SlideShare une entreprise Scribd logo

Splunk for centrify

G
Greg Hanchin

Splunk for Centrify Application

Technologie
1  sur  2
Télécharger pour lire hors ligne
Delivering the Control, Visibility and Security of Your Cross-Platform Data Center Splunk App for Centrify Insight F A C T S H E E T Splunk is the engine for machine data that gives system administrators and security specialists visibility and control of highly complex Active Directory environments. Splunk aggregates, correlates and monitories all security event logs and changes to AD schema. Why Splunk for Centrify Insight Centrify Suite can easily create reports that show what systems users have accessed and reveal their *NIX attributes. All of this information is centrally stored in Centrify Zones within Active Directory, making it easy to manage and report. Using Splunk for Centrify Insight you can also determine: • Who Zone-enabled a user? • When *NIX attribute(s) were changed? • What Zone-groups have been modified? • What changes were made to Active Directory Users, Groups and Computer objects? Active Directory Security Insights Understanding and monitoring changes to the settings of Active Directory Objects can mean the difference between the right or wrong person having access to proprietary data or specific applications. The ability to be alerted to changes, see the change deltas and know who made the changes, supports the security and compliance best practice of separation of duties. Changes to Active Directory objects (users, groups and computers) and the timing (adds, modifies, deletes or undeletes) can indicate malicious activity and the first step in the compromise of your proprietary data. Splunk App for Centrify Insight Centrify Insight is a Splunk application that listens to Active Directory domain controllers and security event logs as well as *NIX syslog and Centrify Suite logs to provide the insight you need to answer security and forensic questions about Centrify secured systems. This data is captured and summarized into a series of reports and metrics that can be displayed, reported, alerted and analyzed at a granular level. Centrify Insight provides the visibility you need with an easy-to-use search interface and pre-built interactive reports based on the mature and popular Splunk platform. And best of all, Centrify is making this available for free! The Challenge Heterogeneous IT environments have become the standard both for server operating systems and the applications that run on them. With diverse operating systems and applications spanning physical, virtual and cloud-based environments, along with more Java- and web-based applications, the trend toward diversity is only accelerating. Not surprisingly, interoperability among these diverse platforms is a key concern for IT managers. Reducing complexity has become even more critical in the past few years as an uncertain economy has put renewed focus on reducing expenses and leveraging existing investments. Meanwhile, security and compliance have become even more critical as organizations cope with a dynamic business environment that includes mergers and acquisitions, staff reductions and outsourcing. The Solution Splunk Enterprise and Centrify can deliver the control and visibility you need to establish and manage the security of your cross-platform data center. You get a deeper insight into Active Directory status and the local system changes that affect the security and compliance of your environment. Centrify Suite The Centrify Suite lets you centrally control, secure and audit the access to your cross-platform systems and applications by leveraging your existing Active Directory infrastructure. Built on an integrated architecture, the Centrify Suite enables organizations to strengthen security, enhance regulatory compliance initiatives, reduce IT expense and complexity and improve end-user productivity. The Centrify Suite—consisting of DirectControl, DirectAuthorize, DirectAudit, DirectSecure and DirectManage—delivers secure authentication and single sign- on, role-based access control, privileged identity management, user-level auditing, server isolation and encryption of data-in- motion for the industry’s broadest set of heterogeneous systems and applications. Splunk for Active Directory Splunk is perfectly suited for monitoring and auditing Active Directory logs because it matches the flexibility of Active Directory and can scale linearly as your Active Directory environment grows. Splunk can manage and analyze any data from any source type without requiring connectors. In addition, Splunk can not only manage Active Directory’s huge amount of data for trending and compliance requirements, it can handle complex event processing for real-time monitoring and alerting.
www.splunk.comlisten to your data 250 Brannan St, San Francisco, CA, 94107 info@splunk.com | sales@splunk.com 866-438-7758 | 415-848-8400 www.splunkbase.com F A C T S H E E T Copyright © 2012 Splunk Inc. All rights reserved. Splunk Enterprise is protected by U.S. and international copyright and intellectual property laws. Splunk is a registered trademark or trademark of Splunk Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item # FS-Splunk-Centrify Insight-101 About Splunk Splunk collects, indexes and harnesses machine data generated by an organization’s IT systems and infrastructure—physical, virtual and in the cloud. Machine data is unstructured, massive in scale and contains a categorical record of all transactions, systems, applications, user activities, security threats and fraudulent activity. Splunk has the flexibility to collect all your data sources, the scalability to work across your entire infrastructure and the power to provide deep drilldown, statistical analysis and real- time, custom dashboards to anyone in your organization. About Centrify Centrify delivers integrated software solutions that centrally control, secure and audit access to cross-platform systems and applications using Microsoft Active Directory. Centrify is deployed in production on hundreds of thousands of mission critical servers. Over 3,000 organizations rely on Centrify’s identity consolidation and privilege management solutions to reduce IT expenses, strengthen security and meet compliance requirements. Features • Real-time views and alerts of scheduled or ad-hoc policy changes • Intuitive visualizations of key performance indicators (KPIs) using pre-built dashboards that monitor configuration changes • Timely alert-setting to notify you when specific changes are made to Active Directory • Robust scheduling and reporting • Customizable graphics and dashboards • Scalable, universal real-time log event collection and indexing from any application, server, network or security device • Easy-to-use interface facilitates communication of status and issues across the organization F A C T S H E E T Free Download Download Splunk for free. You’ll get a Splunk Enterprise license for 60 days and you can index up to 500 megabytes of data per day. After 60 days, or anytime before then, you can convert to a perpetual Free license or purchase an Enterprise license by contacting sales@splunk.com.

