Fiduciaria manages to consolidate the monitoring of its IT infrastructure in a single application, moving from a reactive to a proactive model of incident response.
Fiduciaria is oriented to support the business sector in the growth of its business and contribute to the development of the country. The generation of security incidents was not being monitored in real time, so response times were not optimal. Splunk was implemented to proactively administer and manage its IT infrastructure, focused on improving and organizing the monitoring of security, integrity and access control of data to one or several areas within the company.
- Enable the end user to search and research their data freely from one place.
- Monitor your data and provide real-time alerts when specific conditions are met.
- Providing highly effective information and analysis.
- Provide the ability to create customized views and dashboards for different roles.
- Show the customer that Splunk supports multi-enterprise schemes and is flexibly deployed.
- Firewall traffic
- Firewall traffic
- Database auditing
- Symantec Appliance Monitoring
- VPN events
- Malware Event Monitoring
- Active Directory User Activity
- Linux Operating System Event Monitoring
Integrated Data Sources
- Microsoft Exchange logs
- Windows Operating System logs
- DNS Server logs
- Syslog (Fortinet, Switches)
- Symantec logs
- Databases (Oracle)
- Network protocols (UDP, SNMP)
Results and achievements
Monitoring environment best practices, security, network and other important aspects used in the implementation:
• Application Management: Troubleshoot application environments, monitor performance degradation.
• Security and Compliance: Provides rapid incident response, correlation and in-depth monitoring of all data sources.
• Infrastructure and Operations Management: Proactively monitors to ensure uptime, quickly identifies and resolves problems.
• Web and business analytics: Gain visibility and intelligence on customers, services and transactions, and detect trends and behavioral patterns in real time.
• Monitoring of Splunk environment infrastructure and external servers.
• Incident management through alerts and visualizations.
• Firewall network traffic monitoring.
• User activity management.
• VPN monitoring (User and access management)
• Monitoring-Symantec Anomalous Events
• DNS monitoring