Splunk

Splunk is ‘the’ IT search solution, allowing network admins to aggregate, search, alert and report on all data from the network, including log files, config files and more.

• Log search
• Custom search strings
• Event correlation
• Reporting and alerting
• Archiving
• Snap-in bundles and applications

Go to Splunk’s website.

.

RECENT NEWS:

2/14/12 – Splunk launched Splunk App for Enterprise Security 2.0, which is used to monitor, identify, investigate and respond to critical known and unknown security threats. Read the press release. Learn more (link to video, datasheet, white paper, etc.)

1/12/12 – Splunk 4.3 is available now. New features include:

• Mobile: New non-Flash UI delivers the power of Splunk anywhere
• Easier to use: Dashboards that business users can define and edit on the fly
• More powerful: Up to 10x more concurrent users and 10x faster search
• Easier to manage: Data Preview and support for more complex security policies

Download the new version now and get going in under 5 minutes.

8/8/11 – Splunk has been granted a U.S. patent for organizing and understanding machine data through the use of a “machine data web.” Read the full press release.

5/2/11 – Splunk was featured in the Fortune section of CNNMoney.com: Is Splunk, heading towards IPO, really the next Oracle? Read the full article.

4/8/11 – Splunk 4.2 has been released. This release features new real-time alerting, user productivity and enterprise management functionality, as well as performance improvements.

• Real-time alerting. Immediate notification and response for events, patterns, incidents and attacks as they occur. Set up real-time alerts on individual and correlated events, keywords, values, patterns and statistical outliers. Take immediate action when an incident or attack occurs to send automated emails, run scripts, or post to an RSS feed.
• Universal Forwarder. New dedicated forwarder delivers secure, distributed, real-time data collection from thousands of endpoints. Uses significantly less system resources while offering more resiliency than previous Splunk forwarders.
• Easier and faster. New ways to visualize data, quick start guides for new users and integrated workflows for common tasks. Search experience is up to 5X faster for single-server deployments and up to 10X faster for distributed deployments.
• Easier management of Splunk. New centralized deployment monitoring and license management enables the management of multiple Splunk instances from a single location.

3/7/11- Splunk recently announced two “add-ons” that complement the F5 and Palo Alto.

Download data sheets:
Splunk for F5
Splunk for Palo Alto Networks