cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
JimSchlaker
New Member
Member since: ‎05-26-2017
‎06-05-2020
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎05-26-2017
View All

Re: How to optimize Splunk for PCI Compliance?

by in Monitoring Splunk
‎09-06-2017 10:40 AM
‎09-06-2017 10:40 AM
Thanks for the link to the PCI Compliance app. The app appears to be worthwhile in this scenario: "Now that we have logged everything in Splunk, use the app determine overall compliance and gaps". But we're not interested in logging everything to Splunk. Instead we're curious to hear best practices regarding what is valuable to log in Splunk (i.e. Splunk is the best place for it because Splunk adds value in meeting PCI DSS audit/storage requirements) versus what is not valuable in Splunk (i.e., don't waste your ingestion license because Splunk adds no value in helping to meet PCI DSS audit/storage requirements). Any thoughts on this topic are greatly appreciated. ... View more

How to optimize Splunk for PCI Compliance?

by in Monitoring Splunk
‎09-06-2017 06:37 AM
‎09-06-2017 06:37 AM
Has anyone developed guidelines for what should be (and should not be) logged in Splunk for PCI Compliance audits? Referring specifically to the storage and data management requirements as described in the Information Security Forum (ISF) Standard of Good Practice (SoGP), the Payment Card Industry Data Security Standard (PCI DSS), ISO 27001, and US National Institute for Standards and Technology (NIST) Cybersecurity Framework. We don't want to "log everything" so I'm curious if there are best practices regarding what to log - e.g., log data related to ABC requirements because Splunk processing is needed, but data related to XYZ requirements can be logged elsewhere because Splunk processing is not needed. Any help and guidance is greatly appreciated. ... View more

How to determine if logs are not being used?

by in Splunk Search
‎05-26-2017 08:25 AM
‎05-26-2017 08:25 AM
Is there a way to determine which logs are not being used anymore, and therefore can be deleted? For example, maybe a team started logging something a year ago, but the team no longer uses that log for any reports/dashboards/etc... Is there a way to find these unused logs? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM