Data Aggregation, Logging, and Analysis

Data Aggregation, Logging, and Analysis

About this service

Other names for this service

Syslog; rsyslog; Splunk; Logging.

Service documentation

Why to use this service

This service provides the ability to aggregate, index and analyze data, correlate events, build models, monitor event or situational information, report, or automate real-time actions based upon data put in and analysis performed. It is meant to be data agnostic, meant for a wide swath of data analysis uses including but not limited to research, modeling, business, operations, planning, or event correlation.


Splunk data indexing, Splunk automation/API, Splunk search, visualization

Getting and using this service

Who can use this service


How to get this service

Requests to include logs are submitted to


Splunk may be accessed on a GB/day licensing cost-recovery basis. The standard rate gives 90 days of storage. Additional or longer storage durations will accrue additional storage costs. In instances where Privacy & Security deems a log source to have strategic security value to the institution, they may at their discretion pay for the indexing, licensing, and storage costs while allowing the provider to access the service and the data provided free of charge.

How to use this service

Splunk forwarder (host or database, etc) required to send data to Splunk. Email contact for onboarding guide, instructions, and descriptions

Quotas and usage restrictions

90 day data retention standard

Sensitive data considerations

None listed.

Hours and support

Standard service hours

8:00 a.m. to 5:00 p.m. Monday through Friday.

Scheduled maintenance hours


Staffed support hours

8:00 a.m. to 5:00 p.m. Monday through Friday

How to report issues

None listed.