Splunk is a complete information mining and reporting system.
We would be happy to discuss your requirements over the phone or meet with you at your office.
Get in touchSplunk is fast becoming one of the most highly regarded solutions for Log management.
Splunk is a versatile and comprehensive data analysis toolkit. By creating PCI specific searches, filters and reports, we have created a cost effective log collection and analysis tool that helps you meet all of the relevant PCI logging requirements including file integrity assessment.
Splunk, allows organisations to centralise disparate and diverse logs for compliance, regulatory and best practise review, here are some of its key features:
Allows for rapid and simple collects logs from just about any application, server, router, firewall and system
Asses for importance and correlate against best practice security templates including rapid association of common/linked events from separate systems
Automate the escalation and distribution of important events
From summary style compliance-ratings to drill-down deep detail all customisable and easy to produce
Logs are separately time/date stamped, hashed to retain integrity and made available when required for post event analysis and forensic style examination
Unlike other log management solutions, Splunk is priced on the log activity processed rather the number of systems and because Splunk can be configured to only collect the events you require you can drastically reduce your log collection needs and reduce costs.
Systems where we have helped with Splunk PCI integration: (this is not meant to be exhaustive)
This is not exhaustive list, but is typical of what Spunk and our integration services offer. Another example CST found is where Splunk can be used is that of PCI control reporting ( see PCI 1.2.1 & 1.2.3) for example where card holder data should be segregated and only passed from points A to B for instance: the firewall, router, switches and the alike all have separate logs that provide evidence as much. Splunk would collect and collate all such disparate logs and analyze them for the same exception criteria of reporting on any traffic destination other than A to B for instance.
Opinion & Resources
Splunk was born of our founders’ frustration running some of the worlds largest IT infrastructures. Armed with state-of-the-art IT management tools, they found it nearly impossible to locate the root cause of problems, investigate security attacks and assemble all the data required for compliance audits.
Their conclusion was the silo approach to managing IT with separate tools for every technology and IT function was cumbersome, costly and didn't scale.
Nigel Lewis