Is anyone using or considering using Splunk Edge Processor?  We are in early discussions to determine use cases, evaluate product maturity, level of effort vs returns in the form of reduced compute and data storage, etc.  I would welcome any feedback anyone has on this new offering.

Security & GRCApplications & Platforms
666 viewscircle icon2 Comments
Sort by:
VP Cybersecurity in Bankinga year ago

Splunk Edge Processing will require a lot of ongoing maintenance to keep the use cases up to date.  We have looked at cribl.io and its very promising with out of the box functionality to reduce log ingestion to Splunk by 10-30% depending on the log source.  In addition to that you can redirect or split your logs to go to an S3 bucket for archival and then rehydrate Splunk when needed.  This is a good use case if you want to keep the raw data in case of an investigation that you do not have use  cases for currently but might need it for forensics.  You do not consume Splunk licensing to do this and keeps your operating costs under control.

CISO in Softwarea year ago

No plans in this area.  

Content you might like

How has the COVID-19 crisis affected your IT priorities for 2022? (Select all that apply)

We will be spending more on remote technologies for employees to work from home51%

We will be spending more on network and internet security46%

We are planning to postpone major projects30%

We are planning to increase project load18%

It has not affected our IT priorities13%

Other (please share below)

View Results

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented 

Read More Comments

I wanted a point of view on migration from on-prem AD and SCCM to AAD and Intune. Would be great to have a perspective on, - Is there a real need since SCCM is still undersupport from Microsoft? - I understand that we can get rid of onprim AD Infrastructure and move on SaaS, but any other benefits we get by doing this?

As part of our NYSE IPO prep, we’re debating how to communicate our system hardening efforts in regulatory disclosures (e.g., SEC Form 20-F, SFC).

Would you recommend sharing % compliance (e.g., “85% CIS Tier 2”) or sticking to qualitative descriptions of how we identify and mitigate risks? Also, do SFC/ISO 27001 expectations require full ISMS integration, or is a % model acceptable?

What needs to be in place at a company before they mandate return to office (RTO)? Choose any that apply.

Salary levels that match the local cost of living25%

In-office perks (free lunches/snacks, fun events, etc.)41%

Commuter benefits44%

Childcare options/reimbursement25%

Pet care reimbursement18%

Updated/renovated office17%

Safety and sanitation protocols in the office21%

Office relocation12%

Opening satellite offices11%

None of these — any company can mandate RTO without these changes7%

Something else (comment if you’d like)

View Results