HNS MAIN FEED
Saturday, 01:37 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
Q&A: Splunk
In this interview the Splunk team discusses Splunk in detail.
What is Splunk?
Splunk was born from its founders' frustration in running some of the worlds largest IT infrastructures. Using state-of-the-art IT management, security and compliance tools, they found it nearly impossible to locate the root cause of problems, investigate security attacks and assimilate all the data required for audits. Their conclusion was the silo approach to managing IT, with separate tools for every technology and IT function, was cumbersome, costly and didn't scale.
So, they founded Splunk to develop a new approach. The concept was simple. If Google could index and let users search across billions of pages of Web content in seconds, why not do the same for the datacenter? The result of thinking differently, Splunk is software that indexes the data generated by any application, server or network device running across technical, functional and geographic IT silos and lets you instantly search, alert and report on it.
Splunk does this without having to rely on inflexible and brittle databases, costly custom data connectors/ parsers, or force users to learn a new interface and vendor semantics. Using Splunk organizations can now troubleshoot application outages, investigate security incidents, and demonstrate compliance in minutes, instead of hours or days.
Splunk is a free software download (up to 500mb of uncompressed data indexed per day), works with all the leading operating systems, and is easy to install and use. Most users are up and running in less than an hour.
Recently you released Splunk 4. What are the most notable improvements and changes in this version?
Splunk 4 replaces a very successful product Splunk 3.x and builds on an innovative and tremendously successful approach Splunk introduced in 2005, Search for IT data. In Splunk 4 there are over 50 new features that impact four major areas of product functionality:
Speed and scale - Splunk 4 introduces 10x improvements in search speed and 2x improvements in indexing speed over the previous release. No other technology for managing time-series, unstructured IT data delivers this level of performance and the product has tested 100x faster than competitive security and event management solutions. Splunk’s MapReduce implementation delivers dramatic scale improvements enabling the indexing of terabytes of data per day on commodity hardware. These improvements help customers run Splunk 4 with fewer resources that the previous release.
1 | 2 | 3 | 4 | 5 | Next page >>
- Q&A: Wireshark
- Best practices for DNS security
- Spam evolution: September 2009
- Looking back at 2009 through SQL injection goggles
- Q&A: Web application security
