SlideShare a Scribd company logo

SplunkLive! Customer Presentation – Ticketmaster

Splunk
Splunk

Ticketmaster has been using Splunk for around 5 years to gain visibility into their operations and customer usage. They ingest over 1.6TB of log data per day from their various systems like web servers, databases, and applications. Splunk is used for monitoring systems and applications, troubleshooting issues, and providing analytics on customer search patterns and event demand. It has helped Ticketmaster improve customer service, protect against ticket brokers, and increase revenue by better understanding concert demand.

Technology
1 of 14
Copyright © 2014 Splunk Inc. Splunk @ TicketMaster
2 Shakeel Sorathia VP Systems Engineering
3 Ticketmaster Overview • We are part of Live Nation Entertainment • You may have heard of us… • We sell a few tickets • 7 data centers worldwide • 20,000+ OS images (VMs and bare metal) • Transactions > $16B worldwide • Onsales > $1M/minute • 255M+ user accounts
4 About Me • Been with Ticketmaster for almost 10 years • Responsible for the infrastructure and site operations • My name is pretty well known (but for different reasons) • Splunk, because ninjas are too busy!
5 How We Got Started Adopted Splunk for ~5 years – Before Splunk: Lots of ‘grep’ping – Lack of understanding of what was going on with web properties – Very time consuming to try and troubleshoot issues Over the last 2 years, numerous new software launches demanding – Visibility into usage, performance, availability for engineering and development – View of blocks vs open reservations, comparison of popularity of events, planning and predicting for high-volume events
6 Splunk at Ticketmaster Today • Keep applications and operations running – 900 users organization-wide Monitoring ticket process for failures Monitor Splunk NOC dashboards for capacity problems, availability issues, forensics Transaction tracing, counts, durations, failed transactions • Provide analytics to product managers/business owners What is the response to new events? High enough to create more similar events at different venues? Are we experiencing too much block activity – potential illegal resale? What are people searching for the most?
7 Splunk at Ticketmaster 1.6TB/day 16 indexers ~2000 forwarders 80 indexes with many data types: .Net, Apache, JBOSS, weblogic, Java, Perl, python, C, C++ application logs 100s of applications across 17 different ticketing systems Apps used: Exchange, AD, NetApp E-series, SoS Offload search load to Splunk search heads Auto load-balanced forwarding to Splunk indexers Send data from thousands of servers using any combination of Splunk forwarders
8 Developer Guidelines • Ticketmaster does 120 deployments/month • Splunk used to correlate production issues with new release deployments • Developers given logging guidelines initially: - Key value pairs in logs helps faster on boarding, greater visibility when the code is in production - Shorten variable names for ease of use (moving towards this) - Selling to developers is critical for fast problem solving
9 Splunk Powering Our Operations Problem Customer service call from ticket buyers not receiving their tickets via mail results in hours of grepping email logs to verify claims Reduce Time to Resolution By putting mail logs in Splunk and creating an app for customer service, we could fix email issues quickly! Problem Correlated monitoring of the application stack was not possible; monitoring was siloed across environments, it took minutes (an eternity) to discover errors End-to-End Insights “The EOS Splunk dashboard represented a quantum leap in the information available to us during ‘on sale’ with real-time monitoring and real-time analysis of what is happening on the website and our hosts systems” an internal customer
10 Splunk Powering Our Operations And The Business Problem Ticket broker automation was blocking access to open inventory for ticket fans Secure Inventory By using Splunk we protected inventory by responding quickly to evolving broker automation tactics Problem Inability to track concert demand in real time resulted in risks associated with adding new shows: either undersold new shows or didn't add shows and left money on the table Increase Revenue By having up-to-the-minute information ticket demand we can respond quickly by adding new shows based on actual demand metrics, resulting in more revenue!
11 Screenshots Screenshot here
12 Best Practice Recommendations • Think through log formatting as you through your deployments – better logs accelerate success • Define who owns which data – will help clarify what the use is • Plan to scale – its viral, everyone jumps on it, plan for success • Infrastructure • Semantic logging (use short variable names!)
13 What’s Next • Greater use of Splunk across the enterprise • Making Splunk accessible via mobile devices • Splunk access to customer support for self-service resolution • Democratize data: more self-service access, more correlation use cases
Thank You

Recommended

Stream Processing @ Lyft
Stream Processing @ LyftStream Processing @ Lyft
Stream Processing @ Lyft
Jamie Grier
 
