Splunk QuickView

Uploaded by BethAnne on May 1, 2012 at 12:27 pm

Thanks! Share it with your friends!

Close

Above is the three-minute highlight version of the Splunk interview. If you like this, and we think you will, you’ll want to watch the full-length version here: www.youtube.com How do you see the dark matter inside your business? There are tons of data that your servers are kicking out that you probably haven’t been able get a good look at. Splunk lets you see that data, and discover new facts about your business. “When we started the company, one of the things we did is we decided to take some time—a year or more—to figure out what to do,” says Rob Das, co-founder and chief architect of Splunk. “So instead of starting with a concept, we went out and explored ideas with people. … The first thing we wanted to do is talk to the people in IT we know, and find a problem they universally had. … The second thing was building something they were willing to pay for. We built some really cool things in the past, and people weren’t willing to pay for it. It was really hard to monetize and build a big company on it. Lastly, [we wanted to find] a place where there wasn’t a lot of competition.” What they came up with is a way to search and find answers in the vast amount of data produced in IT. The amount of data being produced was growing at a rapid pace, but no one had given the same attention to searching back-end systems that Google had given to web search. Enter Splunk. “We started out as Google for IT data,” says Erik Swan, co-founder and CTO. “That was a big hit back in

Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks


How well does your enterprise stand up against today’s sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network–first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.

Security Monitoring is based on the authors’ years of experience conducting incident response to keep Cisco’s global network secure. It offers six steps to improve network monitoring. These steps will help you:

  • Develop Policies: define rules, regulations, and monitoring criteria
  • Know Your Network: build knowledge of your infrastructure with network telemetry
  • Select Your Targets: define the subset of infrastructure to be monitored
  • Choose Event Sources: identify event types needed to discover policy violations
  • Feed and Tune: collect data, generate alerts, and tune systems using contextual information
  • Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events

Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.

Comments

Write a comment

*