SlideShare a Scribd company logo

Splunk for compliance

G
Greg Hanchin

Splunk for compliance

Technology
1 of 2
Download to read offline
S O L U T I O N S G U I D E Meet Compliance Requirements by Monitoring, Alerting and Reporting on Machine Data Splunk for Compliance listen to your data Cost effective, Sustainable Compliance Splunk Enterprise is a massively scalable data engine for machine-generated data. It collects, indexes and harnesses machine data across your infrastructure in real time. Splunk offers a cost effective and flexible way to meet your compliance requirements from audit trail collection and reporting, to file integrity monitoring with a single solution. Meet requirements to collect, retain, search, alert and report on logs and machine data throughout your IT infrastructure. Generate any report in seconds and automate reporting to compliance analysts and auditors with scheduled searches and reports. • E-Discovery - Search every data source required for E-Discovery from one place. Get instantaneous results across large data sets. • FISMA - Securely collect, index and store all your log and Machine Data along with audit trails to meet NIST requirements. • HIPAA - Search all your machine data to instantly assess reports of EPHI leakage and meet HIPAA’s explicit log requirements. • PCI - Rapid compliance with explicit PCI requirements for log retention/review and change monitoring, comprehensive reporting on all PCI controls such as passwords and firewall policy. • SOX - Splunk makes the ambiguous chore of compliance- mandated routine log review easy and straightforward. Demonstrate “due-care” and increase operational efficiency by eliminating compliance friction. The Compliance Challenge Reporting on firewall, access control and application logs and machine data to demonstrate compliance controls is difficult and costly. Each of these systems generate logs in different formats and locations. Each auditor request involves a different, manual procedure. But the requirement to limit access to production systems has an even bigger impact. System administrators and developers are denied access to production systems to analyze logs and configurations, limiting their ability to respond to operations and security incidents. Enter Splunk Bring powerful indexing, search, alerting and reporting to the challenges of change management. With Splunk you can search, alert and report on machine data from virtually any source. Meet compliance requirements from audit trail collection and reporting, to file integrity monitoring with a single solution. Generate any compliance report in seconds. And you’ll overcome the operational impact of demands to restrict production system access by giving developers and application support secure, read-only access to the machine data they need without touching production systems. Secure data retention Splunk provides a highly efficient and secure solution for capturing and retaining your machine data for extended periods. Securely capture all your data in real-time including syslog and even complex application logs. Integrity is ensured via hardened deployments and comprehensive auditing and security. Archive or retire data based on age or storage limits. Controlled data access Splunk helps eliminate the compliance barriers that get in the way of operations. Provide developers and application administrators with real-time access to the logs, configurations and status commands they need in order to analyze and resolve production problems. Role based access controls let you adhere to strict compliance with production server access restrictions. Compliance reporting Meet explicit requirements to monitor, review and retain logs, configurations and other machine data. Demonstrate compliance quickly and easily across other types of controls. Report on firewall activity to show that firewall policy is in place and functioning correctly. Report on access control events to show that account deactivation procedures are being followed. Generate ad hoc reports to answer auditor questions in seconds and automate reports with scheduled searches. Security monitoring Splunk lets you meet requirements to automate monitoring of security events. Index audit trails across firewalls, applications, access control, IDS and other components, then simply save, schedule and set alerting rules for a search. Alerts can send notifications via email, RSS, SMS or trigger scripts for easy integration with your existing monitoring consoles. As new mandates create new monitoring requirements, simply add new data sources and searches.
www.splunk.com 250 Brannan St, San Francisco, CA, 94107 info@splunk.com | sales@splunk.com 866-438-7758 | 415-848-8400 www.splunkbase.com S O L U T I O N S G U I D E listen to your data Copyright © 2012 Splunk Inc. All rights reserved. Splunk Enterprise is protected by U.S. and international copyright and intellectual property laws. Splunk is a registered trademark or trademark of Splunk Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item # SG-Splunk-Complience-101 Compliance investigations Minimize the distraction of compliance investigations and discovery requests. Stop using a different tool for each of your systems—web proxies, email servers, and more. Splunk’s fast and simple search across your data will get you the information in seconds. Audit trail review Splunk makes the ambiguous chore of compliance-mandated routine log review easy and straightforward. Search Splunk daily for activity from the previous day on in-scope servers. Use Splunk’s time histogram and filters to understand patterns. Classify and tag innocuous events as “ok”. Search for events not tagged “ok” the next day so that you’re only looking at new or suspicious events each day. Best of all, Splunk tracks your review history for auditors. Splunk for Compliance Applications E-Discovery Escalating law enforcement requests to investigate suspected criminal activity online are distracting IT at education institutions and large enterprises that provide Internet access. Servicing requests is a distracting and time consuming and the inability to respond effectively opens organizations to legal risk. “When the FBI is asking for intelligence under a tight timeline, you need to be able to search your IT data and generate any material findings quickly.” Anonymous Splunk makes E-Discovery fast and easy. You can search every data source required for E-Discovery from one place. Instantaneous results across large data sets slash the time to respond to requests. Set-up simple searches for HR personnel to lift the burden from IT staff. Data signing and audit trails demonstrate the integrity of your results. FISMA FISMA and NIST standards require Federal Government Agencies have the ability to effectively respond to incidents by analyzing massive amounts of data from large network and IT infrastructures..Splunk scales to provide visibility into the security technologies in large network infrastructures. Powerful search and reporting of results and flexible ways to organize and tag systems with inventory information and enable the creation of status views for different security controls or locations. “Federal agencies should implement Splunk because it’s can bring all the security information together, correlate and bring a coherent picture of your security posture.” Bill Hornish Federal Business Development, Splunk S O L U T I O N S G U I D E HIPAA HIPAA and EPHI security and privacy rules include explicit requirements for audit trail collection, review, automated monitoring and incident investigation. But providers and insurance carriers lack the ability to rapidly search machine data in support of incident investigation requirements. Slow, manual investigation process raises level of exposure and risk of violations. Splunk closes HIPAA compliance gaps. Search your machine data to instantly assess reports of EPHI leakage and meet HIPAA’s explicit log collection and monitoring requirements. “Splunk is the CHW standard for event logging for HIPAA. It’s a critical tool for monitoring access to information to our business, and patient privacy.” Steve Hight Director Strategic Technology, CHW PCI DSS Credit card merchants find collecting and retaining audit trails for at least one year is the most daunting PCI compliance requirement. It’s difficult to access, analyze and manage all the data from card processing systems. Existing PCI solutions are expensive, clumsy and difficult to maintain. The Splunk App is a pre-packed application that provides rapid compliance with PCI requirements for audit trail collection, retention and review. “Failure to comply with PCI equates to failure for our business. Splunk enables us to demonstrate compliance across all PCI DSS requirements.” Peter Bassill CISSP, Gala Coral Croup SOX Sarbanes-Oxley IT compliance has driven public companies and their vendors to adopt stringent IT controls based on ITIL, COBiT, COSO, ISO 17799, BS-7799 and other best-practice frameworks for IT operations and security. Demonstrating these controls has become a huge burden for IT operations, Splunk provides comprehensive visibility for SOX IT controls. Search the data generated by SOX control tools and technologies from one place. Instantaneous retrieve the information requested by IT auditors. “Splunk automated our evidence gathering for SOX compliance, saving engineering from working on compliance related tasks”. David Jones IT Ops Manager., Alexza Pharmaceutical Free Download Download Splunk for free. You’ll get a Splunk Enterprise license for 60 days and you can index up to 500 megabytes of data per day. After 60 days, or anytime before then, you can convert to a perpetual Free license or purchase an Enterprise license by contacting sales@splunk.com.

