Success story



Deploying Enterprise Analytics and Monitoring with Splunk in the Cloud

Posted: August 1, 2019

Amazon Web Services (AWS) enables organizations to quickly deploy large-scale applications like business analytics and security monitoring, which need to ingest and analyze terabytes of data daily

Client Objective:
The California Department of Technology (CDT) wanted to leverage Splunk for business analytics and monitoring, while maintaining a highly secure and scalable environment. CDT chose Infiniti to be their technology partner in this endeavor and we developed an AWS infrastructure solution to meet their needs.

Proposed Solution:
CDT anticipated ingesting several terabytes of data per day, so the cloud infrastructure would need to be architected to handle the load while maintaining uptime and performance. Infiniti also architected an AWS multi account strategy with multiple environments to meet security best practices. Using immutable AWS infrastructure with AWS CloudFormation, Infiniti developed a fault-tolerant Splunk cluster to ensure uptime and lower the administrative overhead. Infiniti also assisted in implementing an enterprise AWS Identity and Access Management (IAM) solution for single sign-on/multifactor authentication (SSO/MFA) into critical applications. This allows for the Security Operations Center (SOC) to seamlessly and securely access Splunk.

Project Outcome:
By utilizing the AWS cloud, CDT now has a highly scalable and highly available Splunk implementation for data collection, analysis, and security monitoring of critical infrastructure. As CDT expands and extends Splunk to monitor even more devices and environments, the AWS infrastructure will be able to scale and extend accordingly.

AWS Services Utilized:
• AWS GovCloud
• AWS Organizations
• AWS CloudFormation
• AWS Application Load Balancers
• AWS Virtual Private Cloud
• AWS EC2
• AWS Elastic Container Service
• AWS Transit Gateway
• AWS Identity and Access Management
• AWS S3

Third Party Applications or Solutions Used:
• Splunk Enterprise
• Okta
• Docker
• Palo Alto Networks
• Hashicorp Consul
• NGINX
• Gitlab/Github
• Jenkins

Success Stories

CDT