Splunk + Prelert : Automated Anomaly Detection Analytics

For a Sysadmin or Security Analyst, one of jobs description is to monitoring log from on a server application. Its can makes problem when server that managed by a sysadmin consists of multiple application servers, by example web server, mail server and proxy server and the others server that have to be monitoring in realtime, so when there is a problem can immediately traced the problem through existing log.

SPLUNK, first hear this is from my coworker. This is something new for me, i got missunderstanding here. I think this is something like virus or other bad software. Then i search on google, i found few information about it. And i look at my senior blogs at here Digit Oktavianto AHA now my question have been solve. Splunk is one of solution that can be used to further facilitate the monitoring logs. Splunk will record all the data logs from the server to be monitored and then do the indexing process. The purpose of this indexing process would facilitate the search process (search) to find problems that occur in the system.
Continue reading