Splunk Search

Whether splunk saves a copy of the log files in their server side

baisakhiroy
New Member

For security reason , in our project we want that the log files (audit logs,developer's logs etc) should not go outside our server. So, I want to know whether splunk saves a copy of the log files in their server side.How exactly it works .

Also,whether splunk is able to give multilingual support of the log files.

Tags (1)
0 Karma

Ayn
Legend

Not sure what you mean by "their server side". Splunk stores all events in its "database" (in Splunk terms called an "index") on the machine that you've installed Splunk on. No events or other info is sent out from your networks.

As for multilingual support, I don't understand what you mean by that. Please clarify.

0 Karma

Ayn
Legend

If you're looking into performing an RFP / evaluation with Splunk I think the best idea is to contact Splunk sales.

0 Karma

Ayn
Legend

Splunk saves all raw logs just as they are - it doesn't change them in any way. So if you have logs in, say, English, then that's the language you will see. (This goes for any solution out there - I'm pretty sure no log management / SIEM solution performs on-the-fly translation)

0 Karma

baisakhiroy
New Member

Full requirement of Logging:
1.Logs must be tamper-evident

2.Log functionality must support logging of sensitive data (ie: encrypted, and viewable/decrypted only by authorized users)
3.The system shall support “centralized” log functionality
4.The system must support authorization for viewing/configuring logs
5.The system must provide functionality to view, search and filter logs,
6.the system shall support reporting/printing/exporting logging data
7.The system must support “administration/configuration” of logs
8.Logging must support multi-language

Whether these are fulfilled by splunk.

0 Karma

baisakhiroy
New Member

First of all thank you for your answer.

By multilingual support I mean; log should support multiple language,i.e. logs can be displayed in multiple language.

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...