Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Help! I need to know if Splunk is capable of the following;

Charles_S
New Member
‎10-16-2015 08:08 AM

• Need to be able to view the health of the servers and applications running across all three datacentres in a single dashboard.
• Graphic representation and summary of collected data.
• Runs “on premises”
• Capacity monitoring
• Integration to other products to collate data… Apache logs, Nagios, Jenkins, etc.
• Can extend to cover servers in other cloud providers… AWS, Azure, etc
• Alert notification
• Capacity analysis
• “fault” tracking.
• LDAP integration
• API integration, show we want to automate monitoring of new servers from the shop.

Nice to have…
• Able to present a “restricted” view to projects of the data for just there dedicated server

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎10-16-2015 11:26 AM

Yes, Splunk is capable of all that. The caveat is Splunk's capabilities are limited by the data given to it. For example, fault tracking is only possible if the faults are reported to Splunk, which means the right log files have to be monitored. You may need to modify your firewall to allow data to flow to Splunk from the various sources. There will be some effort required on your part - you may need to install Universal Forwarders on your servers to get data into Splunk; dashboards will have to be created; and so on.

You can post separate, more specific questions on this site if you need help getting going.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

For Splunk Cloud customers, understanding and optimizing Splunk Virtual Compute (SVC) usage and resource ...

Automatic Discovery Part 3: Practical Use Cases

If you’ve enabled Automatic Discovery in your install of the Splunk Distribution of the OpenTelemetry ...