Monday, November 26, 2018

Splunk

Over the last decade, due to growing number of machines in the IT infrastructure and use of IoT devides there is an exponential growth in machine data. This machine data has a lot of valuable information that can drive efficiency, productivity and visibility for the business. Splunk was founded in 2003 for one purpose: To Make Sense Of Machine Generated Log Data. Splunk  captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations. Splunk's mission is to make machine data accessible across an organization by identifying data patterns, providing metrics, diagnosing problems, and providing intelligence for business operations. Splunk is a horizontal technology used for application management, security and compliance, as well as business and Web analytics.
Splunk's core collects and analyzes high volumes of machine-generated data. It uses a standard API to connect directly to applications and devices. It was developed in response to the demand for comprehensible and actionable data reporting for executives outside a company's IT department.
Splunk Enterprise Security (ES) is a security information and event management (SIEM) solution that provides insight into machine data generated from security technologies such as network, endpoint, access, malware, vulnerability and identity information. Its a premium application that is licensed independently from Splunk core.
Splunkbase is a community hosted by Splunk where users can go to find apps and add-ons for Splunk which can improve the functionality and usefulness of Splunk, as well as provide a quick and easy interface for specific use-cases and/or vendor products. Splunk apps and add-ons can be developed by anyone, including Splunk themselves.
Real time processing is Splunk’s biggest selling point, the other benefits with implementing Splunk are:
  • Your input data can be in any format for e.g. .csv, or json or other formats
  • You can configure Splunk to give Alerts / Events notification at the onset of a machine state
  • You can accurately predict the resources needed for scaling up the infrastructure
  • You can create knowledge objects for Operational Intelligence

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.