Splunk software provides the enterprise machine data fabric that drives digital transformation.Collect, analyze and act upon the untapped value of the big data generated by your technology infrastructure, security systems and business applications and gain insights to drive operational performance and business results.
Security Information and Event Management Software
Collect, search, and index data
Analysis, reporting, and visualization
Automatically detects strange data patterns
Custom user interfaces
Operational visibility on all environments
Adaptable to any organization
Free for certain features.
Small (<50 employees), Medium (50 to 1000 Enterprise (>1001 employees)
Splunk is the ultimate platform for digital transformation. If there's gold in log files, Splunk will help you to find it. Splunk bridges the gap between simple log management and security information and event management products from vendors such as ArcSight, RSA, Q1 Labs and Symantec. Splunk lets the user gather log data from systems and devices, and run queries on that data to find issues and debug problems. Splunk's capabilities also include reporting and alerting, pushing it ever-so-slightly into the world of SIEM. What separates out Splunk from the world of Syslog servers and SIEM tools is Splunk Apps, a library of nearly 200 addons that make Splunk smarter about particular types of log information, change its look-and-feel or add new types of analysis. There's a free version of Splunk for small and midsized deployments, so if the user’s log files don't add up to 500MB each day, Splunk can be the users for the cost of the server they run it on. Some features, such as alerting, role-based access control and distributed searching are not available in the free version. With distributed search databases, role-based access control and the ability to eat terabytes of log data each day, Splunk is aimed at the large enterprise. Splunk wants to be fed everything, including system, web, security and every other type of log or performance data the user can find. Getting data into Splunk follows the same paths as any log management solution. For Windows systems, Splunk provides their "universal forwarder," an application that will pull Windows WMI data and forward it off to a Splunk server. The Universal Forwarder can also monitor file systems for changes and forward data from remote systems back to a central Splunk installation.