Recommended

Operational Security
Operational SecurityOperational Security
Operational SecuritySplunk
 
Splunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of ThingsSplunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of ThingsSplunk
 
Enterprise Security and User Behavior Analytics
Enterprise Security and User Behavior AnalyticsEnterprise Security and User Behavior Analytics
Enterprise Security and User Behavior AnalyticsSplunk
 
Best Practices For Sharing Data Across The Enteprrise
Best Practices For Sharing Data Across The EnteprriseBest Practices For Sharing Data Across The Enteprrise
Best Practices For Sharing Data Across The EnteprriseSplunk
 
Splunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für SecuritySplunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für SecuritySplunk
 
Splunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk
 
Splunk für Security
Splunk für SecuritySplunk für Security
Splunk für SecuritySplunk
 
SplunkLive! Milano 2016 - Splunk Plenary Session
SplunkLive! Milano 2016 - Splunk Plenary SessionSplunkLive! Milano 2016 - Splunk Plenary Session
SplunkLive! Milano 2016 - Splunk Plenary SessionSplunk
 

Recommended

Operational Security
Operational SecurityOperational Security
Operational SecuritySplunk
 
Splunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of ThingsSplunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of ThingsSplunk
 
Enterprise Security and User Behavior Analytics
Enterprise Security and User Behavior AnalyticsEnterprise Security and User Behavior Analytics
Enterprise Security and User Behavior AnalyticsSplunk
 
Best Practices For Sharing Data Across The Enteprrise
Best Practices For Sharing Data Across The EnteprriseBest Practices For Sharing Data Across The Enteprrise
Best Practices For Sharing Data Across The EnteprriseSplunk
 
Splunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für SecuritySplunk Discovery Day Düsseldorf 2016 - Splunk für Security
Splunk Discovery Day Düsseldorf 2016 - Splunk für SecuritySplunk
 
Splunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk
 
Splunk für Security
Splunk für SecuritySplunk für Security
Splunk für SecuritySplunk
 
SplunkLive! Milano 2016 - Splunk Plenary Session
SplunkLive! Milano 2016 - Splunk Plenary SessionSplunkLive! Milano 2016 - Splunk Plenary Session
SplunkLive! Milano 2016 - Splunk Plenary SessionSplunk
 
SplunkLive! Splunk for Security
SplunkLive! Splunk for SecuritySplunkLive! Splunk for Security
SplunkLive! Splunk for SecuritySplunk
 
SplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für SecuritySplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für SecuritySplunk
 
Applying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data SetsApplying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data SetsPriyanka Aash
 
Using Big Data for Cybersecurity
Using Big Data for CybersecurityUsing Big Data for Cybersecurity
Using Big Data for CybersecuritySplunk
 
Splunk for Security
Splunk for SecuritySplunk for Security
Splunk for SecurityGabrielle Knowles
 
Splunk Discovery Day Düsseldorf 2016
Splunk Discovery Day Düsseldorf 2016Splunk Discovery Day Düsseldorf 2016
Splunk Discovery Day Düsseldorf 2016Splunk
 
Splunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of ThingsSplunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of Thingsaliciasyc
 
Splunk Internet of Things Roundtable 2015
Splunk Internet of Things Roundtable 2015Splunk Internet of Things Roundtable 2015
Splunk Internet of Things Roundtable 2015Georg Knon
 
Getting Started with Splunk Hands-on
Getting Started with Splunk Hands-onGetting Started with Splunk Hands-on
Getting Started with Splunk Hands-onSplunk
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT OperationsSplunk
 
Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per... Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per...Splunk
 
Enterprise Security featuring UBA
Enterprise Security featuring UBAEnterprise Security featuring UBA
Enterprise Security featuring UBASplunk
 
Splunk for Monitoring and Diagnostics in the Industrial Environment
Splunk for Monitoring and Diagnostics in the Industrial EnvironmentSplunk for Monitoring and Diagnostics in the Industrial Environment
Splunk for Monitoring and Diagnostics in the Industrial EnvironmentSplunk
 
Splunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk
 
Enterprise Security Guided Tour
Enterprise Security Guided TourEnterprise Security Guided Tour
Enterprise Security Guided TourSplunk
 
SplunkLive! London 2016 Operational Security Intelligence
SplunkLive! London 2016 Operational Security IntelligenceSplunkLive! London 2016 Operational Security Intelligence
SplunkLive! London 2016 Operational Security IntelligenceSplunk
 
SplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud DetectionSplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud DetectionSplunk
 
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk
 
Realities of Data Security
Realities of Data SecurityRealities of Data Security
Realities of Data SecurityPriyanka Aash
 
User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionUser and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionYolanta Beresna
 
Splunk for fisma
Splunk for fismaSplunk for fisma
Splunk for fismaGreg Hanchin
 
Splunk for security
Splunk for securitySplunk for security
Splunk for securityGreg Hanchin
 

More Related Content

What's hot

SplunkLive! Splunk for Security
SplunkLive! Splunk for SecuritySplunkLive! Splunk for Security
SplunkLive! Splunk for SecuritySplunk
 
SplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für SecuritySplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für SecuritySplunk
 
