1.) Hundreds of Sessions and 11,000 People Later...

Witnessing so many people in the same place at the same time, whether it’s enthusiasts of security, data, or Splunk, is an exciting and dynamic experience.

For me, Splunk .conf was far different than last year; in fact, I would say the only similarity was not knowing what to expect. It was nice running into a lot of the same people, but it was also refreshing to see new faces–11,000 attendees is a lot.

One of my highlights was getting the chance to meet the CEO of Splunk, Doug Merritt, and he was surprisingly humble. Not only did he stop and say “hello,” but he held a conversation and took pictures. Did I mention he said he “loves Hurricane Labs”?

Hurricane Labs' Splunk Implementation Engineer, Mark Mague, and Splunk CEO, Doug Merritt, at .conf!

2.) Boss of the NOC and ITSI

The Hurricane Labs team participated in Boss of the NOC again this year. Even though we didn’t quite have the same victorious result as last year, we still walked away enjoying the experience and found it to be valuable–and third place still isn’t too shabby!

Our team enjoyed the fact that the organizers made it more difficult this time, as well as how they incorporated Splunk IT Service Intelligence (ITSI). Gaining more hands-on experience with ITSI during the competition is going to be super helpful in my support/implementation role with customers, especially now that Hurricane Labs is offeringSplunk ITSI management services.

3.) Tom’s Talk Was a Hit

There were so many great sessions offered this year. I must say, the most useful session that I attended was Administrators Anonymous: Splunk Best Practices and Useful Tricks I Learned the Hard Way by Tom Kopchak, Hurricane Labs’ Director of Security Services. This also isn’t just coming from me because I work at Hurricane; there was even another attendee who made the comment at the end of the talk that “this talk is the reason he comes to .conf.”

During the talk, Tom covered use cases he has experienced in his career and tips/tricks for everyone, from beginners to the more advanced users/admins. People who are currently struggling with real-world Splunk challenges were able to ask great questions as well. Some of the questions will even help me with situations I’m currently facing that I can bring back to our customers.

Tom probably telling one of his infamous jokes during his talk.

4.) New Feature Announcements

One of the solutions announced at .conf this year was the new Mission Control product. I wrote another blog post highlighting Mission Control, so you should definitely check that out too.

Overall, I appreciated gaining insight into some of the innovative strategies coming down the line, and I’m excited to see more new features rolling out and how Hurricane and our customers can implement them.

Can’t Wait for Splunk .conf 2020!

I’ve only been to two .confs, but I must say this year was even better than the last. The people, the food, the sessions–everything was awesome. I learned a lot this year, especially more about the product as a whole, and am looking forward to what’s next.

The next conference is 12 months away and I can’t wait. Splunk .conf20 here I come!