Splunk Business Analytics and Insights
Splunk monitors and analyses machine data from any source to enable visualisation of the performance of your business from event data. It offers a versatile solution delivering real-time, end-to-end operational visibility into critical business processes, enabling businesses to quickly identify, analyse and resolve issues, failures, work processes and delays.
Features
- Cloud, hybrid or enterprise deployment
- Real time analysis for operational intelligence and business reporting
- Collects and indexes log and machine data from any source
- Powerful search, analysis and visualisation capabilities empower users
- Fraud and cyber threat detection analysis
- Information Assurance and security analysis
- Monitor and ensure compliance issues
- Big Data Analytics, machine data from internet/internal network
- Splunk NLP, interrogate data by voice activation
- Splunk Mobile, view dashboards on the go
Benefits
- Empowers companies to utilise all data, enabling innovation
- Real-time data available for business use
- Troubleshoot business critical issues in minutes, not hours
- Use Dashboards to monitor key services and business KPIs
- Customise charts and visualisations
- Ad hoc and pre-defined reports across real-time and historical data
- Scalable from GBs to PBs
- Splunk Apps and Add-Ons, designed to simplify and optimise tasks
Pricing
£611.80 to £1,490.00 a gigabyte a day
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 12
Service ID
4 7 8 4 2 6 9 1 1 6 7 3 5 2 3
Contact
The Virtual Forge
The VF Team
Telephone: +44 (0) 207 078 8855
Email: info@thevirtualforge.com
Service scope
- Software add-on or extension
- Yes
- What software services is the service an extension to
- We supply Splunk Cloud & Enterprise, and we utilise add-ons from Splunkbase. Our Splunk consultants provide design and delivery support.
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- The Splunk Cloud Services will be available 100% of the time. If Splunk fails to achieve the service Level Commitment for a Splunk Cloud Service, Customers may claim credits. As Splunk Cloud is offered uniformly across all customers, the service level cannot be modified an a customer by customer basis.
- System requirements
-
- Splunk Cloud Service is accessed via the browser
- Peer to peer access is required from source services
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Email or online ticketing
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- Web chat is available via the website www.thevirtualforge.com
- Web chat accessibility testing
- What testing have we done?
- Onsite support
- Yes, at extra cost
- Support levels
-
Splunk offer different response times base on the Support level and the issues severity.
P1 A production installation of purchased Splunk software is completely inaccessible or the majority of its functionality is unusable.
P2 One or more important features of purchased Splunk software has become unusable.
P3 Any other case where a feature of purchased Splunk software is not operating as documented.
P4 All general questions. Enhancement requests should be logged via the Splunk Ideas Portal.
Premium
P1/P2 24/7 P1/Response/30mins, P2/Response/1hr, P1/Fix/Workaround/24hrs P2/Fix/Workaround/1BusinessWeek
P3/P4 8-5 P3/Response/4hrs, P4/Response/1BusinessDay, P3/Fix/Workaround/NextRelease P4/Fix/Workaround/N/A
Standard
P1 24/7 P2 8-5 P1/Response/2hrs, P2/Response/1BusinessDay, P1/P2/Fix/Workaround/1BusinessWeek
P3/P4 8-5 P3/P4/Response/2BusinessDay, P3/Fix/Workaround/NextRelease P4/Fix/Workaround/N/A
Base
P1/P2 8-5 P1/Response/1BusinessDay, P2/Response/2BusinessDay P1/P2/Fix/Workaround/N/A
P3/P4 8-5 P3/Response/1Week P4/Response/None, P3/P4/Fix/Workaround/N/A
Support contract prices vary on the size of data ingest an Add ons required. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Check with Arrow re customer training packages
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Splunk provides a range of options for extracting and publishing data into external repositories. This includes flat file exports, ODBC connections, rest API connectivity and data rolling into Hadoop clusters. Customer Content may be retrieved by you and removed from Splunk's Hosted Services in accordance with the applicable Documentation. They will make the Customer Content available on the Hosted Services for thirty (30) days after termination of a subscription for your retrieval. The Virtual Forge can facilitate the relocation of this data to another service.
- End-of-contract process
- The price of the contract includes access to the Splunk cloud service for an unlimited number of people. The price of the contract defines the amount of data per day which can be added into the service. Splunk platform support is included in the price of the service. Additional professional services to develop new reports and dashboards or to provide data consulting, and analytics services are not included in the cost. Discussions will be held prior to the renewal date regarding the renewal options.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Dashboards reports and visualisations can be adapted to mobile devices. Splunk NPL can be used to interrogate data on mobile devices.
- Service interface
- No
- API
- Yes
- What users can and can't do using the API
- The Splunk platform REST API gives you access to the same information and functionality available to core system software and Splunk Web.
- API documentation
- Yes
- API documentation formats
-
- HTML
- Other
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Splunk is customisable users are able to create customised visualisations to analyse data patterns and trends. Role based access is available to allow the customer full control over changes and customisations.
