Why Chad, you ask, are you sharing this seemingly random, boring, and irrelevant tidbit with us? (don't try and pretend otherwise I know random, boring and irrelevant are exactly what you though because when I mentioned this to my mother those are the words she used).
Well, I'll tell you - Although I have been aware of Splunk and some of it's capabilities for awhile I hadn't realized exactly how extensive they are. I probably still don't but I have a better appreciation for them now.
If you collect the right data you can correlate everything. The example that the course gives is an attempted purchase at an e-commerce site where the transaction fails and the customer complains on twitter. 3 steps start to finish to tie the order to the cause of the failure to the customer complaint. It is both awesome and scary.
That realization also tied back to a book I read recently @War: The Rise of the Military-Internet Complex as well as Greenwald's POS. It gives a little more perspective on the NSA's capabilities. It may also make me rethink my position on metadata collection and storage. Currently I am of the opinion that if metadata is properly hashed to hide identifying information until it is unlocked by court order I don't really have a problem with it's collection. (I know it's not that is just my example of how I would handle things). I now wonder how much difference that hashing would make. Gonna have to think about this.
The jist of all this is - I found a new toy with some pretty interesting capabilities. If you get a chance to mess with Splunk at all take a look.
The jist of all this is - I found a new toy with some pretty interesting capabilities. If you get a chance to mess with Splunk at all take a look.
No comments:
Post a Comment