Applying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data SetsApplying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data SetsPriyanka Aash
 
Using Big Data for Cybersecurity
Using Big Data for CybersecurityUsing Big Data for Cybersecurity
Using Big Data for CybersecuritySplunk
 
Splunk Discovery Day Düsseldorf 2016
Splunk Discovery Day Düsseldorf 2016Splunk Discovery Day Düsseldorf 2016
Splunk Discovery Day Düsseldorf 2016Splunk
 
Splunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of ThingsSplunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of Thingsaliciasyc
 
Splunk Internet of Things Roundtable 2015
Splunk Internet of Things Roundtable 2015Splunk Internet of Things Roundtable 2015
Splunk Internet of Things Roundtable 2015Georg Knon
 
Getting Started with Splunk Hands-on
Getting Started with Splunk Hands-onGetting Started with Splunk Hands-on
Getting Started with Splunk Hands-onSplunk
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT OperationsSplunk
 
Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per... Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per...Splunk
 
Enterprise Security featuring UBA
Enterprise Security featuring UBAEnterprise Security featuring UBA
Enterprise Security featuring UBASplunk
 
Splunk for Monitoring and Diagnostics in the Industrial Environment
Splunk for Monitoring and Diagnostics in the Industrial EnvironmentSplunk for Monitoring and Diagnostics in the Industrial Environment
Splunk for Monitoring and Diagnostics in the Industrial EnvironmentSplunk
 
Splunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk
 
Enterprise Security Guided Tour
Enterprise Security Guided TourEnterprise Security Guided Tour
Enterprise Security Guided TourSplunk
 
SplunkLive! London 2016 Operational Security Intelligence
SplunkLive! London 2016 Operational Security IntelligenceSplunkLive! London 2016 Operational Security Intelligence
SplunkLive! London 2016 Operational Security IntelligenceSplunk
 
SplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud DetectionSplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud DetectionSplunk
 
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk
 
Realities of Data Security
Realities of Data SecurityRealities of Data Security
Realities of Data SecurityPriyanka Aash
 
User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionUser and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionYolanta Beresna
 

What's hot (20)

SplunkLive! Splunk for Security
SplunkLive! Splunk for SecuritySplunkLive! Splunk for Security
SplunkLive! Splunk for Security
 
SplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für SecuritySplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für Security
 
Applying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data SetsApplying Auto-Data Classification Techniques for Large Data Sets
Applying Auto-Data Classification Techniques for Large Data Sets
 
Using Big Data for Cybersecurity
Using Big Data for CybersecurityUsing Big Data for Cybersecurity
Using Big Data for Cybersecurity
 
Splunk for Security
Splunk for SecuritySplunk for Security
Splunk for Security
 
Splunk Discovery Day Düsseldorf 2016
Splunk Discovery Day Düsseldorf 2016Splunk Discovery Day Düsseldorf 2016
Splunk Discovery Day Düsseldorf 2016
 
Splunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of ThingsSplunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of Things
 
Splunk Internet of Things Roundtable 2015
Splunk Internet of Things Roundtable 2015Splunk Internet of Things Roundtable 2015
Splunk Internet of Things Roundtable 2015
 
Getting Started with Splunk Hands-on
Getting Started with Splunk Hands-onGetting Started with Splunk Hands-on
Getting Started with Splunk Hands-on
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT Operations
 
Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per... Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per...
 
Enterprise Security featuring UBA
Enterprise Security featuring UBAEnterprise Security featuring UBA
Enterprise Security featuring UBA
 
Splunk for Monitoring and Diagnostics in the Industrial Environment
Splunk for Monitoring and Diagnostics in the Industrial EnvironmentSplunk for Monitoring and Diagnostics in the Industrial Environment
Splunk for Monitoring and Diagnostics in the Industrial Environment
 
Splunk for ITOA Breakout Session
Splunk for ITOA Breakout SessionSplunk for ITOA Breakout Session
Splunk for ITOA Breakout Session
 
Enterprise Security Guided Tour
Enterprise Security Guided TourEnterprise Security Guided Tour
Enterprise Security Guided Tour
 
SplunkLive! London 2016 Operational Security Intelligence
SplunkLive! London 2016 Operational Security IntelligenceSplunkLive! London 2016 Operational Security Intelligence
SplunkLive! London 2016 Operational Security Intelligence
 
SplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud DetectionSplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud Detection
 
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout Session
 
Realities of Data Security
Realities of Data SecurityRealities of Data Security
Realities of Data Security
 
User and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solutionUser and entity behavior analytics: building an effective solution
User and entity behavior analytics: building an effective solution
 

Similar to Splunk for compliance

Splunk for security
Splunk for securitySplunk for security
Splunk for securityGreg Hanchin
 
Splunk app for_enterprise_security
Splunk app for_enterprise_securitySplunk app for_enterprise_security
Splunk app for_enterprise_securityGreg Hanchin
 
Splunk for big_data
Splunk for big_dataSplunk for big_data
Splunk for big_dataGreg Hanchin
 
Splunk guide for_iso_27002
Splunk guide for_iso_27002Splunk guide for_iso_27002
Splunk guide for_iso_27002Greg Hanchin
 
Splunk for application_management
Splunk for application_managementSplunk for application_management
Splunk for application_managementGreg Hanchin
 
SplunkLive! Splunk for IT Operations
SplunkLive! Splunk for IT OperationsSplunkLive! Splunk for IT Operations
SplunkLive! Splunk for IT OperationsSplunk
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior AnalyticsSplunk
 
Splunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk
 
Splunk Enterprise 6.1 Solutions Brief
Splunk Enterprise 6.1 Solutions BriefSplunk Enterprise 6.1 Solutions Brief
Splunk Enterprise 6.1 Solutions BriefManish Kalra
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring Greg Hanchin
 
Getting Started with Splunk (Hands-On)
Getting Started with Splunk (Hands-On) Getting Started with Splunk (Hands-On)
Getting Started with Splunk (Hands-On) Splunk
 
SplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT BreakoutSplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT BreakoutSplunk
 
SplunkLive! - Splunk for Security
SplunkLive! - Splunk for SecuritySplunkLive! - Splunk for Security
SplunkLive! - Splunk for SecuritySplunk
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk
 
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingSplunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingGeorg Knon
 
Splunk Discovery Day Düsseldorf 2016 - Splunk für IT Operations
Splunk Discovery Day Düsseldorf 2016 - Splunk für IT OperationsSplunk Discovery Day Düsseldorf 2016 - Splunk für IT Operations
Splunk Discovery Day Düsseldorf 2016 - Splunk für IT OperationsSplunk
 

Similar to Splunk for compliance (20)

Splunk for fisma
Splunk for fismaSplunk for fisma
Splunk for fisma
 
Splunk for security
Splunk for securitySplunk for security
Splunk for security
 
Splunk app for_enterprise_security
Splunk app for_enterprise_securitySplunk app for_enterprise_security
Splunk app for_enterprise_security
 
Splunk for big_data
Splunk for big_dataSplunk for big_data
Splunk for big_data
 
Splunk
SplunkSplunk
Splunk
 
Splunk guide for_iso_27002
Splunk guide for_iso_27002Splunk guide for_iso_27002
Splunk guide for_iso_27002
 
Splunk for application_management
Splunk for application_managementSplunk for application_management
Splunk for application_management
 
SplunkLive! Splunk for IT Operations
SplunkLive! Splunk for IT OperationsSplunkLive! Splunk for IT Operations
SplunkLive! Splunk for IT Operations
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics
 
Splunk for Security Breakout Session
Splunk for Security Breakout SessionSplunk for Security Breakout Session
Splunk for Security Breakout Session
 
Splunk Enterprise 6.1 Solutions Brief
Splunk Enterprise 6.1 Solutions BriefSplunk Enterprise 6.1 Solutions Brief
Splunk Enterprise 6.1 Solutions Brief
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring
 
Getting Started with Splunk (Hands-On)
Getting Started with Splunk (Hands-On) Getting Started with Splunk (Hands-On)
Getting Started with Splunk (Hands-On)
 
SplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT BreakoutSplunkLive! London - Splunk App for Stream & MINT Breakout
SplunkLive! London - Splunk App for Stream & MINT Breakout
 
SplunkLive! - Splunk for Security
SplunkLive! - Splunk for SecuritySplunkLive! - Splunk for Security
SplunkLive! - Splunk for Security
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
 
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingSplunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
 
