Author: Oxford Computer Group
Released: March 31, 2013
Cost: Free (Splunk license not included)
Splunk Enterprise is a real-time reporting and visualisation enterprise application for machine data generated by your IT systems. This allows you to look at real-time and historic data for the IT systems operating within your organisation.
Splunk for FIM is a Splunk App which allows Splunk to interpret the specific data generated by FIM.
According to Sjef Van Leeuwen (OCG Lead Software Developer), there are two primary uses that this FIM Tool provides:
1) A dashboard that gives insight into FIM operational status and delivered level of service
2) A time machine functionality that allows you to look at historic user and group data
The latter of these is probably the one which will be of interest to most people (particularly if they’re not already running Splunk in their environment), as being able to look at a user or group’s state within FIM at a particular time has been an oft-requested feature.
If you’re interested in trying this out, you can download a free 60-day trial of Splunk Enterprise (apparently this will convert to “Splunk Free” after 60 days). Download Splunk for FIM from this link.