Skip to main content

GDPR Compliance with Splunk

Meeting your European General Data Protection Regulation (GDPR) compliance needs

Protect personal information in the digital age

With the broadened scope of the GDPR going into effect in May 2018, which includes requirements for the appropriate technical and organizational measures to mitigate risk and mandatory disclosure of breaches to impacted EU citizens and supervisory bodies, it’s imperative that organizations prepare. Failure to comply with the GDPR, as determined by authorities that will be able to perform data protection audits, could mean fines of up to 20 million euro or up to 4 percent of an organization’s worldwide annual turnover.

Fortunately, compliance doesn’t have to be difficult with easy search and reporting. The Splunk platform helps organizations meet key GDPR compliance needs such as:

  • Detection, prevention and the investigation of breaches (Articles 32/33/34)
  • Prove that your GDPR security controls are in place and enforced (Articles 3/58/82)
  • Search and report on personal data processing (Articles 15/17/18/28)
How Machine Data Supports GDPR Compliance

How machine data plays a critical role in complying with the GDPR

The GDPR has many requirements where machine data can play a critical role in compliance. Splunk has identified three key capabilities where the Splunk platform can help organizations with GDPR readiness — mapping them into scenarios and GDPR articles. These can be applied generically to organizations across many industries.

Why Splunk for GDPR Compliance?

With Splunk, customers can create correlation rules and reports to instantly identify threats and automatically surface areas of non-compliance. Splunk makes demonstrating compliance in regard to technical controls a frictionless process. 

Location Agnostic Indexing
Location Agnostic Indexing

Collect and index log and machine data from any source. Structure and schema are applied only at search time so data can be indexed regardless of format or location. 

Flexibility and Reliability
Flexibility and Reliability

Deliver the scale, security and availability to suit any organization. With Splunk, you can search, alert and report on machine data from virtually any source. 

Controlled Data Access
Controlled Data Access

Prove you handled digital records according to law and enforced your obligations. Access controls, comprehensive auditing and security baked into Splunk make this easy.

Easy Reporting
Easy Reporting

Create reports and dashboards to show the state of compliance with any required technical control for any point in time.

Compliance Reporting
Compliance Reporting

Quickly search through massive amounts of security events and machine data going back days, weeks or months to accelerate incident investigations or satisfy ad hoc requests from auditors.

Intuitive Visual Dashboards
Intuitive Visual Dashboards

Real-time monitoring that can provide a clear visual picture of the organization’s security posture, with easily customizable views and capabilities to drill down to the raw event data.

Splunk Enterprise Security Tour

Index Machine Data

Index and store any machine data regardless of format or location—network and endpoint security logs, malware analysis information, configurations, sensor data, wire data from networks, change events, data from APIs and message queues, and even multi-line logs from custom applications. With no predefined schema, data can be indexed from virtually any source, format or location.

index and data product tour

Asset Investigator

The Asset Investigator allows you to visually correlate activities across devices that employ disparate technologies. You can adjust timeframes and build a story from the events and then either create searches to detect those events or share the story with a team member.

Asset Investigator screenshot

Glass Tables

Glass Tables allow custom visualizations that can reflect your topology, workflows, detect, investigate and respond sequences. Use dashboards and summary views with relevant context to suit your needs. You can create glass tables from more than 100 Security Metrics, including notables.

glass tables

Security Posture Dashboard

The Security Posture Dashboard provides continuous monitoring and at-a-glance situational awareness by tracking key security indicators and security metrics across identity, access, malware, endpoint and threat intelligence data sources. All aspects of data source, key indicators, and visual displays are configurable and customizable to suit any organization’s operating procedure. The point-and-click interface provides integrated workflows and actions from the graphical display.

security posture dashboard screenshot
What can you do with Splunk?