Products/Services
product
service
- List of services
- Splunk usage guide
- Simple Security Consulting [Consulting]
- Splunk Phantom Automation Assessment Service [Consulting]
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Splunk Premium Apps construction support service [implementation and construction support]
- Splunk Security Log Analysis Start Package [Original App/Service]
- First Set Series [Original App/Service]
- Splunk × CrowdStrike Falcon Insight, Macnica Original App [Original App/Service]
- Government uniform standard compatible App [Original App/Service]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- SIEM Operation Monitoring Service [Original App/Service]
Specifications/Technical Information
Specifications/Technical Information
Evaluation machine application/FAQ
Application for evaluation machine
- FAQ
Splunk
Splunk
First set series
The First Set Series is a solution provided by combining Macnica 's unique template "Apps," the machine data analysis platform "Splunk Enterprise," and the "Gemini Appliance," a dedicated Splunk server.
First set series lineup
name |
Security log analysis first set
|
---|---|
Included Splunk Apps | Macnica CSIRT App |
Target data source | Mainly Proxy logs (regardless of product) * Field extraction corresponding to CIM is required. |
Splunk License | A separate Splunk license is required depending on the amount of data to be imported/day. |
Gemini Appliance | We propose the optimal model and configuration according to log size, storage period, and usage. |
Delivery method | Macnica CSIRT Appの提供基準を満たしたSplunk正規リセラー様経由でのご提供となります。 |
name |
Proxy log analysis first set
|
---|---|
Included Splunk Apps | Macnica Proxy Log Analysis App |
Target data source | Proxy logs (Target product: Symantec ProxySG) |
Splunk License | A separate Splunk license is required depending on the amount of data to be imported/day. |
Gemini Appliance | We propose the optimal model and configuration according to log size, storage period, and usage. |
Delivery method | Available through Splunk authorized resellers. For construction, a start-up service is available. |
Configuration image
future expansion
- In the future, by adding various log sources, the range of analysis will be expanded, and it will be useful for monitoring, investigation, detection, etc. in IT operation and security.
- After purchasing the set for the first time, by purchasing additional Splunk licenses and Gemini Appliances, it is possible to expand with various configuration patterns such as distributed configuration, indexer cluster configuration, indexer and search head cluster configuration.