The challenge with leveraging log data is it comes in an array of unpredictable formats, and traditional monitoring and analysis tools were not designed for the variety, velocity, volume or variability of this data. This is where a security information and event management (SIEM) vendor like Splunk comes in. Splunk’s industry-leading collect, categorize and correlate event data coming from various devices, systems and applications throughout the enterprise. It is an enterprise ready, fully integrated solution for log management, data collection, storage, and visualization.
In this paper, we will examine how CipherTrust Transparent Encryption from Thales secures the Splunk log repositories and databases. Then, we will show how Live Data Transformation, an extension of CipherTrust Transparent Encryption, can encrypt Splunk buckets seamlessly with zero-downtime. We will close with how the CipherTrust Security Intelligence solution for Splunk extends the reach of security information and event management (SIEM) capabilities to detect and counter attacks on sensitive data.