How Microsoft Built and Scaled Cosmos
How Microsoft Built and Scaled CosmosHow Microsoft Built and Scaled Cosmos
How Microsoft Built and Scaled Cosmos
SingleStore
 
Kafka for Real-Time Event Processing in Serverless Environments
Kafka for Real-Time Event Processing in Serverless EnvironmentsKafka for Real-Time Event Processing in Serverless Environments
Kafka for Real-Time Event Processing in Serverless Environments
confluent
 
Live Coding a KSQL Application
Live Coding a KSQL ApplicationLive Coding a KSQL Application
Live Coding a KSQL Application
confluent
 
Using InfluxDB for Full Observability of a SaaS Platform by Aleksandr Tavgen,...
Using InfluxDB for Full Observability of a SaaS Platform by Aleksandr Tavgen,...Using InfluxDB for Full Observability of a SaaS Platform by Aleksandr Tavgen,...
Using InfluxDB for Full Observability of a SaaS Platform by Aleksandr Tavgen,...
InfluxData
 
Achieving scale and performance using cloud native environment
Achieving scale and performance using cloud native environmentAchieving scale and performance using cloud native environment
Achieving scale and performance using cloud native environment
Rakuten Group, Inc.
 
Thomas Lamirault_Mohamed Amine Abdessemed -A brief history of time with Apac...
Thomas Lamirault_Mohamed Amine Abdessemed -A brief history of time with Apac...Thomas Lamirault_Mohamed Amine Abdessemed -A brief history of time with Apac...
Thomas Lamirault_Mohamed Amine Abdessemed -A brief history of time with Apac...
Flink Forward
 
SIEM Modernization: Build a Situationally Aware Organization with Apache Kafka®
SIEM Modernization: Build a Situationally Aware Organization with Apache Kafka®SIEM Modernization: Build a Situationally Aware Organization with Apache Kafka®
SIEM Modernization: Build a Situationally Aware Organization with Apache Kafka®
confluent
 

Recommended

Stream Processing @ Lyft
Stream Processing @ LyftStream Processing @ Lyft
Stream Processing @ Lyft
Jamie Grier
 
How Microsoft Built and Scaled Cosmos
How Microsoft Built and Scaled CosmosHow Microsoft Built and Scaled Cosmos
How Microsoft Built and Scaled Cosmos
SingleStore
 
Kafka for Real-Time Event Processing in Serverless Environments
Kafka for Real-Time Event Processing in Serverless EnvironmentsKafka for Real-Time Event Processing in Serverless Environments
Kafka for Real-Time Event Processing in Serverless Environments
confluent
 
Live Coding a KSQL Application
Live Coding a KSQL ApplicationLive Coding a KSQL Application
Live Coding a KSQL Application
confluent
 
Using InfluxDB for Full Observability of a SaaS Platform by Aleksandr Tavgen,...
Using InfluxDB for Full Observability of a SaaS Platform by Aleksandr Tavgen,...Using InfluxDB for Full Observability of a SaaS Platform by Aleksandr Tavgen,...
Using InfluxDB for Full Observability of a SaaS Platform by Aleksandr Tavgen,...
InfluxData
 
Achieving scale and performance using cloud native environment
Achieving scale and performance using cloud native environmentAchieving scale and performance using cloud native environment
Achieving scale and performance using cloud native environment
Rakuten Group, Inc.
 
Thomas Lamirault_Mohamed Amine Abdessemed -A brief history of time with Apac...
Thomas Lamirault_Mohamed Amine Abdessemed -A brief history of time with Apac...Thomas Lamirault_Mohamed Amine Abdessemed -A brief history of time with Apac...
Thomas Lamirault_Mohamed Amine Abdessemed -A brief history of time with Apac...
Flink Forward
 
SIEM Modernization: Build a Situationally Aware Organization with Apache Kafka®
SIEM Modernization: Build a Situationally Aware Organization with Apache Kafka®SIEM Modernization: Build a Situationally Aware Organization with Apache Kafka®
SIEM Modernization: Build a Situationally Aware Organization with Apache Kafka®
confluent
 
user Behavior Analysis with Session Windows and Apache Kafka's Streams API
user Behavior Analysis with Session Windows and Apache Kafka's Streams APIuser Behavior Analysis with Session Windows and Apache Kafka's Streams API
user Behavior Analysis with Session Windows and Apache Kafka's Streams API
confluent
 
