Splunk in Financial Services

Splunk is often used by financial services customers for the usual indexing, searching, reporting, and analysis of any type of textual IT data. This may include monitoring devices, investigating login attempts, making sure an application is up and running, or centrally searching for data via various log files. As users have become more familiar with the power of Splunk, they have started to use it to monitor, investigate, and report on the business aspects of their operations. What follows is a non-exhaustive discussion of use cases where customers in financial services can further their utilization of Splunk. It is hoped that this provides insight into garnering more value from your data, which is often a theme of my blogs.

Trading …

» Continue reading

Event Correlation

It has been a while since anyone has written a direct blog entry on event correlation here at Splunk so I thought I would write one today. Event correlation can loosely be defined as a technique to relate any number of events with some identifiable patterns (and optionally act upon the relationship). Security vendors may narrowly claim that event correlation is the ability to correlate security related events and alert upon their existence. This is a subset of what event correlation can be. For instance, in a hypothetical case,  I can correlate that if it rains on a major Monday holiday, end of day total sales are lower than average sales for a brick and mortar retail shop. This case …

» Continue reading