Recommandé

Using Splunk course outline
Using Splunk course outline Using Splunk course outline
Using Splunk course outline Greg Hanchin
 
NUTANIX and SPLUNK
NUTANIX and SPLUNKNUTANIX and SPLUNK
NUTANIX and SPLUNKGreg Hanchin
 
Splunk for exchange
Splunk for exchangeSplunk for exchange
Splunk for exchangeGreg Hanchin
 
Splunk for cyber_threat
Splunk for cyber_threatSplunk for cyber_threat
Splunk for cyber_threatGreg Hanchin
 
Splunk for compliance
Splunk for complianceSplunk for compliance
Splunk for complianceGreg Hanchin
 
Splunk Searching and reporting 43course
Splunk Searching and reporting 43courseSplunk Searching and reporting 43course
Splunk Searching and reporting 43courseGreg Hanchin
 
Advanced Splunk 50 administration
Advanced Splunk 50 administrationAdvanced Splunk 50 administration
Advanced Splunk 50 administrationGreg Hanchin
 
Advanced searching and reporting 50 course
Advanced searching and reporting 50 course Advanced searching and reporting 50 course
Advanced searching and reporting 50 course Greg Hanchin
 

Recommandé

Using Splunk course outline
Using Splunk course outline Using Splunk course outline
Using Splunk course outline Greg Hanchin
 
NUTANIX and SPLUNK
NUTANIX and SPLUNKNUTANIX and SPLUNK
NUTANIX and SPLUNKGreg Hanchin
 
Splunk for exchange
Splunk for exchangeSplunk for exchange
Splunk for exchangeGreg Hanchin
 
Splunk for cyber_threat
Splunk for cyber_threatSplunk for cyber_threat
Splunk for cyber_threatGreg Hanchin
 
Splunk for compliance
Splunk for complianceSplunk for compliance
Splunk for complianceGreg Hanchin
 
Splunk Searching and reporting 43course
Splunk Searching and reporting 43courseSplunk Searching and reporting 43course
Splunk Searching and reporting 43courseGreg Hanchin
 
Advanced Splunk 50 administration
Advanced Splunk 50 administrationAdvanced Splunk 50 administration
Advanced Splunk 50 administrationGreg Hanchin
 
Advanced searching and reporting 50 course
Advanced searching and reporting 50 course Advanced searching and reporting 50 course
Advanced searching and reporting 50 course Greg Hanchin
 
Administering splunk 43 course
Administering splunk 43 courseAdministering splunk 43 course
Administering splunk 43 courseGreg Hanchin
 
Using splunk43course
Using splunk43courseUsing splunk43course
Using splunk43courseGreg Hanchin
 
