SteelCloud Gets Compliance Visibility with Splunk
Business Pain: ConfigOS is SteelCloud’s patented compliance software suite that allows anyone to quickly establish a STIG (Security Technical Implementation Guide) and/or CIS (Center for Information Security) – cybersecurity compliant environment. Their solution focuses on scanning, remediation, compliance reporting, and external interfaces to other tools. They desired to use Splunk as a front-end for dashboarding and data collection to include output from their compliance engine as well as a monitoring solution for broader customer compliance environments.
Key Pain Points:
- SteelCloud wanted to develop Splunk Applications to give clients to give them visibility to compliance.
- They wanted to be able to deploy the Splunk solution into customer environments, in some cases across multiple departments.
- They needed to deploy a self-contained version of Splunk complete with forwarders.
Challenges: Establishing a contained Splunk application complete with custom ingestion, dashboarding, and alerting for compliance purposes in a manner that was compatible with on-premises and Splunk Cloud deployment environment. They needed to implement and Proof of Value with a minimum viable product from a services company that could guide them in the leverage of Splunk best practices in that context.
How we fixed it:
TekStream assisted in provisioning and the custom parsing of reporting logs as well as scheduled searches, custom dashboarding, and application packaging in an aggressive timeframe. Our involvement has been ongoing and we are providing longer term support for the solution.
Splunk Core was leveraged to provide the platform for a customized front end.
We were able to complete the configuration of Splunk and a workable solution within weeks, followed by the configuration of custom dashboards for deployment in on-premises and cloud environments.
We walked through optimal ingestion, architecture and deployment options, UI design, and Splunk configuration to meet customer needs. We also validated the application that we built using App Inspect for deployment into a Splunk Cloud architecture. We met their delivery dates for internal and customer rollout of the product.