Scaling
- Independence of resources
- Splunk Cloud is based on Amazon AWS and has scalability built in. Services can be scaled up or down depending on requirements.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Metrics is a feature for system administrators, IT and service engineers that focuses on collecting, investigating, monitoring, and sharing metrics from your technology infrastructure, security systems, and business applications in real time. In the Splunk platform, you use metric indexes to store metrics data. This data can be used to create interactive charts, visualise metric data correlations, and save your creations as charts or dashboards.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Splunk
Staff security
- Staff security clearance
- Staff screening not performed
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- EU-US Privacy Shield agreement locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
-
Splunk provides a range of options for extracting and publishing data into external repositories. This includes flat file exports, ODBC connections, rest API connectivity and data rolling into Hadoop clusters.
Users can also download the results of reports and summaries to CSV or PDF files directly from the report interface if required. - Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- JSON
- XML
- Raw Events
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
-
- Network events, TCP/UDP Ports, SNMP events
- Windows sources, Event log, Registry data, WMI data, Active Directory
- Metrics, from technology infrastructure, business applications, security systems
- Scripted inputs, from APIs, remote data interfaces and message queues
- Modular inputs, custom capability
- HTTP Event Collector endpoint
- First-in, first-out (FIFO) queues
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Splunk provides 100% uptime SLA for Cloud Splunk. Service credits will be offered if this is breached. As this service is uniformly offered across all customers, the SLA cannot be modified on a customer by customer basis.
- Approach to resilience
- Splunk Cloud platform is hosted on AWS. Customers are able configure operational resilience to their specific requirements, utilising multiple availability zones.
- Outage reporting
- Outages will be reported via email.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Username or password
- Other
- Other user authentication
- Additional layers of security, and access via dedicated networks can be configured upon request.
- Access restrictions in management interfaces and support channels
- No access to OS level is provided for the Splunk cloud service. Any OS level access requires interaction with the platform support team, Full RBAC controls are supported in the Splunk application allowing granular access.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- KPMG Audit PLC
- ISO/IEC 27001 accreditation date
- 3 December 2018
- What the ISO/IEC 27001 doesn’t cover
- The scope of the ISO/IEC 270001:2013 certification is limited to the information security management system (ISMS) supporting the Splunk Cloud systems that governs all client data under the control or ownership of Splunk Cloud and that resides in its in-scope sites.
- ISO 28000:2007 certification
- Yes
- Who accredited the ISO 28000:2007
- Please request if required
- ISO 28000:2007 accreditation date
- Please request if required
- What the ISO 28000:2007 doesn’t cover
- All information on Splunk certifications can be found here; https://www.splunk.com/en_us/legal/splunk-cloud-security-addendum
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
- https:/www.splunk.com/en_us/legal/splunk-cloud-security-addendum.html
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
- SOC 2 Type II: Splunk Cloud has an annual SOC 2 Type 2 audit report issued. The SOC 2 audit assesses an organisation's security, availability, process integrity, and confidentiality processes to provide assurance about the systems that a company uses to protect customers' data.
- Information security policies and processes
-
Splunk has attained a number of compliance attestations and certifications from industry-leading auditors as part of our commitment to adhere to industry standards worldwide. Splunk has attained a number of compliance attestations/certifications to provide customers with independent third-party validation of our efforts to safeguard customer data. Splunk has contracted with industry-leading auditors as part of our commitment to adhere to industry standards worldwide. The following compliance attestations/certifications are available:
SOC 2 Type II: Splunk Cloud has an annual SOC 2 Type 2 audit report issued. The SOC 2 audit assesses an organization's security, availability, process integrity, and confidentiality processes to provide assurance about the systems that a company uses to protect customers' data. If you require the SOC 2 Type 2 attestation to review, contact your Splunk sales representative to request it.
ISO 27001: Splunk Cloud is ISO/IEC 27001:2013-certified. ISO/IEC 27001:2013 is a standard for an information security management system, specifying the policies and procedures for all legal, physical, and technical controls used by an organisation to minimise risk to information.
Full details can be found here https://docs.splunk.com/Documentation/SplunkCloud/latest/Service/SplunkCloudservice#Security
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Splunk manages and updates the Splunk Cloud service uniformly, so all customers of Splunk Cloud receive the most current features and functionality. Ensure Operational Contacts listed in your Splunk.com support portal are regularly updated. Operational Contacts are notified when your Splunk Cloud environment undergoes maintenance, requires configuration awareness, or experiences a performance-impacting event. These contacts will receive regular notifications of planned and unplanned downtime, including scheduled maintenance window alerts and email updates related to incident-triggered cases.
Full details can be found here https://docs.splunk.com/Documentation/SplunkCloud/latest/Service/SplunkCloudservice#Maintenance - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
The security and privacy of your data is of the utmost importance to you and your organisation, and Splunk makes this a top priority. Splunk Cloud service is designed and delivered using key security controls.
Full details can be found here https://docs.splunk.com/Documentation/SplunkCloud/latest/Service/SplunkCloudservice#Security - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
The security and privacy of your data is of the utmost importance to you and your organisation, and Splunk makes this a top priority. Splunk Cloud service is designed and delivered using key security controls.
Full details can be found here https://docs.splunk.com/Documentation/SplunkCloud/latest/Service/SplunkCloudservice#Security - Incident management type
- Supplier-defined controls
- Incident management approach
- Users can report incidents to Splunk through the Support portal, allocating the appropriate severity level.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
- Public Services Network (PSN)
Pricing
- Price
- £611.80 to £1,490.00 a gigabyte a day
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Splunk offer a limited free trail version