What is Splunk?
Splunk stores machine data and allows you to generate graphs, reports, alerts, dashboards, and visualizations. OIS uses Splunk to map data to common Models which are then used to detect and prevent security incidents.
Splunk helps you gain real-time security monitoring, historical analysis and visualization of massive data sets with the ability to perform comprehensive incident investigations, maintain a proactive defense and support the creation of ad hoc reports in minutes.
How does Splunk help me?
Free security logging
It’s completely free to send your security logs to Splunk. This includes all data classifications, not just Level 3 and Level 4 data. Also, data is not limited to servers–workstations and other systems are supported as well.
Enhanced threat protection
OIS is more likely to find security threats or incidents if we have your log data–and it frees up your weekends from remediating compromised hosts!
You have complete access to your logs within Splunk.