Skip to content Skip to navigation

Centralized Logging (Splunk)

The Splunk service is provided by the Information Security Office (ISO). Splunk is software for searching, monitoring, and analyzing machine-generated big data via a web-style interface.

Splunk captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations. Splunk makes machine data accessible across an organization, and identifies data patterns, provides metrics used to facilitate the diagnosis of problems, and provides intelligence for business operations.

Splunk for Stanford

Splunk is currently available campus-wide with a simple cost model: a monthly fee of $64 per GB of logs ingested per day, based on the average daily usage during the previous 30 days.    If your systems are managed by University IT (ITS CRC, Administrative Systems) Splunk is included at no additional fee.  Contact your University IT  support team to learn more on how to access your logs.

The Splunk service includes:

  • Direct access to search your logs
  • All software licenses and annual maintenance, server hardware and storage
  • 18 months of log retention
  • 6 months of log backup
  • System administration support for the servers and storage
  • Periodic log volume reports and alerts

Getting started

To get started or to speak with a staff from the Information Security Office about Splunk, please submit a HelpSU request.

Stanford Splunk Administrators

Splunk Administrators (Restricted Access)

Last modified September 17, 2015