The Virtual Forge

Splunk Business Analytics and Insights

Splunk monitors and analyses machine data from any source to enable visualisation of the performance of your business from event data. It offers a versatile solution delivering real-time, end-to-end operational visibility into critical business processes, enabling businesses to quickly identify, analyse and resolve issues, failures, work processes and delays.

Features

  • Cloud, hybrid or enterprise deployment
  • Real time analysis for operational intelligence and business reporting
  • Collects and indexes log and machine data from any source
  • Powerful search, analysis and visualisation capabilities empower users
  • Fraud and cyber threat detection analysis
  • Information Assurance and security analysis
  • Monitor and ensure compliance issues
  • Big Data Analytics, machine data from internet/internal network
  • Splunk NLP, interrogate data by voice activation
  • Splunk Mobile, view dashboards on the go

Benefits

  • Empowers companies to utilise all data, enabling innovation
  • Real-time data available for business use
  • Troubleshoot business critical issues in minutes, not hours
  • Use Dashboards to monitor key services and business KPIs
  • Customise charts and visualisations
  • Ad hoc and pre-defined reports across real-time and historical data
  • Scalable from GBs to PBs
  • Splunk Apps and Add-Ons, designed to simplify and optimise tasks

Pricing

£611.80 to £1,490.00 a gigabyte a day

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

4 7 8 4 2 6 9 1 1 6 7 3 5 2 3

Contact

The Virtual Forge The VF Team
Telephone: +44 (0) 207 078 8855
Email: info@thevirtualforge.com

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
We supply Splunk Cloud & Enterprise, and we utilise add-ons from Splunkbase. Our Splunk consultants provide design and delivery support.
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
The Splunk Cloud Services will be available 100% of the time. If Splunk fails to achieve the service Level Commitment for a Splunk Cloud Service, Customers may claim credits. As Splunk Cloud is offered uniformly across all customers, the service level cannot be modified an a customer by customer basis.
System requirements
  • Splunk Cloud Service is accessed via the browser
  • Peer to peer access is required from source services

User support

Email or online ticketing support
Email or online ticketing
Support response times
Email or online ticketing
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Web chat is available via the website www.thevirtualforge.com
Web chat accessibility testing
What testing have we done?
Onsite support
Yes, at extra cost
Support levels
Splunk offer different response times base on the Support level and the issues severity.
P1 A production installation of purchased Splunk software is completely inaccessible or the majority of its functionality is unusable.
P2 One or more important features of purchased Splunk software has become unusable.
P3 Any other case where a feature of purchased Splunk software is not operating as documented.
P4 All general questions. Enhancement requests should be logged via the Splunk Ideas Portal.

Premium
P1/P2 24/7 P1/Response/30mins, P2/Response/1hr, P1/Fix/Workaround/24hrs P2/Fix/Workaround/1BusinessWeek
P3/P4 8-5 P3/Response/4hrs, P4/Response/1BusinessDay, P3/Fix/Workaround/NextRelease P4/Fix/Workaround/N/A

Standard
P1 24/7 P2 8-5 P1/Response/2hrs, P2/Response/1BusinessDay, P1/P2/Fix/Workaround/1BusinessWeek
P3/P4 8-5 P3/P4/Response/2BusinessDay, P3/Fix/Workaround/NextRelease P4/Fix/Workaround/N/A

Base
P1/P2 8-5 P1/Response/1BusinessDay, P2/Response/2BusinessDay P1/P2/Fix/Workaround/N/A
P3/P4 8-5 P3/Response/1Week P4/Response/None, P3/P4/Fix/Workaround/N/A

Support contract prices vary on the size of data ingest an Add ons required.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Check with Arrow re customer training packages
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Splunk provides a range of options for extracting and publishing data into external repositories. This includes flat file exports, ODBC connections, rest API connectivity and data rolling into Hadoop clusters. Customer Content may be retrieved by you and removed from Splunk's Hosted Services in accordance with the applicable Documentation. They will make the Customer Content available on the Hosted Services for thirty (30) days after termination of a subscription for your retrieval. The Virtual Forge can facilitate the relocation of this data to another service.
End-of-contract process
The price of the contract includes access to the Splunk cloud service for an unlimited number of people. The price of the contract defines the amount of data per day which can be added into the service. Splunk platform support is included in the price of the service. Additional professional services to develop new reports and dashboards or to provide data consulting, and analytics services are not included in the cost. Discussions will be held prior to the renewal date regarding the renewal options.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Dashboards reports and visualisations can be adapted to mobile devices. Splunk NPL can be used to interrogate data on mobile devices.
Service interface
No
API
Yes
What users can and can't do using the API
The Splunk platform REST API gives you access to the same information and functionality available to core system software and Splunk Web.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
  • Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Splunk is customisable users are able to create customised visualisations to analyse data patterns and trends. Role based access is available to allow the customer full control over changes and customisations.

Scaling

Independence of resources
Splunk Cloud is based on Amazon AWS and has scalability built in. Services can be scaled up or down depending on requirements.

