Veeam Software has announced a Splunk extension that allows Veeam Data Platform customers to monitor the health and security status of their Veeam backup infrastructure using Splunk capabilities. Free for enterprises with Veeam Data Platform Advanced or Premium licenses, the app enables Splunk customers to analyze Veeam events, monitor Veeam backup environments and provides access to alerts, dashboards and reports.
Seventy-six percent of organizations suffered a ransomware attack in the last year. Unfortunately, 93% of those attacks explicitly targeted an organization’s data backups. To reduce organizational risk and ensure business continuity when a cyber-attack occurs, it’s important to ensure an organization’s Security Information & Event Management (SIEM) solution (like Splunk) catches cyberthreats in any and every part of their system, including backups. Now, with the Veeam App for Splunk, security professionals can monitor their Veeam backup environments in the same single pane of glass as their other source environments with detailed dashboards, reports, and alerts.
“Veeam is focused on powering data resilience for every customer and this includes tight integration with the leading security platforms,” said John Jester, Chief Revenue Officer at Veeam. “Now security professionals can use Splunk to closely monitor their Veeam backup environments through detailed dashboards, reports and alerts. Combatting cyber-attacks requires integration across your infrastructure, and the Veeam App for Splunk brings Veeam event data into Splunk, enabling customers to monitor security events like ransomware, accidental deletion, malware and other cyber threats using their current tools. It means enterprises can quickly and easily process vital monitoring and event data on their Veeam backup environments, in the same single pane of glass as other source environments they may be monitoring.”
The app integrates seamlessly with Splunk user roles and location management. This new Splunk App processes events sent by Veeam Backup & Replication™ to the syslog server and provides Splunk users with the following features:
· Built-in dashboards to monitor job statuses and security events on a daily basis
· Built-in reports and alerts
· Severity level management for events and alerts
· Multiple Veeam Backup & Replication servers support
· Multiple data source locations support
· Role-based permissions for locations
· App configuration backup
“In the constant fight against cyber-criminals and ransomware, it is key to “protect the protector,” which means securing the backup apparatus to make it impenetrable to hacking, adulteration, deletion, etc. There can be no recovery if there are no backups,” said Christophe Bertrand, Principal Analyst at SiliconANGLE Media, Inc. | theCUBE Research & Advisory. “This requires a robust set of tools and controls to deliver a truly secure backup infrastructure. This is why the addition of the Veeam App for Splunk to the already comprehensive set of tools Veeam offers is key. With robust monitoring and security features and full integration with Splunk user roles and location management, end-users will be able to deliver dashboards, alerts, and reports. With this new integration, we expect that Veeam users will not only improve their cyber-recovery posture but also be in a great position to deliver on cyber-recovery SLAs.”
Veeam App for Splunk supports Splunk Enterprise 9.1.0 and later and Splunk Cloud Platform 9.1.2308 and later, and is available now via Splunkbase at https://splunkbase.splunk.com/app/7312. Veeam App for Splunk is free with a Veeam Data Platform Advanced or Premium license that includes syslog event forwarding support.