Behaviour Analytics (UBA).

Presenters: Adam ThomsonRobert Williamson, Harry McLaren

Event / Slides
February 24, 2017

Edinburgh Napier University

Dashboarding Workshop & Universal vs. Heavy Forwarders

Session to cover the topics of dashboarding techniques and when to use Universal Forwarders vs. Heavy Forwarders.

Presenters: Robert Williamson, Harry McLaren

Event / Slides
November 23, 2016

Edinburgh Napier University

Operational Insight with IT Service Intelligence & Use Case Development

Session to cover the topics of IT operations using Splunk IT Service Intelligence and explaining the importance of Use Case Development following set processes and procedures.

Presenters: Robert Williamson, Harry McLaren

Event / Slides
September 28, 2016

Edinburgh Napier University

Splunk Security & Best Practices

Session to cover the topics of large-scale Splunk deployments and how to secure Splunk within an enterprise.

Presenters: Harry McLaren

Event / Slides

There is some duplication from the lists of the decks/content from ‘Speaking‘, but it keeps it all together.