Educause Security Discussion mailing list archives
Re: For those who Splunk
From: Benjamin Stein <bgstein () UCDAVIS EDU>
Date: Thu, 6 Apr 2017 17:21:14 +0000
For those that are part of Internet2 - there is an agreement that can bring the price down: http://www.internet2.edu/products-services/cloud-services-applications/splunk/ We use Splunk and I'm a big fan. -- Benjamin Stein bstein () shcs ucdavis edu / 530-754-9039 (office) Senior Security & Systems Administrator UC Davis Student Health and Counseling Services ________________________________ From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Andreas Paulisch <apaulisch () BROCKU CA> Sent: Thursday, April 6, 2017 9:56:09 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] For those who Splunk We had Splunk, with a 1Gb/day limit. We could not afford more. It’s a great tool, but we couldn’t use it as planned, because we couldn’t justify the cost. We are just deploying ELK (Elasticsearch, Logstash and Kibana) to replace it. We are not logging over 4 million syslog entries per hour, about 45Gb/day and it doesn’t cost me anything, other than the cost of the hardware. We are running all of this in VMs, hosted on CISCO UCS, with a few SSD drives to handle the IOPS. Cheers Andreas Paulisch IT Infrastructure Manager Brock University From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Emily Harris Sent: Thursday, April 6, 2017 11:52 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] For those who Splunk We are about to start a small(ish) Proof of Concept for using Splunk. In our POC we intend to use the product on-site, but I know that Splunk Cloud is becoming increasingly popular. This is a very informal poll, but I'm hoping to gather some meaningful comments and use cases. For those who use Splunk: 1. Is it on-premise or in the cloud? 2. Why did you make that choice, whatever it is? 3. What is your per day license? 4. Do you have any "gotchas" to share about the direction you chose? Thank you so much! ---- Emily Harris, CISSP Information Security Officer, CIS Vassar College 845-437-7221
Current thread:
- For those who Splunk Emily Harris (Apr 06)
- Re: For those who Splunk Andreas Paulisch (Apr 06)
- Re: For those who Splunk Benjamin Stein (Apr 06)
- Re: For those who Splunk hodgett (Apr 11)
- Re: For those who Splunk Garrett Hildebrand (Apr 12)
- Re: For those who Splunk Kevin Wilcox (Apr 12)
- Re: For those who Splunk Garrett Hildebrand (Apr 12)
- Re: For those who Splunk Kevin Wilcox (Apr 12)
- Re: For those who Splunk Andreas Paulisch (Apr 06)