|By Bob Gourley||
|June 30, 2012 07:00 AM EDT||
The greatest source of potential use cases for technology is the user community. This is a great reason to attend events where customers are at the center of focus. This was what last month’s Splunk Live DC was like. Splunk is a very user-focused capability and when you create a venue where users can exchange info it can be a particularly virtuous event.
The following are use cases from three Splunk customers. Splunk, as you probably know, derives knowledge and actionable information by indexing and searching machine data. Users at Splunk Live explained why they were so happy with the software by presenting three use cases. The users presenting there included Cisco, the U.S. Food and Drug Administration, and Defense. These use cases all point to the use of Splunk to handle their machine data effectively and efficiently. Here is more:
- Jeff Bollinger is an infosec investigator on the Cisco Computer Security Incident Response Team (CSIRT), which provides enterprise-wide security monitoring and incident response. With Splunk, CSIRT can look everywhere for anomalies by collecting all event data. Without Splunk, such a holistic approach would be overwhelming for a network as large as Cisco’s. Using Splunk, CSIRT was able to counter the OSX Flashback virus and separate IT operations issues from security issues. Bollinger added that he was able to do all of this without being a programming expert, as Splunk is intuitive to use and its scripting language easy to navigate. By gathering all the machine data and indexing it with time stamps, Splunk could provide historical data to discover who was infected once signs of an attack are discovered. Splunk’s indexing also helps with monitoring, metrics, and threat reporting.
- The FDA got the most use out of Splunk through the Microsoft Exchange app, an example of the useful applications and add-ons that extend Splunk and make it easier to use. Microsoft Exchange handles mail, contacts, calendaring, and tasks, but the FDA did not have a way to monitor it to support security measures. With Splunk, the FDA could track inbound and outgoing messages, respond to requests in a timely manner, and enforce policy.
- Jake Groth, the VP of Security Engineering and Architecture at Defense Point Security, talked about using Splunk to deliver Big Data and enterprise logging as a service. It does so by supporting component and enterprise visibility, role based access controls, a good user experience, scalability, predictable capacity planning, and reliability. That Splunk supports to many different use cases also helps provide a range of offerings for different communities.
For more on Splunk see our CTOlabs Write Up.
- A note from Splunk’s CEO at Splunk Live (ctovision.com)
- Update on Splunk Live DC: 15 May 2012 (ctovision.com)
- Splunk for the IT Manager (ctovision.com)
- Can You Predict Which Blogs Someone Will Like? (blogs.splunk.com)
- MLB Advanced Media Goes Deep With Splunk (ctolabs.com)
Aug. 29, 2016 08:00 AM EDT Reads: 916
Aug. 29, 2016 07:30 AM EDT Reads: 801
Aug. 29, 2016 02:15 AM EDT Reads: 1,828
Aug. 29, 2016 01:45 AM EDT Reads: 2,191
Aug. 29, 2016 01:15 AM EDT Reads: 3,021
Aug. 29, 2016 12:00 AM EDT Reads: 1,908
Aug. 28, 2016 10:30 PM EDT Reads: 4,070
Aug. 28, 2016 06:30 PM EDT Reads: 1,644
Aug. 28, 2016 06:00 PM EDT Reads: 1,957
Aug. 28, 2016 01:45 PM EDT Reads: 3,707
Aug. 28, 2016 01:00 PM EDT Reads: 2,460
Aug. 28, 2016 11:30 AM EDT Reads: 2,001
Aug. 28, 2016 11:00 AM EDT Reads: 3,169
Aug. 28, 2016 11:00 AM EDT Reads: 754
Aug. 27, 2016 08:45 PM EDT Reads: 2,423
Aug. 27, 2016 12:45 PM EDT Reads: 2,397
Aug. 27, 2016 02:30 AM EDT Reads: 2,081
Aug. 25, 2016 05:15 PM EDT Reads: 911
Aug. 25, 2016 01:00 PM EDT Reads: 2,724
Aug. 25, 2016 08:45 AM EDT Reads: 2,240