Integrated Log Management (Splunk)
Splunk is a software that indexes data from any application, server, or network device.
With Splunk, you can freely search and analyze a vast number of events across all IT infrastructure in real time. This allows for instantaneous application failure response and investigation of security incidents. Monitoring and alerting functions also help avoid service degradation and outages, and enable compliance at a lower cost.
System Configuration and Service Configuration
Uses and Applicable Businesses
Splunk is used to manage IT infrastructure operations, ensure security, maintain compliance, and obtain the information necessary to make business decisions (business intelligence). However, it is not limited to these, but can be widely applied to search and analysis of data generated by IT systems. Splunk is applicable to a wide range of operations, a variety of industries such as government, insurance, aerospace, energy, and financial services have already implemented Splunk.
Ideal for customers with the following requirements and issues
- Operations Management
- Various logs output by the IT infrastructure can be searched centrally and promptly and hence problems can be found and solved quickly.
- A large amount of security data, such as authentication logs, access logs, and operation logs, can be stored centrally and searched in correlation with each other, thus speeding up response to incidents.
- Continuous log monitoring and flexible reporting functions greatly streamline daily auditing tasks. It can also detect changes in IT systems and search the history of such changes, thus meeting the change management requirements of PCI DSS.
- Business Intelligence
- Search, alert, and reporting functions turn IT data into valuable information. The enhanced data aggregation functions make it easy to calculate and monitor various performance indicators.
- The ability to search disparate logs in an integrated manner and to correlate them with each other is a particular strength when combining information scattered across various logs for analysis. For example, analyzing the cause of failure of a complex system consisting of various components, or investigating intrusion routes when a security incident occurs.
- Splunk is rich in reporting functions, making it easy to aggregate data and create presentable graphs.
- All logs can be searched through an interface similar to the web search engines that users are familiar with, making it user-friendly and easy to learn.
- The customer can start small and gradually expand the scale of application, thereby reducing the customer's initial investment. A free version of Splunk is available and can be freely downloaded from the Splunk website. The free version has almost the same functionality as the commercial version, except that some functions such as user management are limited. The free version can be tried on a part of customer system first and then gradually expanded to cover a broader range of applications. By simply entering the license key, the free version can be seamlessly upgraded to the paid version.
- Splunk Website