(no title)

Have you inherited a giant Splunk cluster operating on hundreds of TBs of data, and you're not sure what's in it, or how to leverage what's in it for Business and Operational Intelligence?

Do you have more than one Splunk instance, in cloud, on-prem, a hodge-podge of Elastic, Prometheus, Grafana, and you need to combine their operations across network enclaves?

Do you have logs from devices running not-an-OS? Does rsyslog configuration fill you with dread? It does for me too, but I've written lots of them and integrated them with Splunk.

Do you have data for which you need to enforce compliance, but you're not sure how?

Do you need to build a Splunk cluster from scratch? In a week? Do you have a derelict cluster that needs optimizing, cleanup, a multi-version upgrade?

I'm a Splunk Certified Architect who have worked with Splunk since 2008. I manage multiple clusters of +10TB/day by volume. How can I help?

Résumé/CV: https://drive.google.com/file/d/1CjaIKN8WAPcpWOFqB3RR2MZmhH4...

Email: in my CV and HN profile