Profile picture

Written by Ryan Faircloth who lives and works remotely from Sunny Florida trying to share useful things. You should follow him on Github, Linkedin, or Twitter

  1. February 15, 2022

    The problem with a pistol dual is often both parties lose. I often have time zone-centered conversations around logging that consume an…

  2. December 10, 2021

    This won’t take long, I still read slashdot there you have my confession. This article discusses the “fallout” politically from the Tsar…

  3. October 14, 2021

    Microsoft has released a cool new tool for Linux ported from Windows. I was asked today why I don’t think “syslog” is an acceptable way to…

  4. February 21, 2021

    I have sensitive data in my logs and I need to filter that out Security teams world wide Filtering out sensitive data sounds like a good…

  5. December 21, 2020

    I’m very pleased with the progress tech has made this year, and I say progress, not arrival because change is hard for humans. As a segment…

  6. November 14, 2020

    I’ve finally been able to take a couple of days and update and refresh my MaxMind Add-on for Splunk Enterprise and Enterprise Cloud. The…

  7. September 23, 2020

    Syslog is a ambiguous term so I thought I would clarify what I am talking about syslog is a daemon where Linux/UNIX sent logs back in the…

  8. May 28, 2020

    If the device has a host name in the event use that Else if our management/cmdb solution knows the right name use that instead Else maybe…

  9. October 16, 2019

    I’ve had quite a bit to say about syslog as a component of a streaming data architecture primarily feeding Splunk Enterprise (or Enterprise…

  10. August 16, 2019

    One day perhaps we can teach machines to avoid bias but maybe just maybe we need to understand how to teach humans the same first. https…

  11. April 22, 2019

    A few years ago flying across the Atlantic, unable to sleep, I had an idea to integrate common syslog aggregation servers using Splunk’s new…

  12. April 11, 2019

    A Splunk customer wrote a utility to help translate old sourcetype to new source/sourcetype with visual review and a nice workflow for…

  13. March 22, 2019

    I’ve updated the SecKit templates and guidance for Windows TA 6.0 no longer do you need to also deploy the TA for Microsoft DNS and TA for…

  14. March 08, 2019

    Splunk released a major update to the Splunk TA for Windows last month you may not have noticed but I think you should take a closer look. A…

  15. October 07, 2018

    Last year I created content to help customers quickly get up and running with Windows Data making optimal use of their license. Splunk TA…

  16. October 07, 2018

    This topic comes up every now and then working with customers and partners deploying and upgrading add ons for Splunk does not have to be…

  17. July 09, 2017

    The sites been down for a few days, BlueHost has been suffering from a DDOS on at least one of the sites they host. My site shared…

  18. February 17, 2017

    Ok, I said posts in threes so here it is. We all know RYSLOG config is much more painful than syslog-ng but for reasons beyond all of our…

  19. September 27, 2016

    As a developer of “Apps” for the Splunk platform; I have been very eager to automate more tedious tasks including build and static code…

  20. July 27, 2016

    This one is short and sweet, when building a Splunk search head cluster we often will create a search head unattached to indexers to “stage…

  21. February 19, 2016

    4375461 Just in case you need need yet another reason to utilize passive DNS analytic, a new significant vulnerability is out for GLIBC…

  22. February 17, 2016

    Every now and then a threat data provider will include invalid entries in their threat list creating loads of false positives in Enterprise…

  23. September 17, 2015

    Big data, open world a utopia we may one day have. Today I want my logs all of my logs, and then I want more. I often want to collect…