Skip to content

Splunk

What is Splunk

This is an all-inclusive tool that collects logs on remote servers and brings them into a single collection zone where analytics can be run against them.

How Does it Work

Splunk agents/services are setup on each server to collect the logs. Splunk is running on a centralized server, receiving the logs. There is an interface where users can run queries to find information. Splunk's query language is called SPL (Splunk Processing Language).