Monitoring Splunk

how log monitoring used and whether it is secure?

anjumtcs
New Member

how log monitoring used and whether it is secure?.Please reply to my question in brief

Tags (1)
0 Karma
1 Solution

acharlieh
Influencer

Log, but more generally machine data, monitoring and correlation, is used by many different businesses to accomplish a wide variety of goals. You may be interested in reviewing a number of the Splunk customer stories: http://www.splunk.com/customers

As a concept log monitoring in and of itself is neither dangerous nor safe, rather there are a number of considerations and details about your environment including (but not limited to) access controls, transport protocols, and even the nature of the data being collected itself, that may present various risk factors and that you would want to mitigate when implementing a log monitoring strategy, if such risks are not acceptable to the organization. Careful evaluation of these risks and implementation of mitigations of unacceptable risks allows for the successful deployment of data aggregation solutions in even the most secure environments (and it as a concept could even be used to mitigate other material risks to the organization)

Splunk for its part provides some of the basics in terms of tunables available with their software in the docs: http://docs.splunk.com/Documentation/Splunk/6.4.2/Security/WhatyoucansecurewithSplunk

Splunk and a number of their partners with certain sets of skills can also be contracted to provide Professional Services that can help with secure deployment in risk adverse environments.

View solution in original post

martin_mueller
SplunkTrust
SplunkTrust

It's totally safe.

acharlieh
Influencer

Log, but more generally machine data, monitoring and correlation, is used by many different businesses to accomplish a wide variety of goals. You may be interested in reviewing a number of the Splunk customer stories: http://www.splunk.com/customers

As a concept log monitoring in and of itself is neither dangerous nor safe, rather there are a number of considerations and details about your environment including (but not limited to) access controls, transport protocols, and even the nature of the data being collected itself, that may present various risk factors and that you would want to mitigate when implementing a log monitoring strategy, if such risks are not acceptable to the organization. Careful evaluation of these risks and implementation of mitigations of unacceptable risks allows for the successful deployment of data aggregation solutions in even the most secure environments (and it as a concept could even be used to mitigate other material risks to the organization)

Splunk for its part provides some of the basics in terms of tunables available with their software in the docs: http://docs.splunk.com/Documentation/Splunk/6.4.2/Security/WhatyoucansecurewithSplunk

Splunk and a number of their partners with certain sets of skills can also be contracted to provide Professional Services that can help with secure deployment in risk adverse environments.

martin_mueller
SplunkTrust
SplunkTrust

I'm afraid you'll have to be a bit more specific in your answers question.

anjumtcs
New Member

I want to know about log monitoring,its uses and whether it is safe to use log monitoring?

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...