Migrating from One Cloud Provider to Another (Without Losing Your Data or You...
Migrating from One Cloud Provider to Another (Without Losing Your Data or You...Migrating from One Cloud Provider to Another (Without Losing Your Data or You...
Migrating from One Cloud Provider to Another (Without Losing Your Data or You...
HostedbyConfluent
 
Zoltán Zvara - Advanced visualization of Flink and Spark jobs

Zoltán Zvara - Advanced visualization of Flink and Spark jobs
Zoltán Zvara - Advanced visualization of Flink and Spark jobs

Zoltán Zvara - Advanced visualization of Flink and Spark jobs

Flink Forward
 
stackconf 2020 | Ignite talk: Opensource in Advanced Research Computing, How ...
stackconf 2020 | Ignite talk: Opensource in Advanced Research Computing, How ...stackconf 2020 | Ignite talk: Opensource in Advanced Research Computing, How ...
stackconf 2020 | Ignite talk: Opensource in Advanced Research Computing, How ...
NETWAYS
 
Gain Deep Visibility into APIs and Integrations with Anypoint Monitoring
Gain Deep Visibility into APIs and Integrations with Anypoint MonitoringGain Deep Visibility into APIs and Integrations with Anypoint Monitoring
Gain Deep Visibility into APIs and Integrations with Anypoint Monitoring
InfluxData
 
Flink Case Study: Bouygues Telecom
Flink Case Study: Bouygues TelecomFlink Case Study: Bouygues Telecom
Flink Case Study: Bouygues Telecom
Flink Forward
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Splunk
 
Apache Flink @ Alibaba - Seattle Apache Flink Meetup
Apache Flink @ Alibaba - Seattle Apache Flink MeetupApache Flink @ Alibaba - Seattle Apache Flink Meetup
Apache Flink @ Alibaba - Seattle Apache Flink Meetup
Bowen Li
 
InfluxDB Live Product Training
InfluxDB Live Product TrainingInfluxDB Live Product Training
InfluxDB Live Product Training
InfluxData
 
Apache kafka-a distributed streaming platform
Apache kafka-a distributed streaming platformApache kafka-a distributed streaming platform
Apache kafka-a distributed streaming platform
confluent
 
Monitoring and Troubleshooting a Real Time Pipeline
Monitoring and Troubleshooting a Real Time PipelineMonitoring and Troubleshooting a Real Time Pipeline
Monitoring and Troubleshooting a Real Time Pipeline
Apache Apex
 
A Walkthrough of InfluxCloud 2.0 by Tim Hall
A Walkthrough of InfluxCloud 2.0 by Tim HallA Walkthrough of InfluxCloud 2.0 by Tim Hall
A Walkthrough of InfluxCloud 2.0 by Tim Hall
InfluxData
 
Unified NMS platform (Single OSS/M2000/Netact Platform)
Unified NMS platform (Single OSS/M2000/Netact Platform)Unified NMS platform (Single OSS/M2000/Netact Platform)
Unified NMS platform (Single OSS/M2000/Netact Platform)
Ahmet Ozturk
 
AWS Big Data in everyday use at Yle
AWS Big Data in everyday use at YleAWS Big Data in everyday use at Yle
AWS Big Data in everyday use at Yle
Rolf Koski
 
Aengus Rooney [Grafana] | What's New with Grafana and InfluxDB | InfluxDays E...
Aengus Rooney [Grafana] | What's New with Grafana and InfluxDB | InfluxDays E...Aengus Rooney [Grafana] | What's New with Grafana and InfluxDB | InfluxDays E...
Aengus Rooney [Grafana] | What's New with Grafana and InfluxDB | InfluxDays E...
InfluxData
 
RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...
RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...
RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...
Redis Labs
 
APIdays Paris 2018 - Deliver API Updates in Real Time with Mercure.rocks Kévi...
APIdays Paris 2018 - Deliver API Updates in Real Time with Mercure.rocks Kévi...APIdays Paris 2018 - Deliver API Updates in Real Time with Mercure.rocks Kévi...
APIdays Paris 2018 - Deliver API Updates in Real Time with Mercure.rocks Kévi...
apidays
 