Advanced Splunk Administration
Advanced Splunk AdministrationAdvanced Splunk Administration
Advanced Splunk AdministrationGreg Hanchin
 
Splunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class descriptionSplunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class descriptionGreg Hanchin
 
Administering Splunk course
Administering Splunk courseAdministering Splunk course
Administering Splunk courseGreg Hanchin
 
Splunk Searching and Reporting Class Details
Splunk Searching and Reporting Class DetailsSplunk Searching and Reporting Class Details
Splunk Searching and Reporting Class DetailsGreg Hanchin
 
Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring Greg Hanchin
 
Splunk forwarders tech_brief
Splunk forwarders tech_briefSplunk forwarders tech_brief
Splunk forwarders tech_briefGreg Hanchin
 
Splunk and map_reduce
Splunk and map_reduceSplunk and map_reduce
Splunk and map_reduceGreg Hanchin
 
Splunk for xen_desktop
Splunk for xen_desktopSplunk for xen_desktop
Splunk for xen_desktopGreg Hanchin
 
Splunk for palo_alto
Splunk for palo_altoSplunk for palo_alto
Splunk for palo_altoGreg Hanchin
 
Splunk for ibtrm
Splunk for ibtrmSplunk for ibtrm
Splunk for ibtrmGreg Hanchin
 
Splunk for fisma
Splunk for fismaSplunk for fisma
Splunk for fismaGreg Hanchin
 
Splunk for f5
Splunk for f5Splunk for f5
Splunk for f5Greg Hanchin
 
Splunk for db_connect
Splunk for db_connectSplunk for db_connect
Splunk for db_connectGreg Hanchin
 
Splunk for active_directory
Splunk for active_directorySplunk for active_directory
Splunk for active_directoryGreg Hanchin
 
Splunk app for_windows
Splunk app for_windowsSplunk app for_windows
Splunk app for_windowsGreg Hanchin
 
Splunk app for_enterprise_security
Splunk app for_enterprise_securitySplunk app for_enterprise_security
Splunk app for_enterprise_securityGreg Hanchin
 
Splunk guide for_iso_27002
Splunk guide for_iso_27002Splunk guide for_iso_27002
Splunk guide for_iso_27002Greg Hanchin
 
Splunk for security
Splunk for securitySplunk for security
Splunk for securityGreg Hanchin
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 

Contenu connexe

Plus de Greg Hanchin

Administering splunk 43 course
Administering splunk 43 courseAdministering splunk 43 course
Administering splunk 43 courseGreg Hanchin
 
Using splunk43course
Using splunk43courseUsing splunk43course
Using splunk43courseGreg Hanchin
 
Advanced Splunk Administration
Advanced Splunk AdministrationAdvanced Splunk Administration
Advanced Splunk AdministrationGreg Hanchin
 
Splunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class descriptionSplunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class descriptionGreg Hanchin
 
Administering Splunk course
Administering Splunk courseAdministering Splunk course
Administering Splunk courseGreg Hanchin
 
Splunk Searching and Reporting Class Details
Splunk Searching and Reporting Class DetailsSplunk Searching and Reporting Class Details
Splunk Searching and Reporting Class DetailsGreg Hanchin
 
Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring Greg Hanchin
 
Splunk forwarders tech_brief
Splunk forwarders tech_briefSplunk forwarders tech_brief
Splunk forwarders tech_briefGreg Hanchin
 
Splunk and map_reduce
Splunk and map_reduceSplunk and map_reduce
Splunk and map_reduceGreg Hanchin
 
Splunk for xen_desktop
Splunk for xen_desktopSplunk for xen_desktop
Splunk for xen_desktopGreg Hanchin
 
Splunk for palo_alto
Splunk for palo_altoSplunk for palo_alto
Splunk for palo_altoGreg Hanchin
 
Splunk for db_connect
Splunk for db_connectSplunk for db_connect
Splunk for db_connectGreg Hanchin
 
Splunk for active_directory
Splunk for active_directorySplunk for active_directory
Splunk for active_directoryGreg Hanchin
 
Splunk app for_windows
Splunk app for_windowsSplunk app for_windows
Splunk app for_windowsGreg Hanchin
 
