Deploying a campus-wide Splunk environment at UNC Chapel Hill

•

1 gostou•699 visualizações

M

Presentation by Brent Caison, Liam Greenwood, and Michael Bacon

Tecnologia Educação

UNC CAUSE 2013
Brent Caison
Liam Greenwood
Michael Bacon
ITS Open Systems
University of North Carolina – Chapel Hill

What is Splunk?
Log aggregator

Customized views/dashboard

Data visualization

Monitoring and events

You can tell your boss you're doing
“Big Data!”


photo credit:
Stefan (Flickr)

Original Architecture
Search Head 1
Interactive
Users
Indexer 1
Forwarding
Hosts

Syslog Server
F5
BigIP
VIP

Syslog Server
Syslog Server

Split Architecture
Search Head 1
Interactive
Users

Interactive
Users
Forwarding
Hosts

Indexer 1
Forwarding
Hosts

Syslog Server
F5
BigIP
VIP

Search Head 1

Indexer 1
F5
BigIP
VIP

Syslog Server
Syslog Server
Syslog Server

Windows/AD
Admins

Search Head 2

Windows
Forwarders

Indexer 2

Syslog Server
Syslog Server

Multi-tenant Architecture
User
Population 2
User
Population 1

Forwarding
Hosts

User
Population 3

Search Head 2

User
Population 4

Search Head 3
Search Head 4

Search Head 1
Indexer 1
F5 BigIP VIP

Indexer 2
Syslog Server Syslog Server

Indexer 3
Syslog Server

Delegated Administration



Apache



Subpop admins modify membership
Groups may contain other groups

Admins for
Subpopulation A

Shibboleth SP

splunkweb service

Subpopulation A
Membership

splunkd service
Config
“ App”
Search Head for Population A

Splunk config
Files
Puppet
configuration
service

Splunk admins create roles



User
Subpopulation
A

Groups in LDAP match Splunk roles

Campussubpop-A
role

Grouper service

LDAP group
campus-subpop-A
under splunk tree
Campus Directory
(OpenLDAP)

Splunk confg fles “cooked” by
puppet, pushed to splunk service


Questions?
Brent Caison
brent_caison@unc.edu
Liam Greenwood
liam@unc.edu
Michael Bacon
baconm@unc.edu

Mais conteúdo relacionado

Semelhante a Deploying a campus-wide Splunk environment at UNC Chapel Hill

Curious on how to make your Connections environment run smoothly while reducing support effort? Need help debugging and getting to the core of some Connections challenges? Join Nico and Terri to find out how to resolve common issues, learn troubleshooting basics and other useful knowledge to ensure an efficient Connections on-premises environment. Level up your debugging skills while learning more about backend topics such as IBM Spectrum CfC, DB2, TDI, SSO, Directory and integrations like Docs, CCM, Cognos, FEB or Orient Me. Walk away with Connections best practice tips and tricks to help you provide steady and efficient social capabilities!

Soccnx11 Two wrongs don't make a right - Troubleshooting Connections

Soccnx11 Two wrongs don't make a right - Troubleshooting Connections

Soccnx11 Two wrongs don't make a right - Troubleshooting Connections

Nico Meisenzahl

Curious on how to make your Connections environment run smoothly while reducing support effort? Need help debugging and getting to the core of some Connections challenges? Join Nico and Terri to find out how to resolve common issues, learn troubleshooting basics and other useful knowledge to ensure an efficient Connections on-premises environment. Level up your debugging skills while learning more about backend topics such as IBM Spectrum CfC, DB2, TDI, SSO, Directory and integrations like Docs, CCM, Cognos, FEB or Orient Me. Walk away with Connections best practice tips and tricks to help you provide steady and efficient social capabilities!

Two wrongs don’t make a right – Troubleshooting Connections

Two wrongs don’t make a right – Troubleshooting Connections

Two wrongs don’t make a right – Troubleshooting Connections

Curious on how to make your Connections environment run smoothly while reducing support effort? Need help debugging and getting to the core of some Connections challenges? Join Nico and Terri to find out how to resolve common issues, learn troubleshooting basics and other useful knowledge to ensure an efficient Connections on-premises environment. Level up your debugging skills while learning more about backend topics such as IBM Spectrum CfC, DB2, TDI, SSO, Directory and integrations like Docs, CCM, Cognos, FEB or Orient Me. Walk away with Connections best practice tips and tricks to help you provide steady and efficient social capabilities!

