Splunk Series: Overview of Splunk

Leave a Comment / Security / By

What is Splunk

Splunk is many things to different groups in an organization, but mostly is an engine that looks you to visualize data in a way that could be understood by the business, what are few of the things that Splunk can help with:

  • Application Management
  • Operations Management
  • Security and Compliance

UntitledImage

Splunk allows you to aggregate, analyze and get answers from your machine data

What Data can Splunk work with?

There are multiple sources of data that can be fed into any Splunk installation, few examples are:

  • Computers
  • Network Devices
  • Virtual Machines
  • Logs
  • Configurations
  • Scripts

The list can go on and on.

How does Splunk work?

There are 3 functions that encompass a Splunk installation or deployment

  • Splunk Search Head
  • Splunk Indexer
  • Splunk Forwarders

UntitledImage

Where can you deploy Splunk?
Splunk can be hosted on-prem in the Cloud – there are different solutions from Splunk that help cover multiple deployments from location to the size of the business

The Splunk Apps

The Splunk apps are the core of the functionality, these apps are designed to extend the functionality and power of Splunk.there are may applications and plugins for data that can be installed into your Splunk deployment. So far what I have seen is that there is an app for multiple things you can think of. All these integrations can be found at splunkbase.com
UntitledImage

What to look forward to?

That was a very high-level overview of what Splunk can do for you. I will keep going forward with listing all the information needed for me to completely understand all the concepts and nail the certifications exams for Splunk

About the Author:

Andres Sarmiento, CCIE # 53520 (Collaboration)
With more than 15 years of experience, Andres is specialized in Unified Communications and Collaboration technologies. Consulted for several companies in South Florida, also Financial Institutions on behalf of Cisco Systems. Andres has been involved in high-profile implementations including Cisco technologies; such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security and Hosted IPT Service provider infrastructures.

You can follow Andres using Twitter, LinkedIn or Facebook

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top