Get Splunk
Splunk.com  |  Splunk Base  |  Splunk Blogs

Cfrln: Archive for February, 2006

fact and fiction about chain of evidence

Posted:  February 16th, 2006
Tags:  Splunk

Rafael Marty, who I already know is a very smart guy, had the guts and insight to say what no one else wants to say about chain-of-evidence and court admissibility of log data. He points out that “unaltered” is a totally fictitious requirement for maintaining admissibility of log data as evidence. Go Raffy! He […]

> Continue reading this post   |   5 Comments

Splunk for ad hoc Squid proxy auditing

Posted:  February 13th, 2006
Tags:  Splunk

Trigg3r writes from Mindanao about using Splunk on Squid proxy logs.

> Continue reading this post   |   9 Comments

Long tail log sources

Posted:  February 10th, 2006
Tags:  Splunk

While catching up on the long tail, Chris Anderson’s blog where he explores his thesis about the impact of digital distribution on mass media products, I realized most IT people take what Chris calls a blockbuster attitude when it comes to deciding what log sources to centralize.

(The basic long tail idea is that in […]

> Continue reading this post   |   No Comments

Thanks for the reviews!

Posted:  February 10th, 2006
Tags:  Splunk

Thanks to all of you out there who are not only trying out Splunk, but blogging your first impressions.
Some recent reviews:

Alex Nordstrom:
“From here on, you can now browse all your log messages in a beautifully structured and intelligent way.”
ProdAdmin:
“…you can see right away what the most common events in our logs are.”

Demetri Mouratis follows up […]

> Continue reading this post   |   No Comments