SocCnx11 - Two wrongs don't make a right - Troubleshooting Connections

SocCnx11 - Two wrongs don't make a right - Troubleshooting Connections

SocCnx11 - Two wrongs don't make a right - Troubleshooting Connections

Meet Loggastic: an Open Source library for easily tracking and storing user activity logs to Elasticsearch. Built on top of Symfony, Loggastic comes with the API Platform support. We will explore the library’s concepts and the different paths we took before arriving at our current approach. You’ll learn how to integrate Loggastic into your application, adapt it to your needs, and discover how to scale it for large amounts of data.

Tracking user activity logs using Loggastic #ApiPlatformCon

Tracking user activity logs using Loggastic #ApiPlatformCon

Tracking user activity logs using Loggastic #ApiPlatformCon

Getting Started with Splunk Breakout Session

Getting Started with Splunk Breakout Session

Getting Started with Splunk Breakout Session

SplunkLive! Getting Started with Splunk Enterprise

SplunkLive! Getting Started with Splunk Enterprise

SplunkLive! Getting Started with Splunk Enterprise

Technical Developments within the UK Access Management Federation

Technical Developments within the UK Access Management Federation

Technical Developments within the UK Access Management Federation

OSMC 2021 | Current State of Icinga

OSMC 2021 | Current State of Icinga

OSMC 2021 | Current State of Icinga

SharePoint Microsoft IT - Swiss Presentation with Joel and Andre

SharePoint Microsoft IT - Swiss Presentation with Joel and Andre

SharePoint Microsoft IT - Swiss Presentation with Joel and Andre

We will show a case study of moving from SQL Server DWH to Hadoop and Vertica. In this case study you will see implementation of Lambda Architecture with Hadoop, Vertica and MongoDB for real time statistics. We will start from showing the Legacy system and describe the problems we encountered. From there we will cover all the decision making on technology choosing for the current solution. We will finish by presenting the next steps of our Data Platform solution.

Data platform evolution

Data platform evolution

Data platform evolution

Lev Brailovskiy

Splunk FISMA for Continuous Monitoring

Splunk FISMA for Continuous Monitoring

Splunk FISMA for Continuous Monitoring

Data Infrastructure at LinkedIn

Data Infrastructure at LinkedIn

Data Infrastructure at LinkedIn

Logging using ELK Stack for Microservices

Logging using ELK Stack for Microservices

Logging using ELK Stack for Microservices

Vineet Sabharwal

Jisc Research Data Shared Service Open Repositories 2018 24x7

Jisc Research Data Shared Service Open Repositories 2018 24x7

Jisc Research Data Shared Service Open Repositories 2018 24x7

http://flink-forward.org/kb_sessions/keynote-tba-2/ The past 12 months saw the data streaming ecosystem mature and grow tremendously with new open source projects and products being offered in the market, and more large-scale production applications of streaming data. It is now understood that streaming data is not a fad, but a growing industry that is here to stay. Apache Flink was one of the pioneering communities advocating that stream processing is a great fit for the continuous nature of data production, and that batch processing can be seen and efficiently performed as a special case of stream processing. Flink saw tremendous growth since the last Flink Forward conference, with the project boasting now more than 200 contributors from several companies, several production installations and broad adoption. In this talk, we discuss several large-scale stream processing use cases that we see at data Artisans. Additionally, we discuss what this accelerated growth means for Flink, how we can sustain this growth moving forward, as well as a vision for the next big directions in Flink.

Kostas Tzoumas_Stephan Ewen - Keynote -The maturing data streaming ecosystem ...

Kostas Tzoumas_Stephan Ewen - Keynote -The maturing data streaming ecosystem ...

Kostas Tzoumas_Stephan Ewen - Keynote -The maturing data streaming ecosystem ...

