Re: splunk : what is purpose ?

swati_sharma · ‎06-04-2015

hello ,

1.we are confused that is it monitoring tool or backup application means that it can backup data on secondary storage.
1. is there any video from where we can see that how to splunk easily
Actually we want to learn how to use splunk .

Please help me ASAP .

kristian_kolb · ‎06-05-2015

Ok, I'm guessing that you are trying out the free version of Splunk, and didn't actually buy a license. 🙂

Splunk is a tool for searching, correlating, reporting and alerting on (mainly) log data. Think of it as a powerful analytical tool, which also has capabilities to store data in its own internal format for a specified amount of time. Actually, you can decide to have different retention periods for different types of data.

It is not a backup tool, but it is commonly used for fulfilling internal/external requirements for centralized logging, i.e. to have important logs moved away from the systems where they were generated. So in a sense, the logs are 'backed up' to a secondary system, but usually logs would never be restored to the originating system in the event of a crash/attack/whatever.

I would guess that you could find the basic introductory videos on splunk.com, and a lot of detailed administrative tips on youtube.

/K

splunk : what is purpose ?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases