10. 10
Splunk Users At Tableau
• Security– Selected as the SIEM tool for Tableau
• We will use both the packaged SIEM and Tableau dashboards
• OperaBons – Monitoring, TroubleshooBng, and ReporBng
• Both Splunk searches and Splunk as a Tableau Data Source
• Development – Performance TesBng, Bug analysis, and TroubleshooBng
• Both Splunk searches and Splunk as a Tableau Data Source
• MarkeBng – Usage Analysis
• Splunk as a Tableau Data Source – No use of splunk data prior to ODBC
• Business Analysts – Conversion Rates and Product Downloads
• Splunk as a Tableau Data Source – No use of splunk data prior to ODBC
• ExecuBves – Reports
• Splunk as a Tableau Data Source – No use of splunk data prior to ODBC
Two years ago or so Splunk and Tableau partnered to Deliver
Two years ago or so Splunk and Tableau partnered to Deliver ODBC connectivity to Splunk data
For me, as a Splunk and Tableau user I was thrilled to be able to get my Splunk data into Tableau!
Quickly, let’s talk about Tableau
Three paid products. Desktop, Server, and Online
Desktop is a tool that allows for drag and drop visual analytics of data sources
Splunk ODBC in this case
Server and Tableau Online allow sharing of the analytics with everyone in your organization
As well, specific to this case, allows extracting data from Splunk via ODBC for analytics
Servers generate Logs
Which are indexed by Splunk
Which is extracted to Tableau Server
To generate Analytics
Which allow contextual links back to Splunk as queries
Which are predefined (safe), contextual with Variables, and fast searches
Set up a report
Splunk is a standard Data source in Tableau
Put in Search head and credentials
Find your report
And then start dragging and dropping to explore you data
Demo – Slides if we can’t do a demo
Show dashboard
Show Filtering
Show drill down on error
Show link back to Splunk
Splunk is a swiss army knife of getting at data
This makes it an amazing source for Tableau since we are great at data analytics
The combination of the two allows easy exploration of questions “Hey why did this response time spike?” as we saw in the demo
In addition, as a splunk administrator, it allows two things:
Less load on my search heads
Contextual searches that give less experienced users a safe place to start with their investigation.