• Save
SplunkLive! Atlanta Mar 2013 - The Home Depot
 

SplunkLive! Atlanta Mar 2013 - The Home Depot

on

  • 1,035 views

 

Statistics

Views

Total Views
1,035
Views on SlideShare
1,035
Embed Views
0

Actions

Likes
3
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

SplunkLive! Atlanta Mar 2013 - The Home Depot SplunkLive! Atlanta Mar 2013 - The Home Depot Presentation Transcript

  • Copyright © 2012 Splunk, Inc.The Home Depot#SplunkLive#Splunk
  • The Home DepotThe Home Depot® is the worlds largest homeimprovement specialty retailer, with more than2,200 retail stores in the United States, Canada,and Mexico. 2
  • About the Speaker• IT Architect• IT Operations and Enterprise Monitoring – Ensure operational stability of the IT environment – Incident and Change Management – Ensure applications are “Production Ready” 3
  • How often do you hear…“Hey, what is this Splunk thing?” 4
  • Splunk lets you collect your data search view 5
  • Before Splunk… Manual No Enterprise Limited Collection IT Search Visualization No enterprise No data store for Analysis with pipeline for operational command-line machine data. metrics. tools or reports.Difficult to collect Difficult to Difficult to spotdata; required ad- correlate data trends or hoc scripts. sources. anomalies. Limited Operational Visibility 6
  • Where we are today 120K 500 GB 7
  • Where we are today 2.1K 120K sitessearches/day 25K 500 forwarders GB 200+index/day sourcetypes 8
  • How do we use Splunk?Machine data pipelineOperational dashboardsand reportsProactive alerts andnotificationsIT search engine 9
  • After Splunk… Reduced Improved Application MTTR Reporting Monitoring Much faster to CIO and executive Standard logging find and resolve reports for high- APIs simplify log impacting issues. level status. file collection. Reduced Sev 1 & Operational Collect app stats 2 outages by 43% reports for from shared year over year. support teams. infrastructure.Splunk used by 200+ users in the IT organization 10
  • Reduced Incident Resolution TimesCollect standardmetrics for 1200+applicationsWar rooms forcritical outagesSplunk dashboards– Quickly identify patterns or outliers– Hours  Minutes 11
  • Improved Reporting CIO Dashboard IT Ops Dashboards High-level status by organization  Monitoring for 600+ applications Highlights noisiest, most error-  Near real-time status of batch job prone applications success/failure across the chain. Increased visibility reduces errors  Track metrics and identify patterns and outages across all stores (not just a subset). Proactive Reports & Notifications Hourly and daily operational reports to monitor and maintain system health. Integrated with event management and ticketing systems. 12
  • Application Monitoring Monitor applications through production load balancers Simple logging APIs – Java, Python, Syslog – Timestamp, label, and key-value pairs Transaction visibility – End-to-end application tracing across multiple hops 13
  • Splunk + Microsoft SharePoint Splunk is integrated with SharePoint for custom lookups and a persistent data store. Allows users to manage their own lookup lists for thresholds and metadata. 14
  • Splunk + Application Load Balancing Automated site failover for internal app. Scripted input monitors application server health using the load balancer API and triggers a site failover after the number of server failures exceed a threshold. 15
  • Best Practices & Recommendations Search Heads Indexers Deployment Metrics!  No such thing as  Automate the Provide user too much CPU or deployment to training on writing too many IOPS. forwarders and efficient searches.  Spec lots of RAM core servers. Use multiple pools for high search  Make collection for performance. volumes. simple for users. Simple design  Scalable Splunk  Happy Users 16
  • Copyright © 2012 Splunk, Inc.Thank You! 17