Browse Definitions :
Definition

Splunk

Splunk Inc. is a San Francisco-based multinational company whose software platform indexes machine data, and makes it searchable so it can be turned into actionable intelligence. The Splunk platform aggregates and analyzes digital exhaust from various sources, including application program interface (API) pulls and log files from applications, servers, mobile devices and websites. Turning machine data into operational intelligence helps Splunk's customers gain an understanding of what’s happening across their IT systems and technology infrastructure in real-time in order to facilitate data-driven decision management.

Splunk’s log-management and analysis platform uses its proprietary Search Processing Language for traversing large data sets of machine data and executing contextual queries. Machine data, the fastest-growing area of big data in the enterprise, includes every user transaction, system message, suspicious activity and machine-to-machine (M2M) interaction. Often dubbed the "Google for logfiles," Splunk also bills itself as a security information and event management (SIEM) company. SIEM is essentially log management as applied to security: by unifying logfile data gathered from various systems and devices across an IT environment, users can perform high-level security analyses and assessments of the state of their systems from a single interface.

Named after spelunking, which is the exploration of caves, Splunk was founded in 2003 and became public in 2012. Key verticals that Splunk serves are communications, energy and utilities, financial services, health care, higher education, manufacturing, non-profit, online services, public sector and retail. The company continues to expand through acquisitions, such as the 2013 purchase of Bugsense, a mobile-device data-analytics company, and the 2015 buyout of cybersecurity startup Caspida. In February 2018, Splunk announced plans to acquire Phantom Cyber Corp., which provides security automation and orchestration tools.

Splunk products

Available on-premises, as a cloud service or as a hybrid solution, Splunk’s lineup includes the following:

Splunk Enterprise - monitors and analyzes machine data from any source to deliver operational intelligence to optimize IT, security and business performance. The offering includes intuitive analysis features, machine learning, packaged applications and open APIs, and can scale from focused use cases to an enterprise-wide analytics backbone.

Splunk Cloud - taps the benefits of Splunk Enterprise as a cloud service, scales to multi-terabytes per day and offers a highly secure environment.

Splunk Light - designed to speed tactical troubleshooting by gathering real-time log data from distributed applications and infrastructure in one place to enable powerful searches, dynamic dashboards and alerts and reporting for real-time analysis. Splunk Light can be upgraded in place to Splunk Enterprise.

Splunk Enterprise Security -  a SIEM offering, provides insight into machine data from security technologies such as network, endpoint, access, malware, vulnerability and identity information.

Splunk IT Service Intelligence - a network traffic monitoring and analytics solution that uses machine learning and event analytics to provide actionable insights.

Splunk User Behavior Analytics-  a machine learning-powered tool for finding unknown threats and anomalous behavior across users, endpoint devices and applications.

This was last updated in April 2018

SearchCompliance

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

  • enterprise document management (EDM)

    Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity

  • cyber espionage

    Cyber espionage, also called cyber spying, is a form of cyber attack that is carried out against a competitive company or ...

  • virus (computer virus)

    A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and ...

  • honeypot (computing)

    A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts ...

SearchHealthIT

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

  • dropout

    Dropout refers to data, or noise, that's intentionally dropped from a neural network to improve processing and time to results.

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud testing

    Cloud testing is the process of using the cloud computing resources of a third-party service provider to test software ...

Close