Monitoring Splunk

how log monitoring used and whether it is secure?

anjumtcs
New Member

how log monitoring used and whether it is secure?.Please reply to my question in brief

Tags (1)
0 Karma
1 Solution

acharlieh
Influencer

Log, but more generally machine data, monitoring and correlation, is used by many different businesses to accomplish a wide variety of goals. You may be interested in reviewing a number of the Splunk customer stories: http://www.splunk.com/customers

As a concept log monitoring in and of itself is neither dangerous nor safe, rather there are a number of considerations and details about your environment including (but not limited to) access controls, transport protocols, and even the nature of the data being collected itself, that may present various risk factors and that you would want to mitigate when implementing a log monitoring strategy, if such risks are not acceptable to the organization. Careful evaluation of these risks and implementation of mitigations of unacceptable risks allows for the successful deployment of data aggregation solutions in even the most secure environments (and it as a concept could even be used to mitigate other material risks to the organization)

Splunk for its part provides some of the basics in terms of tunables available with their software in the docs: http://docs.splunk.com/Documentation/Splunk/6.4.2/Security/WhatyoucansecurewithSplunk

Splunk and a number of their partners with certain sets of skills can also be contracted to provide Professional Services that can help with secure deployment in risk adverse environments.

View solution in original post

martin_mueller
SplunkTrust
SplunkTrust

It's totally safe.

acharlieh
Influencer

Log, but more generally machine data, monitoring and correlation, is used by many different businesses to accomplish a wide variety of goals. You may be interested in reviewing a number of the Splunk customer stories: http://www.splunk.com/customers

As a concept log monitoring in and of itself is neither dangerous nor safe, rather there are a number of considerations and details about your environment including (but not limited to) access controls, transport protocols, and even the nature of the data being collected itself, that may present various risk factors and that you would want to mitigate when implementing a log monitoring strategy, if such risks are not acceptable to the organization. Careful evaluation of these risks and implementation of mitigations of unacceptable risks allows for the successful deployment of data aggregation solutions in even the most secure environments (and it as a concept could even be used to mitigate other material risks to the organization)

Splunk for its part provides some of the basics in terms of tunables available with their software in the docs: http://docs.splunk.com/Documentation/Splunk/6.4.2/Security/WhatyoucansecurewithSplunk

Splunk and a number of their partners with certain sets of skills can also be contracted to provide Professional Services that can help with secure deployment in risk adverse environments.

martin_mueller
SplunkTrust
SplunkTrust

I'm afraid you'll have to be a bit more specific in your answers question.

anjumtcs
New Member

I want to know about log monitoring,its uses and whether it is safe to use log monitoring?

0 Karma
Get Updates on the Splunk Community!

3 Ways to Make OpenTelemetry Even Better

My role as an Observability Specialist at Splunk provides me with the opportunity to work with customers of ...

What's New in Splunk Cloud Platform 9.2.2406?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2406 with many ...

Enterprise Security Content Update (ESCU) | New Releases

In August, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...