Splunk Discovery Day Düsseldorf 2016 - Splunk für IT Operations
Splunk Discovery Day Düsseldorf 2016 - Splunk für IT OperationsSplunk Discovery Day Düsseldorf 2016 - Splunk für IT Operations
Splunk Discovery Day Düsseldorf 2016 - Splunk für IT Operations
 

More from Greg Hanchin

NUTANIX and SPLUNK
NUTANIX and SPLUNKNUTANIX and SPLUNK
NUTANIX and SPLUNKGreg Hanchin
 
Splunk for exchange
Splunk for exchangeSplunk for exchange
Splunk for exchangeGreg Hanchin
 
Splunk for cyber_threat
Splunk for cyber_threatSplunk for cyber_threat
Splunk for cyber_threatGreg Hanchin
 
Splunk Searching and reporting 43course
Splunk Searching and reporting 43courseSplunk Searching and reporting 43course
Splunk Searching and reporting 43courseGreg Hanchin
 
Advanced Splunk 50 administration
Advanced Splunk 50 administrationAdvanced Splunk 50 administration
Advanced Splunk 50 administrationGreg Hanchin
 
Advanced searching and reporting 50 course
Advanced searching and reporting 50 course Advanced searching and reporting 50 course
Advanced searching and reporting 50 course Greg Hanchin
 
Administering splunk 43 course
Administering splunk 43 courseAdministering splunk 43 course
Administering splunk 43 courseGreg Hanchin
 
Using splunk43course
Using splunk43courseUsing splunk43course
Using splunk43courseGreg Hanchin
 
Using Splunk course outline
Using Splunk course outline Using Splunk course outline
Using Splunk course outline Greg Hanchin
 
Advanced Splunk Administration
Advanced Splunk AdministrationAdvanced Splunk Administration
Advanced Splunk AdministrationGreg Hanchin
 
Splunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class descriptionSplunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class descriptionGreg Hanchin
 
Administering Splunk course
Administering Splunk courseAdministering Splunk course
Administering Splunk courseGreg Hanchin
 
Splunk Searching and Reporting Class Details
Splunk Searching and Reporting Class DetailsSplunk Searching and Reporting Class Details
Splunk Searching and Reporting Class DetailsGreg Hanchin
 
Splunk forwarders tech_brief
Splunk forwarders tech_briefSplunk forwarders tech_brief
Splunk forwarders tech_briefGreg Hanchin
 
Splunk and map_reduce
Splunk and map_reduceSplunk and map_reduce
Splunk and map_reduceGreg Hanchin
 
Splunk for xen_desktop
Splunk for xen_desktopSplunk for xen_desktop
Splunk for xen_desktopGreg Hanchin
 
Splunk for palo_alto
Splunk for palo_altoSplunk for palo_alto
Splunk for palo_altoGreg Hanchin
 
Splunk for db_connect
Splunk for db_connectSplunk for db_connect
Splunk for db_connectGreg Hanchin
 

More from Greg Hanchin (20)

NUTANIX and SPLUNK
NUTANIX and SPLUNKNUTANIX and SPLUNK
NUTANIX and SPLUNK
 
Splunk for exchange
Splunk for exchangeSplunk for exchange
Splunk for exchange
 
Splunk for cyber_threat
Splunk for cyber_threatSplunk for cyber_threat
Splunk for cyber_threat
 
Splunk Searching and reporting 43course
Splunk Searching and reporting 43courseSplunk Searching and reporting 43course
Splunk Searching and reporting 43course
 
Advanced Splunk 50 administration
Advanced Splunk 50 administrationAdvanced Splunk 50 administration
Advanced Splunk 50 administration
 
Advanced searching and reporting 50 course
Advanced searching and reporting 50 course Advanced searching and reporting 50 course
Advanced searching and reporting 50 course
 
Administering splunk 43 course
Administering splunk 43 courseAdministering splunk 43 course
Administering splunk 43 course
 
Using splunk43course
Using splunk43courseUsing splunk43course
Using splunk43course
 
Using Splunk course outline
Using Splunk course outline Using Splunk course outline
Using Splunk course outline
 
Advanced Splunk Administration
Advanced Splunk AdministrationAdvanced Splunk Administration
Advanced Splunk Administration
 
Splunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class descriptionSplunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class description
 
Administering Splunk course
Administering Splunk courseAdministering Splunk course
Administering Splunk course
 
