SplunkLive! Charlotte

March 29th, 2016


Please join us at SplunkLive! Charlotte- and learn how more than 11,000 enterprises, government agencies, universities and service providers in over 100 countries use Splunk® software to deepen business and customer understanding, mitigate cybersecurity risk, prevent fraud, improve service performance and reduce cost.

SplunkLive! Charlotte Speakers

Is your mind already churning with ways Splunk can help you to address challenges in your environment? Our customers share their stories to provide further inspiration.

SVP IT Markets
Senior Tech Lead
Cox Automotive Inc.

SplunkLive! Charlotte Agenda

  • 8:00am – Registration
  • 9:00am – Welcome, Agenda, Overview
  • 12:00pm – Lunch
  • 1:15pm – Breakout Sessions 1-3
  • Getting Started with Splunk Enterprise Hands-On
    Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
  • Splunk Enterprise for IT Troubleshooting – Hands–On (Bring your laptop, not a tablet, preferably a non-IE browser)
    If you’re just getting started with Splunk, this session will help you understand how to use Splunk software to turn your silos of data into insights that are actionable. In this session, we’ll dive right into a Splunk environment and show you how to use the simple Splunk search interface to quickly find the needle-in-the-haystack or multiple needles in multiple haystacks. We’ll demonstrate how to perform rapid ad-hoc searches to conduct routine investigations across your entire IT infrastructure in one place, whether physical, virtual or in the cloud. We’ll show you how to then convert these searches into real time alerts and dashboards, so you can proactively monitor for problems before they impact your end user. We’ll demonstrate how you can use Splunk to connect the dots across heterogeneous systems in your environment for cross-tier, cross-silo visibility.
  • Splunk for Enterprise Security featuring User Behavior Analytics
    This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos
  • 2:30pm – Breakout Sessions 4-6
  • Getting Started with Splunk IT Service Intelligence Hands-On
    Are you currently using Splunk to troubleshoot and monitor your IT environment? Do you want more out of Splunk but don’t know how? Here’s your chance to learn more about Splunk IT Service Intelligence (Splunk ITSI) and get hands-on with it for the very first time. We’ll help you build custom visualizations and dashboards for personalized service-centric views. We’ll teach you how to navigate across multiple KPIs, entities and events with built-in visualizations and intelligently troubleshoot and resolve problems faster using Splunk ITSI. We’ll also show you how to create correlations across KPIs easily and be alerted of “notable events” to catch these emerging problems quickly. At the end of this session, you will leave with an understanding of the unique monitoring approach Splunk ITSI delivers to maximize the value of your data in Splunk and how to accelerate visibility into your critical IT services. Bring your laptop, not a tablet, preferably a non-IE browser. .
  • Splunk Enterpise for Information Security Hands-On
    Splunk is the ultimate tool for the InfoSec hunter. In this unique session, we’ll dive straight into the Splunk search interface, and interact with wire data harvested from various interesting and hostile environments, as well as some web access logs. We’ll show how you can use Splunk Enterprise with a few free Splunk applications to hunt for attack patterns representing SQL injection, data exfiltration, and C2 communication. We’ll show how to find evidence of RATs, brute force attempts, and directory traversal. Finally, we'll also demonstrate some ways to add context to your data in order to reduce false positives and more quickly respond to information. Bring your laptop – you’ll need a web browser to access our demo systems
  • Data Onboarding
    Splunk is a powerful platform that can harness your machine data and turn it into valuable information thereby enabling your business to make informed decisions, taking your organization from reactive to proactive. Just like any other platform, Splunk is only as powerful as the data it has access to, therefore in this session we will be conducting a walk thru of how to successfully on-board data, with samples of data ranging from simple to complex. We will also be taking a look at how to use common TA’s to bring valuable data into Splunk. This session is designed to give you a better understanding of how to onboard data into Splunk enabling you to unlock the power of your data.
  • 3:30pm – Happy Hour Sponsored by Extrahop, EView Technology, Gigamon, Hurricane Labs, and Syncsort

Event Details


Tuesday, March 29th, 2016
From 9:00am to 4:30pm


Hilton Charlotte University Place
8629 J M Keynes Dr
Charlotte, NC 28262

T: +1-704-547-7444
Hotel Website


SplunkLive! Charlotte is sponsored by Extrahop, EView Technology, Gigamon, Hurricane Labs, and Syncsort

Want to sponsor a SplunkLive! event? Click here and ask us about sponsorship opportunities.


  • Do I need to pay to attend? No, SplunkLive! is free to all. Join us in the morning to learn how other Splunk Customers are using Splunk then stay for detailed workshops in the afternoon.
  • Should I bring my laptop? Yes! Make sure to download Splunk first: http://www.splunk.com/download
  • Will there be wireless internet? Yes! There will be an announcement at the beginning of the day covering network and passwords.
  • What time should I show up? We start promptly at 9:00am - make sure to arrive by 8:30am to snag a good seat!
  • Is there a dress code? Dress code is business casual. If you want show your Splunk pride by wearing your favorite Splunk t-shirt—that's also welcome!
  • Will parking be included? Unfortunately Splunk doesn't cover parking expenses but we'll include lunch and a collector's t-shirt!