Splunk: Quick Start and Lessons Learned from OSU

Thursday, May 08 | 9:00AM–10:00AM | Grand Ballroom Salon E/F
Session Type: Professional Development

With the recent Internet2/Splunk price deals, the financial barrier for Splunk use at scale in higher education has been greatly reduced. OSU has been using Splunk in the security operations group and offering it as a centralized log management service for going on two years in a highly distributed environment with several hundred users and supporting use cases ranging from security to operational and business intelligence. This session will cover tips for getting started, architecture and hardware considerations, and lessons learned related to deploying, updating, and using Splunk.


Learn how to architect small Splunk environments that will allow you to scale them (versus rip and replace) * Benefit from lessons learned in using Splunk at scale in a higher ed environment * Learn tricks on how to make onboarding of new devices sending data into Splunk self-provisioning to reduce time spent on Splunk management


Resources & Downloads