• Allow end-users to search and investigate their data freely from a single location.

• Monitor data and provide real-time alerts when specific conditions are met.

• Deliver highly effective information and analysis.

• Enable the creation of customized views and dashboards for different roles.

• Convince the client that Splunk is compatible with multi-company schemes and can be implemented flexibly.

• Firewall traffic

• Database auditing

• Symantec Appliance Monitoring

• VPN Events

• Connections

• Users

• Malware Event Tracking

• Active Directory User Activity

• Linux Operating System Event Monitoring

• Monitoring

• Business

• Security

• Microsoft Exchange Logs
• Windows Operating System Logs
• DNS Server Logs
• Syslog (Fortinet, Switches)
• Symantec Logs

Databases:

• Oracle

Network Protocols:

• UDP

• SNMP

Best practices from the monitoring, security, network, and other critical environments were used in the implementation:

• Application management: Troubleshoots application environment issues, monitors performance degradation.
• Security and compliance: Provides rapid response to incidents, correlation, and in-depth monitoring of all data sources.
• Infrastructure and operations management: Proactively monitors to ensure uptime, quickly identifies and resolves issues.
• Web and business analysis: Gains visibility and intelligence on clients, services, and transactions, detects real-time trends and behavior patterns.
• Monitoring infrastructure for Splunk environments and external servers.
• Incident management through alerts and visualizations.
• Firewall network traffic monitoring.
• User activity management.
• VPN monitoring (user and access management).
• Monitoring of Symantec anomalous events.
• DNS monitoring.