Splunk Log Aggregation and Analysis Tool Available in Beta

Are your IT systems doing everything they're supposed to?  Are they doing it securely?  How do you know?  Most systems generate log data that would tell you, but the data can only help you if you look at it.

To make all of that data useful, University IT has been deploying the Splunk log aggregation and analysis tool to hundreds of its servers over the past several months.  Splunk is a utility for searching, monitoring and analyzing machine-generated big data via a web interface.
Splunk captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

We are pleased to announce that Splunk is now available campus-wide in “beta” mode with a simple cost model: a monthly fee of $64 per GB of logs ingested per day, based on the average actual daily usage during the month.  This Splunk service includes:

• Direct access to search your logs
• All software licenses and annual maintenance, server hardware and storage
• 18 months of log retention using a 3 tiered storage model
• 6 months of log backup
• System administration support for the servers and storage
• Periodic log volume reports and alerts

The beta service shares capacity with University IT’s current Splunk infrastructure and there is limited space for enrollment.  The full service available to everyone will be deployed on new infrastructure in the Winter Quarter.  Beta users will have to re-enroll in the new service, but their data from the beta service will be preserved and migrated.

For more information about Splunk, please see the service page.