Main Nav

Posted by MManjak on August 1, 2012
For those of you who have expressed an interest in log aggregation and data mining (e.g., Splunk), there is an article in the current issue of CIO that describes a few implementations in higher ed. (The title is somewhat misleading.) Can Big Data Help Universities Tackle Security, BYOD? http://www.cio.com/article/712569/Can_Big_Data_Help_Universities_Tackle_... -- Martin Manjak CISSP, GIAC GSEC-G Information Security Officer University at Albany MSC 209 518/437-3813 The University at Albany will never ask you to reveal your password. Please ignore all such requests.

Comments

I brought up Splunk almost four years ago after exposure to the product in a growing (at the time) start-up environment.  My initial goal was to to address the gaping holes in our change management process as it related to config changes to firewall policies and core network equipment -- what was done, when and by whom.  That expanded to alerting on "bad things" -- restarts, network loops, memory errors, etc. -- on all net equipment.  Bringing server data into the fold only added more fun and adding web and application logs provided accurate data not only for focus on security but troubleshooting and planning for system expansion (or not).

Need to locate that missing/lost/stolen iPad?  Notebook has become part of a botnet?  Performance hit on your VMware cluster?  Have some pesky Exchange issue?  Forward the logs, install the appropriate app/dashboard (or just search the raw data), and see what's really going on.  It's Google for your logs and I really can't get enough.  Low profile clients, scalable architecture, reasonably priced, community supported, and darn fast searching.  Yeah, I'll be a fanboy.

- Pat

Patrick N. Gorsuch Manager, Networks and Information Security Gallaudet University 202-651-5070 patrick.gorsuch@gallaudet.edu On 8/1/2012 9:51 AM, Martin Manjak wrote:
For those of you who have expressed an interest in log aggregation and data mining (e.g., Splunk), there is an article in the current issue of CIO that describes a few implementations in higher ed. (The title is somewhat misleading.) Can Big Data Help Universities Tackle Security, BYOD? http://www.cio.com/article/712569/Can_Big_Data_Help_Universities_Tackle_Security_BYOD_?page=1&taxonomyId=3143

Posted by: pgorsuch on August 6, 2012
Post a Comment

Research and Publications

Conferences and Events

Career Development

Focus Areas and Initiatives

Connect and Contribute

About EDUCAUSE

Close


Current Issue
May/June 2013
EDUCAUSE Review

Publications

Research

Close


Annual Conference
October 15–18, 2013
Register now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

See All Events

Close

EDUCAUSE Institute
Leadership/Management Programs
Explore More

Career Center

Find or Post a Job

Leadership and Management Programs

EDUCAUSE Institute
Advanced Programs
Project Management

 

Fellowships and Awards

Fellowships
Awards Programs

Getting Involved

Mentoring
Volunteer
Speak at an Event

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

Advance Your Career

 

Close

Latest Topics

EDUCAUSE organizes its efforts around three IT Focus Areas

 

Enterprise and Infrastructure

Enterprise and
Infrastructure

Policy and Security

Policy and
Security

Teaching and Learning

Teaching and
Learning

 

Join These Programs If Your Focus Is

Close

From the Blogs
The Role of Campus Leadership in Ensuring IT Accessibility
by
Diana Oblinger

Find Others

Share Ideas

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

Create Your Profile

 

Close

2013 Strategic Priorities

  • Connected Learning
  • Enterprise IT
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.
 

Discover Membership