Browse Definitions :
Definition

Splunk

Splunk Inc. is a San Francisco-based multinational company whose software platform indexes machine data, and makes it searchable so it can be turned into actionable intelligence. The Splunk platform aggregates and analyzes digital exhaust from various sources, including application program interface (API) pulls and log files from applications, servers, mobile devices and websites. Turning machine data into operational intelligence helps Splunk's customers gain an understanding of what’s happening across their IT systems and technology infrastructure in real-time in order to facilitate data-driven decision management.

Splunk’s log-management and analysis platform uses its proprietary Search Processing Language for traversing large data sets of machine data and executing contextual queries. Machine data, the fastest-growing area of big data in the enterprise, includes every user transaction, system message, suspicious activity and machine-to-machine (M2M) interaction. Often dubbed the "Google for logfiles," Splunk also bills itself as a security information and event management (SIEM) company. SIEM is essentially log management as applied to security: by unifying logfile data gathered from various systems and devices across an IT environment, users can perform high-level security analyses and assessments of the state of their systems from a single interface.

Named after spelunking, which is the exploration of caves, Splunk was founded in 2003 and became public in 2012. Key verticals that Splunk serves are communications, energy and utilities, financial services, health care, higher education, manufacturing, non-profit, online services, public sector and retail. The company continues to expand through acquisitions, such as the 2013 purchase of Bugsense, a mobile-device data-analytics company, and the 2015 buyout of cybersecurity startup Caspida. In February 2018, Splunk announced plans to acquire Phantom Cyber Corp., which provides security automation and orchestration tools.

Splunk products

Available on-premises, as a cloud service or as a hybrid solution, Splunk’s lineup includes the following:

Splunk Enterprise - monitors and analyzes machine data from any source to deliver operational intelligence to optimize IT, security and business performance. The offering includes intuitive analysis features, machine learning, packaged applications and open APIs, and can scale from focused use cases to an enterprise-wide analytics backbone.

Splunk Cloud - taps the benefits of Splunk Enterprise as a cloud service, scales to multi-terabytes per day and offers a highly secure environment.

Splunk Light - designed to speed tactical troubleshooting by gathering real-time log data from distributed applications and infrastructure in one place to enable powerful searches, dynamic dashboards and alerts and reporting for real-time analysis. Splunk Light can be upgraded in place to Splunk Enterprise.

Splunk Enterprise Security -  a SIEM offering, provides insight into machine data from security technologies such as network, endpoint, access, malware, vulnerability and identity information.

Splunk IT Service Intelligence - a network traffic monitoring and analytics solution that uses machine learning and event analytics to provide actionable insights.

Splunk User Behavior Analytics-  a machine learning-powered tool for finding unknown threats and anomalous behavior across users, endpoint devices and applications.

This was last updated in April 2018

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

SearchSecurity

  • certificate authority (CA)

    A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used to cryptographically...

  • hacktivism

    Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose.

  • advanced persistent threat (APT)

    An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and ...

SearchHealthIT

  • Cerner Corp.

    Cerner Corp. is a public company in North Kansas City, Mo., that provides various health information technologies, ranging from ...

  • clinical decision support system (CDSS)

    A clinical decision support system (CDSS) is an application that analyzes data to help healthcare providers make decisions and ...

  • Health IT (health information technology)

    Health IT (health information technology) is the area of IT involving the design, development, creation, use and maintenance of ...

SearchDisasterRecovery

  • tabletop exercise (TTX)

    A tabletop exercise (TTX) is a disaster preparedness activity that takes participants through the process of dealing with a ...

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a data center.

  • ransomware recovery

    Ransomware recovery is the process of resuming options following a cyberattack that demands payment in exchange for unlocking ...

SearchStorage

  • file system

    In a computer, a file system -- sometimes written filesystem -- is the way in which files are named and where they are placed ...

  • storage virtualization

    Storage virtualization is the pooling of physical storage from multiple storage devices into what appears to be a single storage ...

  • cache (computing)

    A cache -- pronounced CASH -- is hardware or software that is used to store something, usually data, temporarily in a computing ...

Close