- Splunk has been used at athenahealth for 3 years to correlate security information from various tools in a centralized dashboard. It is used by their security incident response team and security teams. - Splunk ingest 400GB of data per day from over 100 forwarders, including Windows logs, firewall logs, and other security data. They aim to retain 2 years of searchable data. - Splunk has provided value through improved visibility, flexibility to ingest various data sources, ability to customize alerts and searches, and more efficient incident response by reducing time spent searching multiple systems.