Architecture for Scale [AppFirst]
Architecture for Scale [AppFirst]Architecture for Scale [AppFirst]
Architecture for Scale [AppFirst]
AppFirst
 
Accela Ericsson Rehome Module
Accela Ericsson Rehome ModuleAccela Ericsson Rehome Module
Accela Ericsson Rehome Module
Ahmet Ozturk
 
How Sysbee Manages Infrastructures and Provides Advanced Monitoring by Using ...
How Sysbee Manages Infrastructures and Provides Advanced Monitoring by Using ...How Sysbee Manages Infrastructures and Provides Advanced Monitoring by Using ...
How Sysbee Manages Infrastructures and Provides Advanced Monitoring by Using ...
InfluxData
 
SplunkLive! Philadelphia - University of Scranton
SplunkLive! Philadelphia - University of ScrantonSplunkLive! Philadelphia - University of Scranton
SplunkLive! Philadelphia - University of Scranton
Splunk
 
Echostar Customer Presentation
Echostar Customer PresentationEchostar Customer Presentation
Echostar Customer Presentation
Splunk
 

More Related Content

What's hot

user Behavior Analysis with Session Windows and Apache Kafka's Streams API
user Behavior Analysis with Session Windows and Apache Kafka's Streams APIuser Behavior Analysis with Session Windows and Apache Kafka's Streams API
user Behavior Analysis with Session Windows and Apache Kafka's Streams API
confluent
 
Migrating from One Cloud Provider to Another (Without Losing Your Data or You...
Migrating from One Cloud Provider to Another (Without Losing Your Data or You...Migrating from One Cloud Provider to Another (Without Losing Your Data or You...
Migrating from One Cloud Provider to Another (Without Losing Your Data or You...
HostedbyConfluent
 
Zoltán Zvara - Advanced visualization of Flink and Spark jobs

Zoltán Zvara - Advanced visualization of Flink and Spark jobs
Zoltán Zvara - Advanced visualization of Flink and Spark jobs

Zoltán Zvara - Advanced visualization of Flink and Spark jobs

Flink Forward
 
Monitoring and Troubleshooting a Real Time Pipeline
Monitoring and Troubleshooting a Real Time PipelineMonitoring and Troubleshooting a Real Time Pipeline
Monitoring and Troubleshooting a Real Time Pipeline
Apache Apex
 
RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...
RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...
RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...
Redis Labs
 

What's hot (20)

user Behavior Analysis with Session Windows and Apache Kafka's Streams API
user Behavior Analysis with Session Windows and Apache Kafka's Streams APIuser Behavior Analysis with Session Windows and Apache Kafka's Streams API
user Behavior Analysis with Session Windows and Apache Kafka's Streams API
 
Migrating from One Cloud Provider to Another (Without Losing Your Data or You...
Migrating from One Cloud Provider to Another (Without Losing Your Data or You...Migrating from One Cloud Provider to Another (Without Losing Your Data or You...
Migrating from One Cloud Provider to Another (Without Losing Your Data or You...
 
Zoltán Zvara - Advanced visualization of Flink and Spark jobs

Zoltán Zvara - Advanced visualization of Flink and Spark jobs
Zoltán Zvara - Advanced visualization of Flink and Spark jobs

Zoltán Zvara - Advanced visualization of Flink and Spark jobs

 
stackconf 2020 | Ignite talk: Opensource in Advanced Research Computing, How ...
stackconf 2020 | Ignite talk: Opensource in Advanced Research Computing, How ...stackconf 2020 | Ignite talk: Opensource in Advanced Research Computing, How ...
stackconf 2020 | Ignite talk: Opensource in Advanced Research Computing, How ...
 
Gain Deep Visibility into APIs and Integrations with Anypoint Monitoring
Gain Deep Visibility into APIs and Integrations with Anypoint MonitoringGain Deep Visibility into APIs and Integrations with Anypoint Monitoring
Gain Deep Visibility into APIs and Integrations with Anypoint Monitoring
 
Flink Case Study: Bouygues Telecom
Flink Case Study: Bouygues TelecomFlink Case Study: Bouygues Telecom
Flink Case Study: Bouygues Telecom
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Apache Flink @ Alibaba - Seattle Apache Flink Meetup
Apache Flink @ Alibaba - Seattle Apache Flink MeetupApache Flink @ Alibaba - Seattle Apache Flink Meetup
Apache Flink @ Alibaba - Seattle Apache Flink Meetup
 