Splunk Searching and Reporting Class Details
Splunk Searching and Reporting Class DetailsSplunk Searching and Reporting Class Details
Splunk Searching and Reporting Class Details
 
Splunk forwarders tech_brief
Splunk forwarders tech_briefSplunk forwarders tech_brief
Splunk forwarders tech_brief
 
Splunk and map_reduce
Splunk and map_reduceSplunk and map_reduce
Splunk and map_reduce
 
Splunk for xen_desktop
Splunk for xen_desktopSplunk for xen_desktop
Splunk for xen_desktop
 
Splunk for palo_alto
Splunk for palo_altoSplunk for palo_alto
Splunk for palo_alto
 
Splunk for ibtrm
Splunk for ibtrmSplunk for ibtrm
Splunk for ibtrm
 
Splunk for f5
Splunk for f5Splunk for f5
Splunk for f5
 
Splunk for db_connect
Splunk for db_connectSplunk for db_connect
Splunk for db_connect
 

Recently uploaded

MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 

Recently uploaded (20)

MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Splunk for compliance

  • 1. S O L U T I O N S G U I D E Meet Compliance Requirements by Monitoring, Alerting and Reporting on Machine Data Splunk for Compliance listen to your data Cost effective, Sustainable Compliance Splunk Enterprise is a massively scalable data engine for machine-generated data. It collects, indexes and harnesses machine data across your infrastructure in real time. Splunk offers a cost effective and flexible way to meet your compliance requirements from audit trail collection and reporting, to file integrity monitoring with a single solution. Meet requirements to collect, retain, search, alert and report on logs and machine data throughout your IT infrastructure. Generate any report in seconds and automate reporting to compliance analysts and auditors with scheduled searches and reports. • E-Discovery - Search every data source required for E-Discovery from one place. Get instantaneous results across large data sets. • FISMA - Securely collect, index and store all your log and Machine Data along with audit trails to meet NIST requirements. • HIPAA - Search all your machine data to instantly assess reports of EPHI leakage and meet HIPAA’s explicit log requirements. • PCI - Rapid compliance with explicit PCI requirements for log retention/review and change monitoring, comprehensive reporting on all PCI controls such as passwords and firewall policy. • SOX - Splunk makes the ambiguous chore of compliance- mandated routine log review easy and straightforward. Demonstrate “due-care” and increase operational efficiency by eliminating compliance friction. The Compliance Challenge Reporting on firewall, access control and application logs and machine data to demonstrate compliance controls is difficult and costly. Each of these systems generate logs in different formats and locations. Each auditor request involves a different, manual procedure. But the requirement to limit access to production systems has an even bigger impact. System administrators and developers are denied access to production systems to analyze logs and configurations, limiting their ability to respond to operations and security incidents. Enter Splunk Bring powerful indexing, search, alerting and reporting to the challenges of change management. With Splunk you can search, alert and report on machine data from virtually any source. Meet compliance requirements from audit trail collection and reporting, to file integrity monitoring with a single solution. Generate any compliance report in seconds. And you’ll overcome the operational impact of demands to restrict production system access by giving developers and application support secure, read-only access to the machine data they need without touching production systems. Secure data retention Splunk provides a highly efficient and secure solution for capturing and retaining your machine data for extended periods. Securely capture all your data in real-time including syslog and even complex application logs. Integrity is ensured via hardened deployments and comprehensive auditing and security. Archive or retire data based on age or storage limits. Controlled data access Splunk helps eliminate the compliance barriers that get in the way of operations. Provide developers and application administrators with real-time access to the logs, configurations and status commands they need in order to analyze and resolve production problems. Role based access controls let you adhere to strict compliance with production server access restrictions. Compliance reporting Meet explicit requirements to monitor, review and retain logs, configurations and other machine data. Demonstrate compliance quickly and easily across other types of controls. Report on firewall activity to show that firewall policy is in place and functioning correctly. Report on access control events to show that account deactivation procedures are being followed. Generate ad hoc reports to answer auditor questions in seconds and automate reports with scheduled searches. Security monitoring Splunk lets you meet requirements to automate monitoring of security events. Index audit trails across firewalls, applications, access control, IDS and other components, then simply save, schedule and set alerting rules for a search. Alerts can send notifications via email, RSS, SMS or trigger scripts for easy integration with your existing monitoring consoles. As new mandates create new monitoring requirements, simply add new data sources and searches.
