The value-add of Cisco Tetration on top of Splunk and vice versa
by: Patrick Jonker, Multi-Cloud Analytics and Workload Protection Sales at Cisco
Many customers ask “If I am using Tetration, do I need Splunk?” or “if I have Splunk, do I still need Tetration?”. The answer to both questions is “yes!”. Each takes a very different approach to address datacenter operation issues and specializes in different use cases.
Tetration Analytics collects, stores and analyzes metadata for every packet that flows in the datacenter with a focus on application segmentation, compliance and policy enforcement use cases. Whereas Splunk collects, analyzes, and visualizes any type of machine data to provide insights into IT Operations (including datacenter ops), Security, Business Analytics, and IoT use cases.
Tetration’s application insights and policy enforcement capabilities can augment data in Splunk’s SIEM (Splunk’s SIEM is called Splunk Enterprise Security) and enforce policies to address any compliance issues flagged in Splunk. Also, Splunk brings value to Tetration with application layer information and machine data analytics across the entire IT and security environment. Together Splunk & Tetration provide complete visibility of your IT operations and enables you to build agile, secure and compliant datacenters.
The Cisco Tetration Analytics platform addresses important datacenter operational and security challenges by providing behavior-based application insight, automating policy generation, and enabling zero-trust deployment using application segmentation.
Splunk is the platform that collects, analyzes and visualizes machine data (the definitive record of all the activity and behavior of your customers, users, transactions, applications, servers, networks and mobile devices) from all levels of the IT-stack, including applications and infrastructure (storage, compute and network). Organizations can make business-critical decisions tied to monitoring, troubleshooting and planning.
Combined, you get a complete view of your IT operations environment, enforce policies and can build fully compliant, agile datacenters.
Cisco recently launched a new Splunk app for Tetration. You can download it in Splunkbase. This app integrates Tetration and Splunk.