SIEM Event Management – It’s Time to Break the Rules

Recently Splunk published a document regarding Splunk and SIEM integrations-that outlines the challenges faced by many federal along with commercial customers. The challenges are well known and revolve around scalability as well as expanding beyond defined rules for true situational awareness. Splunk provides great value to SIEM customers because we can provide the true “common operational picture” by allowing analysts to look at all the data form one console-in real time. We do this with terabytes of data and continue to address scaling issues with customers world wide.

The document provides details in how Splunk integrates and servers as a the critical tool that not only integrates with SIEM, but other key underlying technologies. This paper positions Splunk as complementary …

» Continue reading

Splunk’s Hot in the Federal Government

Splunk is truly hot in Fed! It was mind blowing to welcome over 200 people to learn more about Splunk at our recent SplunkLive in DC–more than doubling the number of attendees from the event we held just 6 months ago!  The agenda was customer driven, featuring a Federal civilian agency focused on space exploration and  The Washington Post, plus partner presentations from Blue Coat and Big Fix. Godfrey Sullivan, Splunk’s CEO provided the keynote along with great technical presentations by s Co-Founders Erik Swan and Rob Das covering SOA, Virtualization, and Big IT Data.

Why is Splunk so hot?  For one, Splunk is used in by a majority of the Federal Agencies. In some …

» Continue reading