  • 2. www.splunk.com 250 Brannan St, San Francisco, CA, 94107 info@splunk.com | sales@splunk.com 866-438-7758 | 415-848-8400 www.splunkbase.com S O L U T I O N S G U I D E listen to your data Copyright © 2012 Splunk Inc. All rights reserved. Splunk Enterprise is protected by U.S. and international copyright and intellectual property laws. Splunk is a registered trademark or trademark of Splunk Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item # SG-Splunk-Complience-101 Compliance investigations Minimize the distraction of compliance investigations and discovery requests. Stop using a different tool for each of your systems—web proxies, email servers, and more. Splunk’s fast and simple search across your data will get you the information in seconds. Audit trail review Splunk makes the ambiguous chore of compliance-mandated routine log review easy and straightforward. Search Splunk daily for activity from the previous day on in-scope servers. Use Splunk’s time histogram and filters to understand patterns. Classify and tag innocuous events as “ok”. Search for events not tagged “ok” the next day so that you’re only looking at new or suspicious events each day. Best of all, Splunk tracks your review history for auditors. Splunk for Compliance Applications E-Discovery Escalating law enforcement requests to investigate suspected criminal activity online are distracting IT at education institutions and large enterprises that provide Internet access. Servicing requests is a distracting and time consuming and the inability to respond effectively opens organizations to legal risk. “When the FBI is asking for intelligence under a tight timeline, you need to be able to search your IT data and generate any material findings quickly.” Anonymous Splunk makes E-Discovery fast and easy. You can search every data source required for E-Discovery from one place. Instantaneous results across large data sets slash the time to respond to requests. Set-up simple searches for HR personnel to lift the burden from IT staff. Data signing and audit trails demonstrate the integrity of your results. FISMA FISMA and NIST standards require Federal Government Agencies have the ability to effectively respond to incidents by analyzing massive amounts of data from large network and IT infrastructures..Splunk scales to provide visibility into the security technologies in large network infrastructures. Powerful search and reporting of results and flexible ways to organize and tag systems with inventory information and enable the creation of status views for different security controls or locations. “Federal agencies should implement Splunk because it’s can bring all the security information together, correlate and bring a coherent picture of your security posture.” Bill Hornish Federal Business Development, Splunk S O L U T I O N S G U I D E HIPAA HIPAA and EPHI security and privacy rules include explicit requirements for audit trail collection, review, automated monitoring and incident investigation. But providers and insurance carriers lack the ability to rapidly search machine data in support of incident investigation requirements. Slow, manual investigation process raises level of exposure and risk of violations. Splunk closes HIPAA compliance gaps. Search your machine data to instantly assess reports of EPHI leakage and meet HIPAA’s explicit log collection and monitoring requirements. “Splunk is the CHW standard for event logging for HIPAA. It’s a critical tool for monitoring access to information to our business, and patient privacy.” Steve Hight Director Strategic Technology, CHW PCI DSS Credit card merchants find collecting and retaining audit trails for at least one year is the most daunting PCI compliance requirement. It’s difficult to access, analyze and manage all the data from card processing systems. Existing PCI solutions are expensive, clumsy and difficult to maintain. The Splunk App is a pre-packed application that provides rapid compliance with PCI requirements for audit trail collection, retention and review. “Failure to comply with PCI equates to failure for our business. Splunk enables us to demonstrate compliance across all PCI DSS requirements.” Peter Bassill CISSP, Gala Coral Croup SOX Sarbanes-Oxley IT compliance has driven public companies and their vendors to adopt stringent IT controls based on ITIL, COBiT, COSO, ISO 17799, BS-7799 and other best-practice frameworks for IT operations and security. Demonstrating these controls has become a huge burden for IT operations, Splunk provides comprehensive visibility for SOX IT controls. Search the data generated by SOX control tools and technologies from one place. Instantaneous retrieve the information requested by IT auditors. “Splunk automated our evidence gathering for SOX compliance, saving engineering from working on compliance related tasks”. David Jones IT Ops Manager., Alexza Pharmaceutical Free Download Download Splunk for free. You’ll get a Splunk Enterprise license for 60 days and you can index up to 500 megabytes of data per day. After 60 days, or anytime before then, you can convert to a perpetual Free license or purchase an Enterprise license by contacting sales@splunk.com.