A handful of vendors partner with Splunk, the platform that indexes data from applications, servers and network devices and then provides searching for answering business intelligence and security queries.

Many of the vendors have connectors enabling organizations to feed data into Splunk. Those include Bit9-Carbon Black, which provides whitelisting and endpoint advanced threat detection and prevention; FireEye's line of virtual sandboxing threat detection appliances, and ForeScout's network access control products. Emerging threat detection vendors FortScale and Resevoir Labs provide security analytics. Vulnerability monitoring and management vendors include Rapid7 and Tenable Network Security.

Prelert, an emerging security startup based in Framingham, Mass., has developed an analytics platform that ties into Splunk or big data projects that use Hadoop distributed computing big data clusters, which are often hosted in cloud service provider platforms.

Read more about Prelert here.

It's designed to churn through data and uncover anomalies that could signal a serious threat, said Brian Kennedy a consultant at Blue Bell, Penn.-based solution provider Turnberry Solutions. Turnberry, a Splunk rookie partner of the year is a systems integrator and managed services provider that specializes in Splunk and is also providing Prelert to clients trying to solve security issues, Kennedy said.

Kennedy said Amazon Web Services Test Drive Program enables its clients to build up a Splunk environment with testing data and gain hands-on experience with different use cases. Prelert can also be tied on for interested clients, he said.

"The goal is to extend the power of Splunk for application management type use cases and for conducting root cause analysis," Kennedy said. "Event monitoring and incident response is a big part of root cause analysis and it can decrease the time to resolution in terms of really understanding what is going on in the environment."

"You've got to stick with what you know and the niche and client base that you established," said the CEO of a managed services provider who declined to be identified. "It's about anticipating customer demand for the future but also not going all in on a vendor that overextends the skill levels and workload of your people."