Scribd
Upload
242 views12 pages

Splunk Deployment Guidelines

Guidelines for Splunk

Uploaded by

Akhil
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
242 views12 pages

Splunk Deployment Guidelines

Guidelines for Splunk

Uploaded by

Akhil
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Architecting Splunk Enterprise Deployments

Architecting Splunk Enterprise Deployments


Listen to your data. 1 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Document Usage Guidelines
• Should be used only for enrolled students
• Not meant to be a self-paced document, an instructor is required
• Please do not distribute

20 September 2017
Architecting Splunk Enterprise Deployments
Listen to your data. 2 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Use Cases

Architecting Splunk Enterprise Deployments


Listen to your data. 3 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Deployment Planning – Discovery
• As the first step, you need to gather the following basic
information
– Who will be the Splunk users?
– What are their roles?
– What are the goals for your Splunk deployment?
– What are the use cases?
– What is the current IT physical environment?
– What is the current monitoring and / or logging environment?

Architecting Splunk Enterprise Deployments


Listen to your data. 4 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Deployment Planning – Identify Users
• User Centered Design is a technique that can help to:
– Identifythe target users and their experience levels
– Define their tasks and goals
– Document functions they desire and require from a system
– Determine the information they desire and require

• Additional info:
https://en.wikipedia.org/wiki/User-centered_design

Architecting Splunk Enterprise Deployments


Listen to your data. 5 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Goals and Usage Categories
• Troubleshoot systems
• Proactively discover problems Operations
Operations
• Reduce or eliminate escalations and group analysis

• Identify security incidents


• Investigate security incidents faster
• Report on security issues
Security
• Meet log review and retention requirements
• Generate reports on controls Compliance
• Enable remote log access to locked-down systems

• Dramatically reduce application downtime


• Free developers from time-consuming production support App Mgmt
• Find problems before the customer

• Gain valuable business insight from machine data


• Use predictive analytics to scope growth Analytics
• Identify sales/marketing trends in your data

Architecting Splunk Enterprise Deployments


Listen to your data. 6 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Users and Use Cases – Operations
Common users include: Common use cases include:
• Customer Support • Infrastructure Monitoring
• Systems Administrators • Server Virtualization
• IT Operations Management
• Development and QA • Desktop Virtualization
Management
• Business and Finance
• Service Desk
• Network Administrators

Operations
Operations
Architecting Splunk Enterprise Deployments
Listen to your data. 7 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Users and Use Cases – Security
Common users include: Common use cases include:
• Network Security • Network / Data Security
Administrators • Insider Threat
• Information Security Analysts • Patch Management
• Chief Security Officers • Malware / Virus
• Security Managers • Fraud
• Application Security Analyst • Spam
• System Security Analyst
Security
Security
Architecting Splunk Enterprise Deployments
Listen to your data. 8 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Users and Use Cases – Compliance
Common users include: Common use cases include:
• Security Analysts • PCI Compliance
• IT Operations • HIPAA Compliance
• Systems Administrators • FISMA Compliance
• Human Resources • SOX Compliance
• Compliance staff and auditors • SEC Compliance
• CSO / CRO / CFO • Others …

Compliance
Compliance
Architecting Splunk Enterprise Deployments
Listen to your data. 9 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Users & Use Cases – Application Development
Common users include: Common use cases include:
• Application developers • Custom Application Management
• Customer Support • Packaged Application
• Operations Management
• Business owners • Application Development
• Eliminate direct access to
production systems for
troubleshooting
• Overcome knowledge silos
App Mgmt

Architecting Splunk Enterprise Deployments


Listen to your data. 10 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
Users and Use Cases – Analytics
Common users include: Common use cases include:
• Marketing • Business Intelligence
• Operations • Supply chain management
• Business owners • Procurement planning
• Business/market analysts • Real-time business insights

Analytics
Architecting Splunk Enterprise Deployments
Listen to your data. 11 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017
More Use Cases
• Splunk publishes customer and industry case studies and
success stories at splunk.com
https://www.splunk.com/en_us/resources/use-cases.html

Architecting Splunk Enterprise Deployments


Listen to your data. 12 Copyright © 2017 Splunk, Inc. All rights reserved | 20 September 2017

You might also like