SIEM-Splunk Center of Excellence

The focussed services of the SIEM/Splunk Center of Excellence are supply, development and maintenance of Splunk searches, add-ons, apps, use-case modelling and data & service integration as well as automation processes for Splunk infrastructure.

The services are continually enhanced and evolved based on best practices and lessons learned to drive high levels of customer satisfaction and operational efficiency. Computacenter maintains the highest level of quality management in development, test, release and platform rollout. Configuration management underpins the engagement approach to optimise productivity and ensure business value is realised within Splunk implementations.

The three focus services of SIEM/Splunk Center of Excellence are as following:

• Splunk Infrastructure Automation

  Infrastructure automation is about the automatic rollout of Splunk deployments. The service scales from a small amount of Splunk systems up to global distributed environments with different location sizes, complexities and interaction of each other systems within the rest of customers IT landscape. Updates and Upgrades, SIEM migrations and Splunk operations are all candidates for outtasking or outsourcing due to the complexity and challenges they present to organisations.

• Data-/Service-Integration

  Effective service integration is essential to ensure data is interpreted and collected properly. This ranges from parsing and transformation of data elements to the normalization of information into Splunk data models (CIM) for the desired analytics. Additionally, data enrichment integrations are performed to reach the required information content level. These integrations involve other sources including CMDB, threat intelligence databases, risk register or user directories to name a few. This part of the Splunk ecosystem is very complex and cumbersome to manage but is the basis of consistently successful outcomes working with Splunk.

• Security Use case Modeling

  Use cases are the desired output of Splunk. These can be detections, alerts, reports, dashboards or other visualisations that are based on correlations of data, data enrichment and data analytics with machine learning and AI. With security use case modelling, Computacenter develops and implements the required content to create and deliver value into Cyber Defence Centers via the Splunk platform.

Pricing

Contact seller for pricing details.