Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Splunk for Industrial Data and the Internet of Things

2,045 views

Published on

Splunk software provides a scalable and versatile platform for machine data generated by all of the devices, control systems, sensors, SCADA, networks, applications and end users connected by today's networks. In this session we will discuss and demo how you can use Splunk software to gain insights into machine data generated by devices and control systems. We’ll cover common themes in use cases, and show you how to access the free apps and add-ons that simplify the connection and collection of data from both industrial systems and the Internet of Things. In addition we will introduce you to Splunk’s growing ecosystem of IoT and Industrial focused technology partners.

Published in: Technology
  • Be the first to comment

Splunk for Industrial Data and the Internet of Things

  1. 1. Splunk, Industrial Data and the Internet of Things
  2. 2. IT Operations Application Delivery Developer Platform (REST API, SDKs) Delivers Value Across IT and the Business Business Analytics Industrial Data and Internet of Things Security, Compliance and Fraud © 2015 Splunk Inc. All rights reserved.
  3. 3. IT Operations Application Delivery Developer Platform (REST API, SDKs) Delivers Value Across IT and the Business Business Analytics Industrial Data and Internet of Things Security, Compliance and Fraud © 2015 Splunk Inc. All rights reserved.
  4. 4. Map Search Operation Playback OPERATIONAL VISIBILITYACROSS SILOS Experience Visualization © 2014 Splunk Inc. All rights reserved.
  5. 5. 5 Energy price monitoring React to price changes effectively Better operational analytics
  6. 6. 6 Monitoring flights and medicine in real time Making data accessible, usable and valuable to medical, flight, and support personnel Supporting outreach and fundraising efforts © 2014 Splunk Inc. All rights reserved.
  7. 7. 7
  8. 8. 8 Analyzing Robots to Improve Supply Chain 4%Throughput Improvements
  9. 9. Operational Technology (ICS) Energy Oil & Gas Process Manufacturing Medical Devices Telecom Smart Building Robots Consumer Technology Smart Home Wearables Media Scope of IoT & Industrial Data SCADA DCS Other Emerging Technology • ICS (Industrial Control System) - General Term Used to Describe a System or Process with Many Systems • SCADA (Supervisory Control and Data Acquisition) – Geographically Distributed Monitoring • DCS (Distributed Control System) – Process (Batch or Flow) with Many Data Points • Other - Embedded systems making up the rest of the IoT Space © 2015 Splunk Inc. All rights reserved.
  10. 10. Powerful Developer Platform Collection Indexing Search Processing Language Core Functions Inputs, Apps, Other Content SDKUI REST API Operational Intelligence Platform Content Core Engine User and Developer Interfaces
  11. 11. Powerful Extensibility 11 Splunk Web Framework R Project App Custom Search Commands in Python
  12. 12. Powerful IoT and Industrial Data Ecosystem 12 APIs, SDKs, App Framework, User Interface SDKs UI Legacy Data and Sensors IoT/ICS SecurityIoT Platforms Native Inputs REST Advanced Analytics and ML Custom Interfaces
  13. 13. Kepware Industrial Data Forwarder for Splunk © 2015 Splunk Inc. All rights reserved.
  14. 14. Example Deployment – Oil and Gas Operations Upstream •Wellsite Info (WITS Level 0) •Pump Controllers Midstream •ABB Total Flow Devices •Electronic Flow Measurement Device Downstream •PLCs •PACs •RTU’s •DCS •Data Recorders Accessed through Kepware Industrial Data Forwarder Additional Data Sources • Security-related events • Relational database and CSV lookups • Weather and other environmental events • Work order events • Safety-related events • Network and IT/OT infrastructure events Traditional Splunk Sources Splunk – At Intersection of IT and OT (a key trend going forward) © 2015 Splunk Inc. All rights reserved.
  15. 15. Use Cases Operations and Troubleshooting Security, Compliance and Safety Business Analytics Measurement and Verification Root Cause Analysis Capacity Planning Anomaly and Outlier Detection Cybersecurity Safety and Compliance Customer Intelligence Device Intelligence © 2015 Splunk Inc. All rights reserved.
  16. 16. App for Enterprise Security for ICS IT Security Events OT Security Events Process and Alarm Events © 2015 Splunk Inc. All rights reserved.
  17. 17. Why is ICS Different Than IT? 17
  18. 18. Cyber Criminals Malicious Insiders Nation States ICS Security Threats
  19. 19. Why the Growing Interest in ICS Security? 19 Everyday Headlines
  20. 20. Preventing Control System Service Interruption Prevent Damage Health and Safety of Employees Meet Compliance Logging Capabilities Reporting Capabilities Correlation Between OT and IT Data Silos Existing ICS Security Problem Space 20 Weaknesses Drivers
  21. 21. A New Approach to ICS Security is Needed 21 Analyze all relevant data Contextual and Behavioral Relevance Rapid learning loops and responses Collaborative & Coordinated Leverage IOC & Threat Intel Fusion of Technology/People/Process • Goal-oriented • Human directed • Multiple tools, steps & activities • Dynamic • New evasion techniques • Coordinated
  22. 22. © 2015 Splunk Inc.22 Threat Intel Access IdentityEndpointsNetwork Splunk is the Security Brain (Intelligence)
  23. 23. Splunk’s ICS Security Focused Partners 23
  24. 24. Connecting the “Data Dots” 24 24 Machine data Traffic data Abnormal behavior High confidence event Med confidence event Low confidence event Malware download Program installation Access to ICS Malware install Malware & endpoint execution data User on machine Link to program And process Authenticated Sessions used to pivot into Control Systems LAN Delivery, exploit installation Gain trusted access Access Operations Environment Upgrade (escalate) Lateral movement Threat intelligence Auth - User Roles Host Activity/Security Network Activity/Security Control System LAN
  25. 25. Better quality and safety Drive product innovation Workflow and productivity improvements Detect cybersecurity threats Drive operational efficiencies Extend competitive advantage How Can IoT Analytics Transform Your Business? © 2015 Splunk Inc. All rights reserved.
  26. 26. © 2014 Splunk Inc. All rights reserved. Why Splunk? FAST TIME-TO-VALUE ONE PLATFORM, MULTIPLE USE CASES VISIBILITY ACROSS STACK, NOT JUST SILOS ASK ANY QUESTION OF DATA ANY DATA, ANY SOURCE OR DEPLOYMENT MODEL
  27. 27. © 2015 Splunk Inc. All rights reserved Demo
  28. 28. © 2015 Splunk Inc. All rights reserved Questions?
  29. 29. Thanksto Our Sponsors
  30. 30. Don’t forget to fill out your survey! Complete survey for a chance to win Splunk schwag Visit http://t.validar.com/1/ecOQ7 Or text 878787
  31. 31. © 2015 Splunk Inc. All rights reserved Thank You !

×