Splunk: Quick Start and Lessons Learned from OSU
With the recent Internet2/Splunk price deals, the financial barrier for Splunk use at scale in higher education has been greatly reduced. OSU has been using Splunk in the security operations group and offering it as a centralized log management service for going on two years in a highly distributed environment with several hundred users and supporting use cases ranging from security to operational and business intelligence. This session will cover tips for getting started, architecture and hardware considerations, and lessons learned related to deploying, updating, and using Splunk.
Learn how to architect small Splunk environments that will allow you to scale them (versus rip and replace) * Benefit from lessons learned in using Splunk at scale in a higher ed environment * Learn tricks on how to make onboarding of new devices sending data into Splunk self-provisioning to reduce time spent on Splunk management
Sr Security Engineer, Ohio State University