Browse Definitions :
Definition

Splunk

Splunk Inc. is a San Francisco-based multinational company whose software platform indexes machine data, and makes it searchable so it can be turned into actionable intelligence. The Splunk platform aggregates and analyzes digital exhaust from various sources, including application program interface (API) pulls and log files from applications, servers, mobile devices and websites. Turning machine data into operational intelligence helps Splunk's customers gain an understanding of what’s happening across their IT systems and technology infrastructure in real-time in order to facilitate data-driven decision management.

Splunk’s log-management and analysis platform uses its proprietary Search Processing Language for traversing large data sets of machine data and executing contextual queries. Machine data, the fastest-growing area of big data in the enterprise, includes every user transaction, system message, suspicious activity and machine-to-machine (M2M) interaction. Often dubbed the "Google for logfiles," Splunk also bills itself as a security information and event management (SIEM) company. SIEM is essentially log management as applied to security: by unifying logfile data gathered from various systems and devices across an IT environment, users can perform high-level security analyses and assessments of the state of their systems from a single interface.

Named after spelunking, which is the exploration of caves, Splunk was founded in 2003 and became public in 2012. Key verticals that Splunk serves are communications, energy and utilities, financial services, health care, higher education, manufacturing, non-profit, online services, public sector and retail. The company continues to expand through acquisitions, such as the 2013 purchase of Bugsense, a mobile-device data-analytics company, and the 2015 buyout of cybersecurity startup Caspida. In February 2018, Splunk announced plans to acquire Phantom Cyber Corp., which provides security automation and orchestration tools.

Splunk products

Available on-premises, as a cloud service or as a hybrid solution, Splunk’s lineup includes the following:

Splunk Enterprise - monitors and analyzes machine data from any source to deliver operational intelligence to optimize IT, security and business performance. The offering includes intuitive analysis features, machine learning, packaged applications and open APIs, and can scale from focused use cases to an enterprise-wide analytics backbone.

Splunk Cloud - taps the benefits of Splunk Enterprise as a cloud service, scales to multi-terabytes per day and offers a highly secure environment.

Splunk Light - designed to speed tactical troubleshooting by gathering real-time log data from distributed applications and infrastructure in one place to enable powerful searches, dynamic dashboards and alerts and reporting for real-time analysis. Splunk Light can be upgraded in place to Splunk Enterprise.

Splunk Enterprise Security -  a SIEM offering, provides insight into machine data from security technologies such as network, endpoint, access, malware, vulnerability and identity information.

Splunk IT Service Intelligence - a network traffic monitoring and analytics solution that uses machine learning and event analytics to provide actionable insights.

Splunk User Behavior Analytics-  a machine learning-powered tool for finding unknown threats and anomalous behavior across users, endpoint devices and applications.

This was last updated in April 2018
SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

SearchStorage
  • secondary storage

    Secondary storage is persistent storage for noncritical data that doesn't need to be accessed as frequently as data in primary ...

  • optical storage

    Optical storage is any storage type in which data is written and read with a laser.

  • JBOD (just a bunch of disks)

    JBOD, which stands for 'just a bunch of disks,' is a type of multilevel configuration for disks.

Close