Products
StreamSets Platform
Power your modern analytics and digital transformation with continuous data.

Data Collector
Transformer for Spark
Transformer for Snowflake
Mainframe Collector
Control Hub
Connectors
Super iPaaS
DEMO
Spend Less Time Fixing and More Time Doing

Talk to an expert and eliminate data integration friction.

Request a Demo
Solutions
StreamSets Solutions
Powerful data engineering solutions for modern data integration across multiple cloud platforms.

Agile Reporting
Cloud Data Lake Integration
Cloud Data Warehouse Integration
Mainframe Data Modernization
Power Real-time Applications
Talk With StreamSets
Contact Us

Learn more about how StreamSets can help your organization harness the power of data.

Get in Touch
Partners
StreamSets Partners
Use data in more ways with a modern approach to data integration.

Amazon Web Services
Databricks
Google Cloud Platform
Hewlett Packard Enterprise
Microsoft Azure
Snowflake
Resources
Resources
Best practices and technical how-tos for modern data integration.

Getting Started
The Data Integration Blog
Webinars
Learn Data Management
Case Studies
Events
Community
WHITE PAPER
Data Integration Advantage

Building a Foundation for Scalable AI. See the state of AI in the enterprise.

Download Now
About Us
About Us
Modernizing data integration for continuous data under constant change.

Careers
Leadership
News
Software AG
Start Free Trial
Search

StreamSets Data Integration Blog

Where change is welcome.

Efficient Splunk Ingest for Cybersecurity

Data Transformation

Stream Data Processing

By Pat Patterson April 17, 2018

Many StreamSets customers use Splunk to mine insights from machine-generated data such as server logs, but one problem they encounter with the default tools is that they have no way to filter the data that they are forwarding. While Splunk is a great tool for searching and analyzing machine-generated data, particularly in cybersecurity use cases, it’s easy to fill it with redundant or irrelevant data, driving up costs without adding value. In addition, Splunk may not natively offer the types of analytics you prefer, so you might also need to send that data elsewhere.

In this blog entry I’ll explain how, with StreamSets Control Hub, we can build a topology of pipelines for efficient Splunk data ingestion to support cybersecurity and other domains, by sending only necessary and unique data to Splunk and routing other data to less expensive and/or more analytics-rich platforms.