Discuss IT

The South African Podcast Portal
  • Decrease font size
  • Default font size
  • Increase font size
  • default color
  • green color
  • cyan color
  • red color
IT Security Pubcast discusses topical Information Security and Risk issues for South African practitioners
Home arrow Pubcast arrow Pubcast - Splunking Data!
Pubcast - Splunking Data! PDF Print E-mail
Monday, 01 June 2009
Stefan Buys and Marinus van AswegenEpisode 11 of the IT Security Pubcast.
The Pubcast examines a free tool to collate and correlate log data from different sources in order to provide a meaningful management view of risk.

While application and system logging is a core security requirement it is often overlooked for numerous reasons: the logs are disseminated around the organisation, they are overwritten before they can be utilised, they take space, they are seldom considered aside from forensic analysis, and it can be difficult to correlate the different events they represent. In short, this core security asset is often overlooked because of the cost and complexities of utilising it.

The Pubcast discussed this with Stefan Buys and Marinus van Aswegen, who are working with SPLUNK, a free solution that collates data from multiple sources, stores it and provides elegant mechanisms to interpret it. The debate considers and how a where a tool like this would be best implemented, whether the average security practitioner has the ability to do so, and the all important question of support.

Pubcast Episode 11 (Full)
Download the  Full Audio File

Pubcast Episode 11 (Part 1)

Pubcast Episode 11 (Part 2)

Pubcast Episode 11 (Part 3)

< Prev   Next >