Splunk app for_enterprise_security
Splunk app for_enterprise_securitySplunk app for_enterprise_security
Splunk app for_enterprise_securityGreg Hanchin
 
Splunk guide for_iso_27002
Splunk guide for_iso_27002Splunk guide for_iso_27002
Splunk guide for_iso_27002Greg Hanchin
 
Splunk for security
Splunk for securitySplunk for security
Splunk for securityGreg Hanchin
 

Plus de Greg Hanchin (20)

Administering splunk 43 course
Administering splunk 43 courseAdministering splunk 43 course
Administering splunk 43 course
 
Using splunk43course
Using splunk43courseUsing splunk43course
Using splunk43course
 
Advanced Splunk Administration
Advanced Splunk AdministrationAdvanced Splunk Administration
Advanced Splunk Administration
 
Splunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class descriptionSplunk Advanced searching and reporting Class description
Splunk Advanced searching and reporting Class description
 
Administering Splunk course
Administering Splunk courseAdministering Splunk course
Administering Splunk course
 
Splunk Searching and Reporting Class Details
Splunk Searching and Reporting Class DetailsSplunk Searching and Reporting Class Details
Splunk Searching and Reporting Class Details
 
Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring Splunk FISMA for Continuous Monitoring
Splunk FISMA for Continuous Monitoring
 
Splunk forwarders tech_brief
Splunk forwarders tech_briefSplunk forwarders tech_brief
Splunk forwarders tech_brief
 
Splunk and map_reduce
Splunk and map_reduceSplunk and map_reduce
Splunk and map_reduce
 
Splunk for xen_desktop
Splunk for xen_desktopSplunk for xen_desktop
Splunk for xen_desktop
 
Splunk for palo_alto
Splunk for palo_altoSplunk for palo_alto
Splunk for palo_alto
 
Splunk for ibtrm
Splunk for ibtrmSplunk for ibtrm
Splunk for ibtrm
 
Splunk for fisma
Splunk for fismaSplunk for fisma
Splunk for fisma
 
Splunk for f5
Splunk for f5Splunk for f5
Splunk for f5
 
Splunk for db_connect
Splunk for db_connectSplunk for db_connect
Splunk for db_connect
 
Splunk for active_directory
Splunk for active_directorySplunk for active_directory
Splunk for active_directory
 
Splunk app for_windows
Splunk app for_windowsSplunk app for_windows
Splunk app for_windows
 
Splunk app for_enterprise_security
Splunk app for_enterprise_securitySplunk app for_enterprise_security
Splunk app for_enterprise_security
 
Splunk guide for_iso_27002
Splunk guide for_iso_27002Splunk guide for_iso_27002
Splunk guide for_iso_27002
 
Splunk for security
Splunk for securitySplunk for security
Splunk for security
 

Dernier

Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 

Dernier (20)

Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 

Splunk for centrify

  • 1. Delivering the Control, Visibility and Security of Your Cross-Platform Data Center Splunk App for Centrify Insight F A C T S H E E T Splunk is the engine for machine data that gives system administrators and security specialists visibility and control of highly complex Active Directory environments. Splunk aggregates, correlates and monitories all security event logs and changes to AD schema. Why Splunk for Centrify Insight Centrify Suite can easily create reports that show what systems users have accessed and reveal their *NIX attributes. All of this information is centrally stored in Centrify Zones within Active Directory, making it easy to manage and report. Using Splunk for Centrify Insight you can also determine: • Who Zone-enabled a user? • When *NIX attribute(s) were changed? • What Zone-groups have been modified? • What changes were made to Active Directory Users, Groups and Computer objects? Active Directory Security Insights Understanding and monitoring changes to the settings of Active Directory Objects can mean the difference between the right or wrong person having access to proprietary data or specific applications. The ability to be alerted to changes, see the change deltas and know who made the changes, supports the security and compliance best practice of separation of duties. Changes to Active Directory objects (users, groups and computers) and the timing (adds, modifies, deletes or undeletes) can indicate malicious activity and the first step in the compromise of your proprietary data. Splunk App for Centrify Insight Centrify Insight is a Splunk application that listens to Active Directory domain controllers and security event logs as well as *NIX syslog and Centrify Suite logs to provide the insight you need to answer security and forensic questions about Centrify secured systems. This data is captured and summarized into a series of reports and metrics that can be displayed, reported, alerted and analyzed at a granular level. Centrify Insight provides the visibility you need with an easy-to-use search interface and pre-built interactive reports based on the mature and popular Splunk platform. And best of all, Centrify is making this available for free! The Challenge Heterogeneous IT environments have become the standard both for server operating systems and the applications that run on them. With diverse operating systems and applications spanning physical, virtual and cloud-based environments, along with more Java- and web-based applications, the trend toward diversity is only accelerating. Not surprisingly, interoperability among these diverse platforms is a key concern for IT managers. Reducing complexity has become even more critical in the past few years as an uncertain economy has put renewed focus on reducing expenses and leveraging existing investments. Meanwhile, security and compliance have become even more critical as organizations cope with a dynamic business environment that includes mergers and acquisitions, staff reductions and outsourcing. The Solution Splunk Enterprise and Centrify can deliver the control and visibility you need to establish and manage the security of your cross-platform data center. You get a deeper insight into Active Directory status and the local system changes that affect the security and compliance of your environment. Centrify Suite The Centrify Suite lets you centrally control, secure and audit the access to your cross-platform systems and applications by leveraging your existing Active Directory infrastructure. Built on an integrated architecture, the Centrify Suite enables organizations to strengthen security, enhance regulatory compliance initiatives, reduce IT expense and complexity and improve end-user productivity. The Centrify Suite—consisting of DirectControl, DirectAuthorize, DirectAudit, DirectSecure and DirectManage—delivers secure authentication and single sign- on, role-based access control, privileged identity management, user-level auditing, server isolation and encryption of data-in- motion for the industry’s broadest set of heterogeneous systems and applications. Splunk for Active Directory Splunk is perfectly suited for monitoring and auditing Active Directory logs because it matches the flexibility of Active Directory and can scale linearly as your Active Directory environment grows. Splunk can manage and analyze any data from any source type without requiring connectors. In addition, Splunk can not only manage Active Directory’s huge amount of data for trending and compliance requirements, it can handle complex event processing for real-time monitoring and alerting.
  • 2. www.splunk.comlisten to your data 250 Brannan St, San Francisco, CA, 94107 info@splunk.com | sales@splunk.com 866-438-7758 | 415-848-8400 www.splunkbase.com F A C T S H E E T Copyright © 2012 Splunk Inc. All rights reserved. Splunk Enterprise is protected by U.S. and international copyright and intellectual property laws. Splunk is a registered trademark or trademark of Splunk Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item # FS-Splunk-Centrify Insight-101 About Splunk Splunk collects, indexes and harnesses machine data generated by an organization’s IT systems and infrastructure—physical, virtual and in the cloud. Machine data is unstructured, massive in scale and contains a categorical record of all transactions, systems, applications, user activities, security threats and fraudulent activity. Splunk has the flexibility to collect all your data sources, the scalability to work across your entire infrastructure and the power to provide deep drilldown, statistical analysis and real- time, custom dashboards to anyone in your organization. About Centrify Centrify delivers integrated software solutions that centrally control, secure and audit access to cross-platform systems and applications using Microsoft Active Directory. Centrify is deployed in production on hundreds of thousands of mission critical servers. Over 3,000 organizations rely on Centrify’s identity consolidation and privilege management solutions to reduce IT expenses, strengthen security and meet compliance requirements. Features • Real-time views and alerts of scheduled or ad-hoc policy changes • Intuitive visualizations of key performance indicators (KPIs) using pre-built dashboards that monitor configuration changes • Timely alert-setting to notify you when specific changes are made to Active Directory • Robust scheduling and reporting • Customizable graphics and dashboards • Scalable, universal real-time log event collection and indexing from any application, server, network or security device • Easy-to-use interface facilitates communication of status and issues across the organization F A C T S H E E T Free Download Download Splunk for free. You’ll get a Splunk Enterprise license for 60 days and you can index up to 500 megabytes of data per day. After 60 days, or anytime before then, you can convert to a perpetual Free license or purchase an Enterprise license by contacting sales@splunk.com.