Soprex framework on .net in action

Soprex framework on .net in action

Soprex framework on .net in action

Getting Started with Splunk

Getting Started with Splunk

Getting Started with Splunk

London's calling 2020 Documentor Plug-In

London's calling 2020 Documentor Plug-In

London's calling 2020 Documentor Plug-In

2015 03-16-elk at-bsides

2015 03-16-elk at-bsides

2015 03-16-elk at-bsides

Synchronicity: Just-In-Time Discovery of Lost Web Pages

Synchronicity: Just-In-Time Discovery of Lost Web Pages

Synchronicity: Just-In-Time Discovery of Lost Web Pages

Semelhante a Deploying a campus-wide Splunk environment at UNC Chapel Hill (20)

Soccnx11 Two wrongs don't make a right - Troubleshooting Connections

Soccnx11 Two wrongs don't make a right - Troubleshooting Connections

Soccnx11 Two wrongs don't make a right - Troubleshooting Connections

Two wrongs don’t make a right – Troubleshooting Connections

Two wrongs don’t make a right – Troubleshooting Connections

Two wrongs don’t make a right – Troubleshooting Connections

SocCnx11 - Two wrongs don't make a right - Troubleshooting Connections

SocCnx11 - Two wrongs don't make a right - Troubleshooting Connections

SocCnx11 - Two wrongs don't make a right - Troubleshooting Connections

Tracking user activity logs using Loggastic #ApiPlatformCon

Tracking user activity logs using Loggastic #ApiPlatformCon

Tracking user activity logs using Loggastic #ApiPlatformCon

Getting Started with Splunk Breakout Session

Getting Started with Splunk Breakout Session

Getting Started with Splunk Breakout Session

SplunkLive! Getting Started with Splunk Enterprise

SplunkLive! Getting Started with Splunk Enterprise

SplunkLive! Getting Started with Splunk Enterprise

Technical Developments within the UK Access Management Federation

Technical Developments within the UK Access Management Federation

Technical Developments within the UK Access Management Federation

OSMC 2021 | Current State of Icinga

OSMC 2021 | Current State of Icinga

OSMC 2021 | Current State of Icinga

SharePoint Microsoft IT - Swiss Presentation with Joel and Andre

SharePoint Microsoft IT - Swiss Presentation with Joel and Andre

SharePoint Microsoft IT - Swiss Presentation with Joel and Andre

Data platform evolution

Data platform evolution

Data platform evolution

Splunk FISMA for Continuous Monitoring

Splunk FISMA for Continuous Monitoring

Splunk FISMA for Continuous Monitoring

Data Infrastructure at LinkedIn

Data Infrastructure at LinkedIn

Data Infrastructure at LinkedIn

Logging using ELK Stack for Microservices

Logging using ELK Stack for Microservices

Logging using ELK Stack for Microservices

Jisc Research Data Shared Service Open Repositories 2018 24x7

Jisc Research Data Shared Service Open Repositories 2018 24x7

Jisc Research Data Shared Service Open Repositories 2018 24x7

Kostas Tzoumas_Stephan Ewen - Keynote -The maturing data streaming ecosystem ...

Kostas Tzoumas_Stephan Ewen - Keynote -The maturing data streaming ecosystem ...

Kostas Tzoumas_Stephan Ewen - Keynote -The maturing data streaming ecosystem ...

Soprex framework on .net in action

Soprex framework on .net in action

Soprex framework on .net in action

Getting Started with Splunk

Getting Started with Splunk

Getting Started with Splunk

London's calling 2020 Documentor Plug-In

London's calling 2020 Documentor Plug-In

London's calling 2020 Documentor Plug-In

2015 03-16-elk at-bsides

2015 03-16-elk at-bsides

2015 03-16-elk at-bsides

Synchronicity: Just-In-Time Discovery of Lost Web Pages

Synchronicity: Just-In-Time Discovery of Lost Web Pages

Synchronicity: Just-In-Time Discovery of Lost Web Pages

Último

Developing An App To Navigate The Roads of Brazil

Developing An App To Navigate The Roads of Brazil

Developing An App To Navigate The Roads of Brazil

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Scaling API-first – The story of a global engineering organization

Scaling API-first – The story of a global engineering organization

Scaling API-first – The story of a global engineering organization

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Finology Group – Insurtech Innovation Award 2024

