Magnifying the power of FINRA’s Splunk Cloud solution is its integration with Amazon Web Services. AWS Lambda lets FINRA run code without provisioning or managing servers, paying only for the compute time consumed. Amazon Kinesis Data Firehose, a fully managed service, delivers real-time streaming data to Splunk. Mikula calls Amazon Kinesis Data Firehose an ideal solution for creating subscriptions filters to reliably, securely, quickly and cost-efficiently move AWS logs into the Splunk solution for analysis. This capability benefits developers and network staff as well as security specialists, bridging silos.
“It’s made a partnership between our security and operations teams,” Mikula says. “We have a common goal of wanting the same logs. Now we have a single place to ingest and consume them.”
Such efficiencies keep FINRA ahead of evolving threats by enabling teams to analyze data flexibly. FINRA is one of the biggest users of Amazon’s EMR Hadoop framework; deploying the Splunk agent onto this platform- as-a-service provides information that allows FINRA to optimize resource allocations. What’s more, FINRA sunset a dedicated third-party billing tool and replaced it with its own process for ingesting the data into Splunk. With Splunk Cloud, FINRA has better analytics and reporting, which has led to better project tracking of AWS Services and reduced costs.