No more typing reviews! Try our Samantha, our new voice AI agent.
GW

Gregg Woodcock

  • Consultant at Splunxter, Inc.
  • Has 10+ Years Of Experience
Badges
75 Points8 YearsTop 20
User Activity
Almost 5 years ago
Answered a question: What is the difference between IT event correlation and aggregation?
Yes. You need aggregation to show sustained activity over time which can indicate an attack, attempt to breach, or exfiltration. You need correlation to show things that happen contemporaneous which is especially useful if they should not or normally do not.
Almost 6 years ago
Answered a question: What is the difference between SIEM and SOAR platforms?
The SIEM is the detection/surveillance engine whereas the SOAR is the remediation/response engine
About 6 years ago
Answered a question: Which is the best SIEM solution for a government organization?
I am admittedly biased but there are very good reasons that Splunk is the leader in this space. It all depends on your requirements if it is best for you. Splunk is pricey but I assume that budget is not really one of your concerns so that is good. The major strengths of…
About 6 years ago
Answered a question: What is your primary use case for Splunk Enterprise Security?
#1 is InfoSec #2 is BI #3 is IoT
Over 6 years ago
Answered a question: What Questions Should I Ask Before Buying SIEM?
What am I using for SOAR What am I using for Ticketing? What am I using for communication? What am I using for ML/UBA? How quickly do I need to be operational? Will I be staffing my own SOC or farming that out (MSSP)? What is the bandwidth required for all of the data that…
Almost 7 years ago
Answered a question: What Is SIEM Used For?
SIEM = Security Information and Event Management. It is any tool that monitors a computer system or network for intruders and generates notable events that security analysts sort through and respond to. The king of these is Splunk and my company, Splunxter.com are experts…
About 8 years ago
Contributed a review of Splunk Enterprise Security: Our clients are easily able to modify and evolve their implementations
Projects
About 8 years ago
We have built Splunk-based SIEMs from the ground up
We have buit SIEMs from the ground up using Splunk for some of the largest companies in the world.
Experience
Reviews
Splunk Enterprise Security Logo
About 8 years ago
Splunk Enterprise Security
Our clients are easily able to modify and evolve their implementations
Answers
Almost 5 years ago
Event Monitoring
What is the difference between IT event correlation and aggregation?
Almost 6 years ago
Security Information and Event Management (SIEM)
What is the difference between SIEM and SOAR platforms?
About 6 years ago
Security Information and Event Management (SIEM)
Which is the best SIEM solution for a government organization?
About 6 years ago
Log Management
What is your primary use case for Splunk Enterprise Security?
Over 6 years ago
Security Information and Event Management (SIEM)
What Questions Should I Ask Before Buying SIEM?
Almost 7 years ago
Security Information and Event Management (SIEM)
What Is SIEM Used For?
About me

Gregg Woodcock is a gun-toting, Christian, homeschooling father of three whose 25+ years of IT experience (primarily in Telecom) and early adoption of Splunk (v3) has positioned him on the leading edge of the Big Data explosion and uniquely qualified him to launch "Splunxter", a recently-formed, Splunk-focused professional services and contracting company headquartered in the Dallas area. He is the founder and chairman of the Dallas-area Splunk User Group, a two-time speaker at "Splunk Live!", a twice-invited speaker for LTE North America, an Instructor with Global Big Data Boot Camps, occasional street-preacher, and the current Chairman of the Constitution Party of Texas. He is a genuine evangelist of all the best things in life and that of course includes Splunk!

Certifications
  • Splunk Certified Architect 6.3
  • Splunk Certified Consultant I
  • Splunk Certified Admin 6.3
  • Splunk Certified Knowledge Manager 6
  • Splunk Certified IT & App Sales Rep
  • Splunk Certified Sales Rep II
  • Splunk Certified Sales Rep I
  • Splunk Certified ITSI Specialist
  • Splunk Certified Cloud SME
  • Splunk Certified Power User
  • MarkLogic Fundamentals
  • MarkLogic Semantics
Education

University of Illinois at Urbana-Champaign

Interesting Projects and Accomplishments
About 8 years ago
We have built Splunk-based SIEMs from the ground up