The Splunk service is provided by the Information Security Office (ISO). Splunk is software for searching, monitoring, and analyzing machine-generated big data via a web-style interface.
Splunk captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations. Splunk makes machine data accessible across an organization, and identifies data patterns, provides metrics used to facilitate the diagnosis of problems, and provides intelligence for business operations.
Splunk for Stanford
Splunk is currently available campus-wide with a simple cost model: a monthly fee of $64 per GB of logs ingested per day, based on the average daily usage during the previous 30 days. If your systems are managed by University IT (ITS CRC, Administrative Systems) Splunk is included at no additional fee. Contact your University IT support team to learn more on how to access your logs.
The Splunk service includes:
- Direct access to search your logs
- All software licenses and annual maintenance, server hardware and storage
- 18 months of log retention
- 6 months of log backup
- System administration support for the servers and storage
- Periodic log volume reports and alerts
To get started or to speak with a staff from the Information Security Office about Splunk, please submit a HelpSU request.