InfluxDB Live Product Training
InfluxDB Live Product TrainingInfluxDB Live Product Training
InfluxDB Live Product Training
 
Apache kafka-a distributed streaming platform
Apache kafka-a distributed streaming platformApache kafka-a distributed streaming platform
Apache kafka-a distributed streaming platform
 
Monitoring and Troubleshooting a Real Time Pipeline
Monitoring and Troubleshooting a Real Time PipelineMonitoring and Troubleshooting a Real Time Pipeline
Monitoring and Troubleshooting a Real Time Pipeline
 
A Walkthrough of InfluxCloud 2.0 by Tim Hall
A Walkthrough of InfluxCloud 2.0 by Tim HallA Walkthrough of InfluxCloud 2.0 by Tim Hall
A Walkthrough of InfluxCloud 2.0 by Tim Hall
 
Unified NMS platform (Single OSS/M2000/Netact Platform)
Unified NMS platform (Single OSS/M2000/Netact Platform)Unified NMS platform (Single OSS/M2000/Netact Platform)
Unified NMS platform (Single OSS/M2000/Netact Platform)
 
AWS Big Data in everyday use at Yle
AWS Big Data in everyday use at YleAWS Big Data in everyday use at Yle
AWS Big Data in everyday use at Yle
 
Aengus Rooney [Grafana] | What's New with Grafana and InfluxDB | InfluxDays E...
Aengus Rooney [Grafana] | What's New with Grafana and InfluxDB | InfluxDays E...Aengus Rooney [Grafana] | What's New with Grafana and InfluxDB | InfluxDays E...
Aengus Rooney [Grafana] | What's New with Grafana and InfluxDB | InfluxDays E...
 
RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...
RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...
RedisConf17 - Roblox - How Roblox Keeps Millions of Users Up to Date with Red...
 
APIdays Paris 2018 - Deliver API Updates in Real Time with Mercure.rocks Kévi...
APIdays Paris 2018 - Deliver API Updates in Real Time with Mercure.rocks Kévi...APIdays Paris 2018 - Deliver API Updates in Real Time with Mercure.rocks Kévi...
APIdays Paris 2018 - Deliver API Updates in Real Time with Mercure.rocks Kévi...
 
Architecture for Scale [AppFirst]
Architecture for Scale [AppFirst]Architecture for Scale [AppFirst]
Architecture for Scale [AppFirst]
 
Accela Ericsson Rehome Module
Accela Ericsson Rehome ModuleAccela Ericsson Rehome Module
Accela Ericsson Rehome Module
 
How Sysbee Manages Infrastructures and Provides Advanced Monitoring by Using ...
How Sysbee Manages Infrastructures and Provides Advanced Monitoring by Using ...How Sysbee Manages Infrastructures and Provides Advanced Monitoring by Using ...
How Sysbee Manages Infrastructures and Provides Advanced Monitoring by Using ...
 

Viewers also liked

SplunkLive! Philadelphia - University of Scranton
SplunkLive! Philadelphia - University of ScrantonSplunkLive! Philadelphia - University of Scranton
SplunkLive! Philadelphia - University of Scranton
Splunk
 
실시간 빅데이터와 머신 데이터
실시간 빅데이터와 머신 데이터실시간 빅데이터와 머신 데이터
실시간 빅데이터와 머신 데이터
김 한도
 
Splunk live paris_overview_02_07_2013 v2.1
Splunk live paris_overview_02_07_2013 v2.1Splunk live paris_overview_02_07_2013 v2.1
Splunk live paris_overview_02_07_2013 v2.1
jenny_splunk
 

Viewers also liked (13)

SplunkLive! Philadelphia - University of Scranton
SplunkLive! Philadelphia - University of ScrantonSplunkLive! Philadelphia - University of Scranton
SplunkLive! Philadelphia - University of Scranton
 
Echostar Customer Presentation
Echostar Customer PresentationEchostar Customer Presentation
Echostar Customer Presentation
 
DirectTV Customer Presentation
DirectTV Customer PresentationDirectTV Customer Presentation
DirectTV Customer Presentation
 
SplunkLive! Customer Presentation – Directv
SplunkLive! Customer Presentation – DirectvSplunkLive! Customer Presentation – Directv
SplunkLive! Customer Presentation – Directv
 
