Druva App for Splunk leverages the event data visibility provided by the Druva Cloud Platform with Splunk's extensive investigation and visualization capabilities to deliver advanced reporting and analysis. This app enables backup administrators, security analysts and IT Ops personnel to correlate data backup and restore operations related events across the infrastructure from a real-time and historical perspective. The app also provides insights into key performance indicators on both the operations and security aspects based on data received. It simplifies complicated incident analysis that previously consumed days of manual and error-prone data mining can now be automated, saving not only manpower but also enabling key IT resources to focus on critical problems.
ABOUT THIS APP
Druva App for Splunk helps in tracking Druva events in Splunk.
REQUIREMENTS
Topology and Setting up Splunk Environment
- This app has been distributed in two parts.
- Add-on app, which helps in ingesting events from Druva into Splunk
- Main app for visualizing events occuring in Druva.
- This App setup is same for both distributed and standalone environment:
- Configure Add-on app on Search head.
- Install the Main app on search head.
- Installation in Splunk Cloud
- It is same as on-premise Splunk.
Installation of App
- This app can be installed through UI using "Manage Apps" or extract zip file directly into /opt/splunk/etc/apps/ folder.
Test your Install
- The main app dashboard can take some time before the data is returned which will populate some of the panels. A good test is to run following query
search `druva_get_index`
