SPLUNKY BREWSTER

2026.02.18 ai

ML Social: An AI-Powered Content Generation Platform

Check out more Machine Learning shorts on the Need-to-Nerd YouTube channel and subscribe for updates on AI, security, and data engineering content. ML Social is an AI content generation platform...

READ →

2026.02.18 splunk

Threat Detection Automation

Overview This project automates threat detection instantiation or overhaul by first learning the unique data lake schema (all client environments are unique) and correlating that schema against a TTP framework...

READ →

2026.02.13 splunk

So You're Connected to Splunk's MCP Server - Now What?

You got the proxy running. The green checkmark appeared. splunk_get_info came back with your instance version and a healthy status. Now you’re staring at a blinking cursor wondering what exactly...

READ →

2026.02.10 gcp

Shrinking a GCP Boot Disk the Hard Way (Because There Is No Easy Way)

You can’t shrink a persistent disk in GCP. You can grow one in about 3 seconds, but shrinking? Google basically says “lol no.” So when I needed to take a...

READ →

2026.02.06 splunk

Splunk MCP Server Setup and Troubleshooting

READ →

2026.02.05 splunk

Connecting Splunk's MCP Server to Claude Code CLI: What Actually Worked (and What Didn't)

READ →

2026.02.04 splunk

Migrating Splunk to SmartStore with GCP: A Field Guide

Migrating Splunk to SmartStore with GCP: A Field Guide After spending way too long troubleshooting a SmartStore migration that “should have been working,” I figured I’d document what actually happened...

READ →

2025.07.23 splunk

Standard Deviation of Volume Ingestion for Alerting

READ →

2025.07.22 python

Boots on the Ground: End-to-End MCP Discovery with Shodan and Python

READ →

2025.07.14 ai

Why Non-Coders are Winning in the Synthetic Renaissance

READ →

2025.07.09 docker

Boosting Docker on Windows with Experimental autoMemoryReclaim

Introduction Docker Desktop on Windows has come a long way since its WSL 2 integration debut. Yet, one persistent pain point has been RAM management under heavy container workloads. In...

READ →

2025.07.09 claude

Claude Code on Windows Inside of Cursor

READ →

2025.07.09 splunk

Splunk Process Crash

READ →

2024.05.23 routing

Splunk TCP Routing to Multiple Destinations

READ →

2018.04.09 splunk

Managing Precedence in Splunk: Input Routing When Multiple Teams Share Ownership

READ →

2017.06.05 splunk

Securing Splunk End-to-End with Custom Certificates

READ →

2017.02.16 splunk

Populating Splunk Asset Lookups with TA-LDAPSearch

READ →

2016.10.24 splunk

Formatting LDAP Identity Data for Splunk Enterprise Security

READ →

2016.10.19

Tuning Assets and Identities in Enterprise Security

READ →

2016.10.03 splunk

First-Time Setup of Splunk Enterprise Security: Data Models, CIM, and Taming the Noise

READ →

2016.01.12 splunk

Gitignore for Deployment Server

READ →

2015.12.18 splunk

The First Time I Broke All the Dashboards: Lessons in Field Normalization

READ →

2015.12.01 splunk

Best Practices for Keeping inputs.conf Organized in Shared Environments

READ →

2015.11.01 splunk

Heavy Forwarders vs Indexers: Where Should Parsing Happen?

READ →

2015.10.01 splunk

Managing Source Types Across Teams Without Losing Your Sanity

READ →

2015.09.01 splunk

How to Mask Sensitive Data at Index Time (Without Breaking Your Regexes)

READ →

2015.08.04 splunk

Using nullQueue to Drop Logs at Index Time Without Touching the Source

READ →

2015.07.08 splunk

When to Use EVAL, EXTRACT, and REPORT: Field Extraction Demystified

READ →

2015.06.12 splunk

Routing Logs to Multiple Indexes with props.conf and transforms.conf

READ →

2015.03.22 splunk

Consolidating a Multisite Splunk Cluster into a Single Site

READ →

2015.03.15 splunk

Building a Proving Grounds Environment for Splunk Candidates

READ →

2014.07.15 splunk

Modular Inputs That Don’t Make a Mess

READ →