What is required for SIEM maintenance?

Based on our experience with large customers ...

Break-fix tasks

  • Data flow issues
  • Data normalization issues
  • Bucket fixes
  • Splunk server issues
  • UI not accessible

Proactive system health check

  • Check server KPIs (CPU, mem, storage etc.)
  • Check for new errors / warnings
  • Check indexing rate

BAU operational admin tasks

  • User management
  • Role management
  • Retention policies
  • Data model maintenance

Enhancements

Refine existing use cases

  • Alerts, Dashboards, Reports
  • Fix data integration

Develop new use cases

  • Alerts, Dashboards, Reports
  • New data integration
  • Custom SPL queries

Our Splunk Support consists of two components

Positka provides complete support across the Splunk Enterprise and
Splunk Enterprise Security (ES) platforms.

Base support contract

  • Provides access to SIEM admin skillset for duration of contract
  • Break-fix tasks, proactive health checks and BAU admin tasks performed by experts

Optional add-on

  • Can be added atop base contract at any time
  • Provides access to SIEM developer skillset
  • Delivers ticket-based support for use case refinement and development
  • Add-on also available for Splunk version upgrade
tabs-content-img4

Schedule a call with
our security expert

Let's Talk
logo-img

Positka specializes in high-end technology solutions to help businesses improve their IT infrastructure with advanced Security Protocols, excellence in Analytics, Streamlined IT Operations, & around-the-clock Managed services.

Quick Links

Services

Copyright Positka © . All Rights Reserved.

Positka uses cookies to provide necessary site functionality and improved experience. By using our website, you agree to our privacy policy.

Accept optional cookies Decline cookies