Analytics

Service usage metrics
Yes
Metrics types
Metrics is a feature for system administrators, IT and service engineers that focuses on collecting, investigating, monitoring, and sharing metrics from your technology infrastructure, security systems, and business applications in real time. In the Splunk platform, you use metric indexes to store metrics data. This data can be used to create interactive charts, visualise metric data correlations, and save your creations as charts or dashboards.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Splunk

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Splunk provides a range of options for extracting and publishing data into external repositories. This includes flat file exports, ODBC connections, rest API connectivity and data rolling into Hadoop clusters.

Users can also download the results of reports and summaries to CSV or PDF files directly from the report interface if required.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • JSON
  • XML
  • PDF
  • Raw Events
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • Network events, TCP/UDP Ports, SNMP events
  • Windows sources, Event log, Registry data, WMI data, Active Directory
  • Metrics, from technology infrastructure, business applications, security systems
  • Scripted inputs, from APIs, remote data interfaces and message queues
  • Modular inputs, custom capability
  • HTTP Event Collector endpoint
  • First-in, first-out (FIFO) queues

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Splunk provides 100% uptime SLA for Cloud Splunk. Service credits will be offered if this is breached. As this service is uniformly offered across all customers, the SLA cannot be modified on a customer by customer basis.
Approach to resilience
Splunk Cloud platform is hosted on AWS. Customers are able configure operational resilience to their specific requirements, utilising multiple availability zones.
Outage reporting
Outages will be reported via email.

Identity and authentication

User authentication needed
Yes
User authentication
  • Username or password
  • Other
Other user authentication
Additional layers of security, and access via dedicated networks can be configured upon request.
Access restrictions in management interfaces and support channels
No access to OS level is provided for the Splunk cloud service. Any OS level access requires interaction with the platform support team, Full RBAC controls are supported in the Splunk application allowing granular access.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
KPMG Audit PLC
ISO/IEC 27001 accreditation date
3 December 2018
What the ISO/IEC 27001 doesn’t cover
The scope of the ISO/IEC 270001:2013 certification is limited to the information security management system (ISMS) supporting the Splunk Cloud systems that governs all client data under the control or ownership of Splunk Cloud and that resides in its in-scope sites.
ISO 28000:2007 certification
Yes
Who accredited the ISO 28000:2007
Please request if required
ISO 28000:2007 accreditation date
Please request if required
What the ISO 28000:2007 doesn’t cover
All information on Splunk certifications can be found here; https://www.splunk.com/en_us/legal/splunk-cloud-security-addendum
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
https:/www.splunk.com/en_us/legal/splunk-cloud-security-addendum.html

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
SOC 2 Type II: Splunk Cloud has an annual SOC 2 Type 2 audit report issued. The SOC 2 audit assesses an organisation's security, availability, process integrity, and confidentiality processes to provide assurance about the systems that a company uses to protect customers' data.
Information security policies and processes
Splunk has attained a number of compliance attestations and certifications from industry-leading auditors as part of our commitment to adhere to industry standards worldwide. Splunk has attained a number of compliance attestations/certifications to provide customers with independent third-party validation of our efforts to safeguard customer data. Splunk has contracted with industry-leading auditors as part of our commitment to adhere to industry standards worldwide. The following compliance attestations/certifications are available:

SOC 2 Type II: Splunk Cloud has an annual SOC 2 Type 2 audit report issued. The SOC 2 audit assesses an organization's security, availability, process integrity, and confidentiality processes to provide assurance about the systems that a company uses to protect customers' data. If you require the SOC 2 Type 2 attestation to review, contact your Splunk sales representative to request it.
ISO 27001: Splunk Cloud is ISO/IEC 27001:2013-certified. ISO/IEC 27001:2013 is a standard for an information security management system, specifying the policies and procedures for all legal, physical, and technical controls used by an organisation to minimise risk to information.
Full details can be found here https://docs.splunk.com/Documentation/SplunkCloud/latest/Service/SplunkCloudservice#Security

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Splunk manages and updates the Splunk Cloud service uniformly, so all customers of Splunk Cloud receive the most current features and functionality. Ensure Operational Contacts listed in your Splunk.com support portal are regularly updated. Operational Contacts are notified when your Splunk Cloud environment undergoes maintenance, requires configuration awareness, or experiences a performance-impacting event. These contacts will receive regular notifications of planned and unplanned downtime, including scheduled maintenance window alerts and email updates related to incident-triggered cases.

Full details can be found here https://docs.splunk.com/Documentation/SplunkCloud/latest/Service/SplunkCloudservice#Maintenance
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The security and privacy of your data is of the utmost importance to you and your organisation, and Splunk makes this a top priority. Splunk Cloud service is designed and delivered using key security controls.
Full details can be found here https://docs.splunk.com/Documentation/SplunkCloud/latest/Service/SplunkCloudservice#Security
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The security and privacy of your data is of the utmost importance to you and your organisation, and Splunk makes this a top priority. Splunk Cloud service is designed and delivered using key security controls.
Full details can be found here https://docs.splunk.com/Documentation/SplunkCloud/latest/Service/SplunkCloudservice#Security
Incident management type
Supplier-defined controls
Incident management approach
Users can report incidents to Splunk through the Support portal, allocating the appropriate severity level.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
Public Services Network (PSN)

Pricing

Price
£611.80 to £1,490.00 a gigabyte a day
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Splunk offer a limited free trail version

Service documents