Skip to main content
 
 
 
Splunk Lantern

Vendor-specific data

 

While Splunk focuses efforts on making detections as generic as we can, sometimes there are capabilities that are vendor-specific. Some common types of data you might work with related to specific vendors are the following:

Business systems

Business applications can create a wealth of data as part of normal operations. Two examples are CRM and ERP applications:

  • Customer relationship management (CRM) systems have become an essential part of every organization, providing a central database of all customer contact information, communications and transaction details. CRM systems have evolved from simple contact management systems to platforms for customer support and engagement.
  • Enterprise resource planning (ERP) applications are critical back-office IT services that provide systematic, automated collection and analysis of a variety of product, supply chain, and logistics data. ERP systems are typically built on a relational database management system with a variety of modules and customizations for specific functions such as supplier relationship management or supply chain management. Due to their complexity, ERP systems often are installed and managed by product specialists.

CRM data can provide personalized sales and support information. CRM data is also useful for application support and enhancement because it provides details about customer problems with a particular system or application along with their eventual solution—details that can inform future application or service updates. ERP data is used in product planning, tracking purchases of components and supplies, inventory management, monitoring and regulating manufacturing processes, managing logistics, warehouse inventory and shipping and to monitor and measure the effectiveness of sales and marketing campaigns. ERP software also integrates with CRM, HR, finance/accounting/payroll and asset management systems, with bidirectional data flows that provide consistent information across back-end digital business processes.

Point-of-sale systems

Point-of-sale (POS) systems are most often associated with transactions generated at a retail outlet. However, many of these systems are starting to be deployed in temporary locations, such as a community fair or a high school event. The typical POS system incorporates a cash register based on a PC or embedded system, monitor, receipt printer, display, barcode scanner, and debit/credit card reader. Historically, POS systems were either not connected or managed on a dedicated private network. Thanks to the rise of the Internet of Things (IoT), these systems are being connected directly to cloud platforms that make remotely administering these devices from a central location much simpler. There’s no longer a need to dispatch IT personnel to manually update each system. This is critical because a POS failure can result in longer lines that inconvenience customers and potentially lead to lost revenue. A negative customer experience can easily translate to customers opting to shop somewhere else in a retail industry that is intensely competitive. 

Machine data generated by POS systems provides organizations with real-time insight into everything from what’s sold, how it’s paid for, as well as the pace at which it’s being sold. Organizations can use this data to monitor revenue in real time, which can feed into how to better market 1:1 against customers, track product placement and sales in a store, or detect potentially fraudulent transactions in real time. POS data also delivers visibility into the customer experience, such as which coupons are most popular or the combinations of products that are selling together. 

Mobile device data

Given the array of always-active sensors on mobile devices, these devices provide a flood of data. Security teams can expand the threat landscape by monitoring mobile device data for abnormal activity in regards to authentication, location, and application usage. Mobile device data provides physical parameters such as location, network MAC ID, device GUID, device type, and OS version. They also include network settings such as address, AP or cell-base station location, and link performance. Application-specific telemetry such as time in app, features used and internal state and debug parameters similar to those provided by conventional application servers. Insights into mobile application data can help developers deliver a better performing mobile app.

Medical device data

Everything from intensive care units to wearable devices generates multiple types of machine data. Just about every aspect of patient care inside and out of a hospital setting can be instrumented. While the primary goal is to save lives, a crucial secondary goal is to reduce healthcare costs by reducing the both the number of potential visits to a hospital as well as the length of stay.  Most devices inside a hospital are connected to local monitoring applications. But it’s possible to monitor patient care remotely using sensors that communicate with either a wearable device or some other system for monitoring patients in their homes. 

Machine data makes it simpler for medical professionals to analyze both patient and anonymous data across a broad range of geographically distributed regions—for example, to see how certain diseases are affecting one group of people more than another. These insights can also be used to help improve patient experience and deliver better care.

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: