Splunk App for Microsoft Exchange

Having the right monitoring solution that looks beyond the needs of a single product and deals with the entire service is critical to maintaining the availability and uptime of a messaging infrastructure. Many organizations rely on a Microsoft Exchange-based messaging infrastructure - yet gaining complete visibility end-to-end can be a challenge. The infrastructure is complex, consisting of multiple interdependent technologies across different departments and groups.

Organizations need one solution that fits the requirements of the enterprise and meets the critical challenge of monitoring multiple technologies while delivering real-time operational intelligence about the inner workings of the entire messaging infrastructure.

The Splunk App for Microsoft Exchange delivers enterprise class monitoring, providing visibility beyond any single technology or product.

With the Splunk App for Microsoft Exchange, you gain deep visibility into the health and performance of your Microsoft Exchange Server environment and the ability to:

• Monitor your entire messaging infrastructure end-to-end - Monitor all the interdependent components of your Microsoft Exchange-based messaging infrastructure - From the SMTP relay to the Mailbox Store
• Identify and troubleshoot infrastructure problems - View the entire messaging infrastructure from a single pane for issues such as message routing failures, storage issues, service failures and non-responding servers quickly and reduce the mean time to investigate and resolve problems by up to 90%
• Analyze long-term mail operation trends - Determine utilization trends for your mailbox stores, client usage patterns, login times, mobile devices, browsers and operating systems used
• Message Tracking - Track all inbound and outbound traffic right up to the firewall by username, IP address or domain activity
• Operate a secure messaging service - Secure the messaging infrastructure by analyzing events such as anomalous logins, mailboxes that send spam, user login times and your organization's external DNSBL reputation
• Meet auditing and compliance requirements - Track administrative changes to the environment, monitor quotas and unused mailboxes
• Monitor mobility usage patterns - Real-time visibility into what mobile devices are accessing the infrastructure via ActiveSync

The Splunk App for Microsoft Exchange collects data from the following sources:

• Windows Server security event logs
• Internet Information Server (IIS) logs
• Performance monitoring data from Windows Servers
• Internet-based email reputation data from 48 DNSSBL Servers
• Topology and health and usage information from Microsoft Exchange

Scenarios

The Splunk App for Microsoft Exchange is a solution designed to meet the challenge of multiple requirements across the enterprise. It can be leveraged in many ways, from supporting help desk operations and CIO SLA commitments to assisting the security team in protecting the infrastructure.

Access to data can be limited based on your organization's privacy policies and restricted based on personal identifiable information (PII).

Product Requirements

Supported Exchange Server Versions

Splunk App for Microsoft Exchange supports Microsoft Exchange 2007, 2010 and 2013 running on Windows Server 2003 or later.

Splunk Requirements

The Splunk App for Microsoft Exchange requires Splunk^® Enterprise^™ on Windows v4.3.4 for deployments to the Exchange Servers. Splunk App for Microsoft Exchange UI requires Splunk Enterprise v4.3 or later, Sideview Utils v1.3.5 or later and Google Maps^™.

Microsoft and Windows are registered trademarks of Microsoft Corporation in the United States and other countries.