Products/Services
product
- Why choose Splunk
- Installation record
- price
- Splunk Enterprise Security
- Splunk Phantom (SOAR)
- Splunk ITSI (Next Generation IT Operations)
- Splunk Observability Cloud
- Splunk UBA
- Macnica CSIRT App Basic
- App for Splunk for Financial Institutions
- Splunk Analytics for Hadoop
- About Apps
- Splunk Edge Hub
- What is Splunk
service
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- List of services
Specifications/Technical Information
Specifications/Technical Information
Evaluation machine application/FAQ
Application for evaluation machine
- FAQ
Splunk
Splunk
- With the introduction of Edge Processor, data preprocessing capabilities have been expanded!
- Agent Management enhances the functionality of traditional deployment servers!
Main additional functions
Edge Processor Function
- Overview
- The Edge Processor service is now available in Splunk Enterprise version 10.0.
- Edge Processor Features
- It can receive data from various sources and route it to multiple destinations for each log type.
- It is possible to process and format data close to the data source before sending it to various destinations.
・Filtering, masking, format conversion, etc.
You can use it in situations like this! !
- Cut out unnecessary parts of data before sending!
You can filter and send unnecessary logs and duplicate data, reducing machine load, license consumption, storage costs, etc. - Secure design that protects confidential information on-site
Confidential data can be masked before transmission, making it safe to use even in environments with strict security policies. - Send data freely to where it is needed
A single piece of data can be flexibly distributed to Splunk Enterprise/Cloud and S3. Routing, such as "this log should be visualized" or "this should be stored," can be easily configured using a GUI.
Viewing a forwarder's configuration file
- You can now view the effective settings for a forwarder from the Agent Management screen.
- Starting with Splunk Enterprise version 10.0, the "Deployment Server" has been renamed to "Agent Management."
You can use it in situations like this! !
- I want to check if the forwarder settings are correct.
- I want to manage and monitor remote server settings from Splunk Web
Moving indexed data
- You can now move stored data to a different index using the split-buckets command.
*This feature is only available for standalone indexers, not supported in indexer clusters or Splunk Cloud.
*In version 10.0, this feature is only available for event data. Moving summary data and metric data is not supported.
You can use it in situations like this! !
- I want to move data that was saved in the wrong index.
- I want to split an index that has become too large in data.
- I want to change the retention and disclosure policy for specific data.
Details of other added features and changes will be released on Macnica support site!
Register here!
Click here for function information of past and other versions
Inquiry/Document request
In charge of Macnica Splunk Co., Ltd.
- TEL:045-476-2010
- E-mail:splunk-sales@macnica.co.jp
Weekdays: 9:00-17:00