On an average workday, it’s hard to catch me in anything less than business attire—button-down shirt, slacks and blazer. Weekends, however, I’m an average guy who bums around in baseball caps (Red Sox, of course), jeans and T-shirts. Recently, I took a break from yard work to run to my local hardware store for something. The kid at the checkout looked at me and said, “I like you’re T-shirt.”

“OK, thanks,” I replied, not realizing what he was commenting on. When it comes to yard work and household chores, I’m not particularly discriminating on my t-shirt of choice. On that day, however, my T-shirt was swag I picked up at last spring’s RSA Conference from Splunk. The slogan on the front of the shirt, “Taking the ‘sh’ out of IT.” Clever.

If you’re not familiar with Splunk in the security world, I’m not surprised. Splunk is a highly specialized enterprise search technology company. Much like the code and services Google provides enterprises to enable searches in applications and Web sites, Splunk’s engine provides deep searches in data sets to find patterns and correlate results.

The reason I bring up Splunk is because it’s experiencing rapid growth, and it’s attributing much of its success to disrupting the security market, specifically in log management and auditing.

Log management and auditing is among the least sexy, but necessary functions in security. A recent report noted that Google generates more than 23 terabytes of log data each month. It’s an extraordinary number, if true. But anyone who’s gone through a security audit of a moderate size enterprise knows that the amount of log data generated by PCs, firewalls, IDS/IPS, servers and any IP-enable, network-connected device is enormous and exceedingly difficult to parse for true intelligence. Making sense out of the ceaseless stream of log data is one of the things that hampered the early IDS/IPS technologies.

Companies such as AlertLog, LogLogic, LogRhythm and Prism Microsystems have developed specialized technologies and products designed to slice through the dense fog of data contained in log files and extract the truly useful intelligence needed to make sound security decisions and ensure security policy and regulatory compliance.

Enter Splunk with its deep search capabilities. Splunk hit the security log market sideways by using its search capabilities to ferret out and correlate data hidden in the log files. While still a privately held company, Splunk doesn’t provide specific figures on its financial performance. However, the company says it’s added 153 new customers and grew year-over-year revenue 90% in the third quarter.

"Splunk delivers a better way to manage, secure and audit IT infrastructures by reducing the time it takes to identify incidents and IT failures from days to minutes," said Splunk president and CEO Godfrey Sullivan. "Splunk's Q3 growth and international expansion are testament to our people and innovative IT Search technology."

The growth Splunk is achieving is due, in part, to penetrating deeper into the security marketplace and disrupting the conventional log management and auditing vendors. The other part of its success is coming from new channel relationships. The company has signed several integrators to its ranks, including Forsythe Technology, and is integrating with products by such channel-centric vendors as Cisco Systems, Blue Coat and F5 Networks.

Regulatory compliance and adhering to industry security standards is making log management an imperative for enterprises and midmarket businesses. Not only does log auditing help keep a business’ infrastructure secure, it’s critical in post-incident investigations and recovery. The success of Splunk shows that there is more than one way to attack the log management and auditing challenge.