Solved: how log monitoring used and whether it is secure?

anjumtcs · ‎08-26-2016

how log monitoring used and whether it is secure?.Please reply to my question in brief

acharlieh · ‎08-26-2016

Log, but more generally machine data, monitoring and correlation, is used by many different businesses to accomplish a wide variety of goals. You may be interested in reviewing a number of the Splunk customer stories: http://www.splunk.com/customers

As a concept log monitoring in and of itself is neither dangerous nor safe, rather there are a number of considerations and details about your environment including (but not limited to) access controls, transport protocols, and even the nature of the data being collected itself, that may present various risk factors and that you would want to mitigate when implementing a log monitoring strategy, if such risks are not acceptable to the organization. Careful evaluation of these risks and implementation of mitigations of unacceptable risks allows for the successful deployment of data aggregation solutions in even the most secure environments (and it as a concept could even be used to mitigate other material risks to the organization)

Splunk for its part provides some of the basics in terms of tunables available with their software in the docs: http://docs.splunk.com/Documentation/Splunk/6.4.2/Security/WhatyoucansecurewithSplunk

Splunk and a number of their partners with certain sets of skills can also be contracted to provide Professional Services that can help with secure deployment in risk adverse environments.

View solution in original post

martin_mueller · ‎08-26-2016

It's totally safe.

acharlieh · ‎08-26-2016

Log, but more generally machine data, monitoring and correlation, is used by many different businesses to accomplish a wide variety of goals. You may be interested in reviewing a number of the Splunk customer stories: http://www.splunk.com/customers

As a concept log monitoring in and of itself is neither dangerous nor safe, rather there are a number of considerations and details about your environment including (but not limited to) access controls, transport protocols, and even the nature of the data being collected itself, that may present various risk factors and that you would want to mitigate when implementing a log monitoring strategy, if such risks are not acceptable to the organization. Careful evaluation of these risks and implementation of mitigations of unacceptable risks allows for the successful deployment of data aggregation solutions in even the most secure environments (and it as a concept could even be used to mitigate other material risks to the organization)

Splunk for its part provides some of the basics in terms of tunables available with their software in the docs: http://docs.splunk.com/Documentation/Splunk/6.4.2/Security/WhatyoucansecurewithSplunk

Splunk and a number of their partners with certain sets of skills can also be contracted to provide Professional Services that can help with secure deployment in risk adverse environments.

martin_mueller · ‎08-26-2016

I'm afraid you'll have to be a bit more specific in your answers question.

anjumtcs · ‎08-26-2016

I want to know about log monitoring,its uses and whether it is safe to use log monitoring?

how log monitoring used and whether it is secure?

Don't wait! Accept the Mission Possible: Splunk Adoption Challenge Now and Win ...

Unify Your SecOps with Splunk Mission Control

Data Preparation Made Easy: SPL2 for Edge Processor