SplunkLive! Customer Presentation - ExxonMobil
SplunkLive! Customer Presentation - ExxonMobilSplunkLive! Customer Presentation - ExxonMobil
SplunkLive! Customer Presentation - ExxonMobil
 
DSP-Project
DSP-ProjectDSP-Project
DSP-Project
 
CenturyLink Customer Presentation
CenturyLink Customer PresentationCenturyLink Customer Presentation
CenturyLink Customer Presentation
 
실시간 빅데이터와 머신 데이터
실시간 빅데이터와 머신 데이터실시간 빅데이터와 머신 데이터
실시간 빅데이터와 머신 데이터
 
Cloudera's Flume
Cloudera's FlumeCloudera's Flume
Cloudera's Flume
 
SplunkLive! Customer Presentation - Denver Water
SplunkLive! Customer Presentation - Denver WaterSplunkLive! Customer Presentation - Denver Water
SplunkLive! Customer Presentation - Denver Water
 
하둡 맵리듀스 훑어보기
하둡 맵리듀스 훑어보기하둡 맵리듀스 훑어보기
하둡 맵리듀스 훑어보기
 
2011 06-30-hadoop-summit v5
2011 06-30-hadoop-summit v52011 06-30-hadoop-summit v5
2011 06-30-hadoop-summit v5
 
Splunk live paris_overview_02_07_2013 v2.1
Splunk live paris_overview_02_07_2013 v2.1Splunk live paris_overview_02_07_2013 v2.1
Splunk live paris_overview_02_07_2013 v2.1
 

Similar to SplunkLive! Customer Presentation – Ticketmaster

SplunkLive! Detroit April 2013 - Domino's Pizza
SplunkLive! Detroit April 2013 - Domino's PizzaSplunkLive! Detroit April 2013 - Domino's Pizza
SplunkLive! Detroit April 2013 - Domino's Pizza
Splunk
 
SplunkLive! Minneapolis April 2013 - Moneygram
SplunkLive! Minneapolis April 2013 - MoneygramSplunkLive! Minneapolis April 2013 - Moneygram
SplunkLive! Minneapolis April 2013 - Moneygram
Splunk
 

Similar to SplunkLive! Customer Presentation – Ticketmaster (20)

Getting Started with Splunk Enterprise Hands-On
Getting Started with Splunk Enterprise Hands-OnGetting Started with Splunk Enterprise Hands-On
Getting Started with Splunk Enterprise Hands-On
 
Customer Presentation - Telus
Customer Presentation - TelusCustomer Presentation - Telus
Customer Presentation - Telus
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
SplunkLive! Detroit April 2013 - Domino's Pizza
SplunkLive! Detroit April 2013 - Domino's PizzaSplunkLive! Detroit April 2013 - Domino's Pizza
SplunkLive! Detroit April 2013 - Domino's Pizza
 
SplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - XeroxSplunkLive! Austin Customer Presentation - Xerox
SplunkLive! Austin Customer Presentation - Xerox
 
Splunk live! Customer Presentation – Wellsfargo
Splunk live! Customer Presentation – WellsfargoSplunk live! Customer Presentation – Wellsfargo
Splunk live! Customer Presentation – Wellsfargo
 
Splunk in the Cisco Unified Computing System (UCS)
Splunk in the Cisco Unified Computing System (UCS) Splunk in the Cisco Unified Computing System (UCS)
Splunk in the Cisco Unified Computing System (UCS)
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Splunk at Sabre
Splunk at SabreSplunk at Sabre
Splunk at Sabre
 
SplunkLive! London 2016 - Shazam
SplunkLive! London 2016 - ShazamSplunkLive! London 2016 - Shazam
SplunkLive! London 2016 - Shazam
 
SplunkLive! Customer Presentation - Staples
SplunkLive! Customer Presentation - StaplesSplunkLive! Customer Presentation - Staples
SplunkLive! Customer Presentation - Staples
 
Delivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT OperationsDelivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT Operations
 
SplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational IntelligenceSplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational Intelligence
 
SplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational IntelligenceSplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational Intelligence
 
Splunk Different
Splunk DifferentSplunk Different
Splunk Different
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
 
SplunkLive! Milano 2016 - Splunk Plenary Session
SplunkLive! Milano 2016 - Splunk Plenary SessionSplunkLive! Milano 2016 - Splunk Plenary Session
SplunkLive! Milano 2016 - Splunk Plenary Session
 
