Browse Definitions :
Definition

Splunk

Splunk Inc. is a San Francisco-based multinational company whose software platform indexes machine data, and makes it searchable so it can be turned into actionable intelligence. The Splunk platform aggregates and analyzes digital exhaust from various sources, including application program interface (API) pulls and log files from applications, servers, mobile devices and websites. Turning machine data into operational intelligence helps Splunk's customers gain an understanding of what’s happening across their IT systems and technology infrastructure in real-time in order to facilitate data-driven decision management.

Splunk’s log-management and analysis platform uses its proprietary Search Processing Language for traversing large data sets of machine data and executing contextual queries. Machine data, the fastest-growing area of big data in the enterprise, includes every user transaction, system message, suspicious activity and machine-to-machine (M2M) interaction. Often dubbed the "Google for logfiles," Splunk also bills itself as a security information and event management (SIEM) company. SIEM is essentially log management as applied to security: by unifying logfile data gathered from various systems and devices across an IT environment, users can perform high-level security analyses and assessments of the state of their systems from a single interface.

Named after spelunking, which is the exploration of caves, Splunk was founded in 2003 and became public in 2012. Key verticals that Splunk serves are communications, energy and utilities, financial services, health care, higher education, manufacturing, non-profit, online services, public sector and retail. The company continues to expand through acquisitions, such as the 2013 purchase of Bugsense, a mobile-device data-analytics company, and the 2015 buyout of cybersecurity startup Caspida. In February 2018, Splunk announced plans to acquire Phantom Cyber Corp., which provides security automation and orchestration tools.

Splunk products

Available on-premises, as a cloud service or as a hybrid solution, Splunk’s lineup includes the following:

Splunk Enterprise - monitors and analyzes machine data from any source to deliver operational intelligence to optimize IT, security and business performance. The offering includes intuitive analysis features, machine learning, packaged applications and open APIs, and can scale from focused use cases to an enterprise-wide analytics backbone.

Splunk Cloud - taps the benefits of Splunk Enterprise as a cloud service, scales to multi-terabytes per day and offers a highly secure environment.

Splunk Light - designed to speed tactical troubleshooting by gathering real-time log data from distributed applications and infrastructure in one place to enable powerful searches, dynamic dashboards and alerts and reporting for real-time analysis. Splunk Light can be upgraded in place to Splunk Enterprise.

Splunk Enterprise Security -  a SIEM offering, provides insight into machine data from security technologies such as network, endpoint, access, malware, vulnerability and identity information.

Splunk IT Service Intelligence - a network traffic monitoring and analytics solution that uses machine learning and event analytics to provide actionable insights.

Splunk User Behavior Analytics-  a machine learning-powered tool for finding unknown threats and anomalous behavior across users, endpoint devices and applications.

This was last updated in April 2018

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • Web application firewall (WAF)

    A web application firewall (WAF) is a firewall that monitors, filters and blocks data packets as they travel to and from a ...

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

  • application whitelisting

    Application whitelisting is the practice of specifying an index of approved software applications or executable files that are ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

  • DRAM (dynamic random access memory)

    Dynamic random access memory (DRAM) is a type of semiconductor memory that is typically used for the data or program code needed ...

  • RAID 10 (RAID 1+0)

    RAID 10, also known as RAID 1+0, is a RAID configuration that combines disk mirroring and disk striping to protect data.

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

Close