Help Desk: (814)865-HELP security@psu.edu

Splunk

What is Splunk?

Splunk stores machine data and allows you to generate graphs, reports, alerts, dashboards, and visualizations. OIS uses Splunk to map data to common Models which are then used to detect and prevent security incidents.

Why Splunk?

Splunk helps you gain real-time security monitoring, historical analysis and visualization of massive data sets with the ability to perform comprehensive incident investigations, maintain a proactive defense and support the creation of ad hoc reports in minutes.

How does Splunk help me?

U

Free security logging

It’s completely free to send your security logs to Splunk. This includes all data classifications, not just Level 3 and Level 4 data. Also, data is not limited to servers–workstations and other systems are supported as well.

Z

AD53-compliant retention

OIS retains your security logs in accordance with the University Policy AD53 Retention Schedule.

Enhanced threat protection

OIS is more likely to find security threats or incidents if we have your log data–and it frees up your weekends from remediating compromised hosts!

m

Easy Access

You have complete access to your logs within Splunk.

Get Started Now