An Analisys of Application Logs with Splunk : developing an App for the   synthetic analysis of data and security incidents

Roberto Bruzzese

arXiv:1912.11283·cs.CR·December 25, 2019

An Analisys of Application Logs with Splunk : developing an App for the synthetic analysis of data and security incidents

Roberto Bruzzese

PDF

Open Access

TL;DR

This paper presents the development of a Splunk app that synthesizes application log data into a dashboard for performance, anomalies, and security incident analysis in complex service-oriented architectures.

Contribution

It introduces a novel approach for synthetic log data analysis and visualization tailored for multi-application, multi-hardware service architectures using Splunk.

Findings

01

Effective visualization of security incidents and anomalies

02

Enhanced understanding of performance metrics

03

Scalable approach for complex architectures

Abstract

The present work aims to enhance the application logs of an hypothetical infrastructure platform, and to build an App that displays the synthetic data about performance, anomalies and security incidents synthesized in the form of a Dashboard. The reference architecture, with multiple applications and multiple HW distribution, implementing a Service Oriented Architecture, is a real case of which the details have been abstracted because we want to extend the concept to all architectures with similar characteristics.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsBig Data and Business Intelligence · Software System Performance and Reliability · Mobile and Web Applications