Finology Group – Insurtech Innovation Award 2024

Finology Group – Insurtech Innovation Award 2024

The Digital Insurer

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

Advantages of Hiring UIUX Design Service Providers for Your Business

Advantages of Hiring UIUX Design Service Providers for Your Business

Advantages of Hiring UIUX Design Service Providers for Your Business

Pixlogix Infotech

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Principled Technologies

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

Exploring the Future Potential of AI-Enabled Smartphone Processors

Exploring the Future Potential of AI-Enabled Smartphone Processors

[2024]Digital Global Overview Report 2024 Meltwater.pdf

[2024]Digital Global Overview Report 2024 Meltwater.pdf

[2024]Digital Global Overview Report 2024 Meltwater.pdf

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Boost Fertility New Invention Ups Success Rates.pdf

Boost Fertility New Invention Ups Success Rates.pdf

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

GenCyber Cyber Security Day Presentation

GenCyber Cyber Security Day Presentation

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Último (20)

Developing An App To Navigate The Roads of Brazil

Developing An App To Navigate The Roads of Brazil

Developing An App To Navigate The Roads of Brazil

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Scaling API-first – The story of a global engineering organization

Scaling API-first – The story of a global engineering organization

Scaling API-first – The story of a global engineering organization

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Finology Group – Insurtech Innovation Award 2024

Finology Group – Insurtech Innovation Award 2024

Finology Group – Insurtech Innovation Award 2024

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

Advantages of Hiring UIUX Design Service Providers for Your Business

Advantages of Hiring UIUX Design Service Providers for Your Business

Advantages of Hiring UIUX Design Service Providers for Your Business

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Exploring the Future Potential of AI-Enabled Smartphone Processors

Exploring the Future Potential of AI-Enabled Smartphone Processors

Exploring the Future Potential of AI-Enabled Smartphone Processors

[2024]Digital Global Overview Report 2024 Meltwater.pdf

[2024]Digital Global Overview Report 2024 Meltwater.pdf

[2024]Digital Global Overview Report 2024 Meltwater.pdf

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Boost Fertility New Invention Ups Success Rates.pdf

Boost Fertility New Invention Ups Success Rates.pdf

Boost Fertility New Invention Ups Success Rates.pdf

GenCyber Cyber Security Day Presentation

GenCyber Cyber Security Day Presentation

GenCyber Cyber Security Day Presentation

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Deploying a campus-wide Splunk environment at UNC Chapel Hill

1. UNC CAUSE 2013 Brent Caison Liam Greenwood Michael Bacon ITS Open Systems University of North Carolina – Chapel Hill

2. What is Splunk? Log aggregator  Customized views/dashboard  Data visualization  Monitoring and events  You can tell your boss you're doing “Big Data!”  photo credit: Stefan (Flickr)

3. Original Architecture Search Head 1 Interactive Users Indexer 1 Forwarding Hosts Syslog Server F5 BigIP VIP Syslog Server Syslog Server

4. Split Architecture Search Head 1 Interactive Users Interactive Users Forwarding Hosts Indexer 1 Forwarding Hosts Syslog Server F5 BigIP VIP Search Head 1 Indexer 1 F5 BigIP VIP Syslog Server Syslog Server Syslog Server Windows/AD Admins Search Head 2 Windows Forwarders Indexer 2 Syslog Server Syslog Server

5. Multi-tenant Architecture User Population 2 User Population 1 Forwarding Hosts User Population 3 Search Head 2 User Population 4 Search Head 3 Search Head 4 Search Head 1 Indexer 1 F5 BigIP VIP Indexer 2 Syslog Server Syslog Server Indexer 3 Syslog Server

6. Delegated Administration   Apache  Subpop admins modify membership Groups may contain other groups Admins for Subpopulation A Shibboleth SP splunkweb service Subpopulation A Membership splunkd service Config “ App” Search Head for Population A Splunk config Files Puppet configuration service Splunk admins create roles  User Subpopulation A Groups in LDAP match Splunk roles Campussubpop-A role Grouper service LDAP group campus-subpop-A under splunk tree Campus Directory (OpenLDAP) Splunk confg fles “cooked” by puppet, pushed to splunk service 

7. Questions? Brent Caison brent_caison@unc.edu Liam Greenwood liam@unc.edu Michael Bacon baconm@unc.edu