Skip to main content

Splunk Professional Services

CND are an accredited Splunk Premier Partner and have numerous Splunk certified Professional Services consultants on hand who can deploy, configure, tune and troubleshoot your Splunk environment.

Engage our services from hourly work through to long term, fixed price packages. Our Splunk experts can provide adhoc consultancy, or augment your existing team, either on a full-time or part-time basis.

Overview

CONSULTANCY. As a Splunk Premier Partner organisation our consultants can take on any Splunk task, be it deployment, configuration or expansion of Splunk Enterprise and it’s related apps and add-ons. At CND, we are especially keen on tasks involving Splunk Enterprise Security (ES) and Splunk Phantom (SOAR) for which our consultants are additionally certified.

We will work with customers from a single proof of concept (POC) instance through to distributed clusters of indexers and search heads.

If you need help planning and executing upgrades or expansions, advice about data on-boarding or assistance with advanced searches and dashboarding techniques, our experts can help.

Maximise the efficiency of your cluster with a Splunk health check!

Service Examples

SPLUNK SOC TEAMS AND ENTERPRISE SECURITY.   Our ES Implementation accredited engineers can help to install and configure Splunk Enterprise Security to align with your SOC's processes and procedures. Whether you need to write and refine SPL for correlation searches, searches identifying the assets and identities in your environment or you want to refine your alerting strategy with 'Risk Based Alerting' we have knowledgeable and experienced consultants on hand to help.

SPLUNK UPGRADES. Many clients quickly outgrow a standalone (S1) Splunk instance and require an indexer cluster (C1).
Our consultants can work with you to scale out and ensure you have a performant instance, alternatively some clients may benefit from transitioning to Splunk Cloud (SaaS) dependant on your use case
Clients also often require help upgrading from unsupported versions such as 8.x to current 9.x version, CND can ensure a minimal downtime upgrade for you.

HEALTH CHECKS AND SPL PERFORMANCE. Ensuring that your platforms are correctly configured to standards and utilising available resources is something our team excels at. We can also look at your key Splunk SPL searches and review the effectiveness of them or work with you to create summary indexes to significantly improve performance and team techniques.

IMPROVE OR REPLACE YOUR EXISTING SIEM. Splunk is built from the ground up to ingest, parse and search machine generated logs and data, making it the perfect platform for a SIEM. Add Splunk Enterprise Security on top, and out-of-the-box you have SOC workflow tools, common use case searches, advanced analytics and security insight visualisations at your finger tips.

WE ARE SPLUNK PARTNERS AND CAN OFFER THE FULL RANGE OF SPLUNK PRODUCTS AND SERVICESCND is a member of the Splunk Partner+ program and our consultants regularly provide services to Splunk’s own customers as well as our own.

ALREADY GOT SPLUNK AND NEED HELP WITH CONFIGURATION AND TUNING? Configuring and tuning your Splunk infrastructure can be tricky, leverage the experience of our consultants who have worked with deployments big and small. We can develop custom field extractions and parsing rules to maximise the value of the data you already have or help you to build efficient searches and dashboards and gain operational insight into the activity on your network.

Splunk Partnerverse Badges