SplunkLive! Minneapolis April 2013 - Moneygram
SplunkLive! Minneapolis April 2013 - MoneygramSplunkLive! Minneapolis April 2013 - Moneygram
SplunkLive! Minneapolis April 2013 - Moneygram
 

More from Splunk

SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
Splunk
 

More from Splunk (20)

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
 

Recently uploaded

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Recently uploaded (20)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 

SplunkLive! Customer Presentation – Ticketmaster

  • 1. Copyright © 2014 Splunk Inc. Splunk @ TicketMaster
  • 2. 2 Shakeel Sorathia VP Systems Engineering
  • 3. 3 Ticketmaster Overview • We are part of Live Nation Entertainment • You may have heard of us… • We sell a few tickets • 7 data centers worldwide • 20,000+ OS images (VMs and bare metal) • Transactions > $16B worldwide • Onsales > $1M/minute • 255M+ user accounts
  • 4. 4 About Me • Been with Ticketmaster for almost 10 years • Responsible for the infrastructure and site operations • My name is pretty well known (but for different reasons) • Splunk, because ninjas are too busy!
  • 5. 5 How We Got Started Adopted Splunk for ~5 years – Before Splunk: Lots of ‘grep’ping – Lack of understanding of what was going on with web properties – Very time consuming to try and troubleshoot issues Over the last 2 years, numerous new software launches demanding – Visibility into usage, performance, availability for engineering and development – View of blocks vs open reservations, comparison of popularity of events, planning and predicting for high-volume events
  • 6. 6 Splunk at Ticketmaster Today • Keep applications and operations running – 900 users organization-wide Monitoring ticket process for failures Monitor Splunk NOC dashboards for capacity problems, availability issues, forensics Transaction tracing, counts, durations, failed transactions • Provide analytics to product managers/business owners What is the response to new events? High enough to create more similar events at different venues? Are we experiencing too much block activity – potential illegal resale? What are people searching for the most?
  • 7. 7 Splunk at Ticketmaster 1.6TB/day 16 indexers ~2000 forwarders 80 indexes with many data types: .Net, Apache, JBOSS, weblogic, Java, Perl, python, C, C++ application logs 100s of applications across 17 different ticketing systems Apps used: Exchange, AD, NetApp E-series, SoS Offload search load to Splunk search heads Auto load-balanced forwarding to Splunk indexers Send data from thousands of servers using any combination of Splunk forwarders
  • 8. 8 Developer Guidelines • Ticketmaster does 120 deployments/month • Splunk used to correlate production issues with new release deployments • Developers given logging guidelines initially: - Key value pairs in logs helps faster on boarding, greater visibility when the code is in production - Shorten variable names for ease of use (moving towards this) - Selling to developers is critical for fast problem solving
  • 9. 9 Splunk Powering Our Operations Problem Customer service call from ticket buyers not receiving their tickets via mail results in hours of grepping email logs to verify claims Reduce Time to Resolution By putting mail logs in Splunk and creating an app for customer service, we could fix email issues quickly! Problem Correlated monitoring of the application stack was not possible; monitoring was siloed across environments, it took minutes (an eternity) to discover errors End-to-End Insights “The EOS Splunk dashboard represented a quantum leap in the information available to us during ‘on sale’ with real-time monitoring and real-time analysis of what is happening on the website and our hosts systems” an internal customer
  • 10. 10 Splunk Powering Our Operations And The Business Problem Ticket broker automation was blocking access to open inventory for ticket fans Secure Inventory By using Splunk we protected inventory by responding quickly to evolving broker automation tactics Problem Inability to track concert demand in real time resulted in risks associated with adding new shows: either undersold new shows or didn't add shows and left money on the table Increase Revenue By having up-to-the-minute information ticket demand we can respond quickly by adding new shows based on actual demand metrics, resulting in more revenue!
  • 12. 12 Best Practice Recommendations • Think through log formatting as you through your deployments – better logs accelerate success • Define who owns which data – will help clarify what the use is • Plan to scale – its viral, everyone jumps on it, plan for success • Infrastructure • Semantic logging (use short variable names!)
  • 13. 13 What’s Next • Greater use of Splunk across the enterprise • Making Splunk accessible via mobile devices • Splunk access to customer support for self-service resolution • Democratize data: more self-service access, more correlation use cases