All Posts

Building CI pipeline for Splunk Content

Using CircleCI and Splunk AppInspect* Recently worked on writing and open sourcing https://github.com/splunk/TA-osquery. One of my goals was to make sure my code was in compliance with Splunk’s best practices at every stage of development.

Search the web from Splunk using Faroo

I have been away for a while, but been very busy at Github. Just wrapped up a app for Splunk that allows you to search the web using key words from a specific Splunk field.

Made a Auto Mitigation framework by turning Splunk UF into a EDR

Architected and built an auto-mitigation framework in Splunk that can automaticallty block attacks. Presented and showed the framework in Splunk .conf 2014.

Wrote some early Ansible roles for Splunk

Wrote a two part series ( 1, 2 ) on how to deploy Splunk securely with Ansible.