SplunkLive! Overview


Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Splunk safe harbor statement.
  • Splunk now has more than 850 employees worldwide, with headquarters in San Francisco and 14 offices around the world.Since first shipping its software in 2006, Splunk now has over 6,000 customers in 90+ countries. These organizations are using Splunk software to improve service levels, reduce operations costs, mitigate security risks, enable compliance, enhance DevOps collaboration and create new product and service offerings. Please always refer to latest company data found here: http://www.splunk.com/company.
  • Splunk safe harbor statement.
  • More than 6,000 users in over 90 countries have purchased the enterprise license of Splunk. This includes a majority of the Fortune 100. Enterprises, service providers and government agencies in 90 countries use Splunk to improve service levels, reduce IT operations costs, mitigate security risks and drive new levels of operational visibility.As they gain new visibility into their real-time and historical machine data, Splunk’s customers are finding answers and solving the most challenging issues facing IT and the business.
  • Data is growing and embodies new characteristics not found in traditional structured data:Volume, Velocity, Variety, Variability/Veracity.Machine data is one of the fastest, growing, most complex and most valuable segments of big data.All the webservers, applications, network devices – all of the technology infrastructure running an enterprise or organization – generates massive streams of data, in an array of unpredictable formats that are difficult to process and analyze by traditional methods or in a timely manner. Why is this “machine data” valuable? Because it contains a trace - a categorical record - of user behavior, cyber-security risks, application behavior, service levels, fraudulent activity and customer experience.
  • Unlike traditional structured data or multi-dimensional data– for example data stored in a traditional relational database for batch reporting – machine data is non-standard, highly diverse, dynamic and high volume. You will notice that machine data events are also typically time-stamped – it is time-series data. Take the example of purchasing a product on your tablet or smartphone: the purchase transaction fails, you call the call center and then tweet about your experience. All these events are captured - as they occur - in the machine data generated by the different systems supporting these different interactions. Each of the underlying systems can generate millions of machine data events daily. Here we see small excerpts from just some of them.
  • When we look more closely at the data we see that it contains valuable information – customer id, order id, time waiting on hold, twitter id … what was tweeted. What’s important is first of all the ability to actually see across all these disparate data sources, but then to correlate related events across disparate sources, to deliver meaningful insight.
  • If you can correlate and visualize related events across these disparate sources, you can build a picture of activity, behavior and experience. And what if you can do all of this in real-time? You can respond more quickly to events that matter. For example, if an organizations captured the customers twitter ID in their customer profile this correlation would be possible. Where that didn’t exist, they could at least group by demographic with the tweets.You can extrapolate this example to a wide range of use cases – security and fraud, transaction monitoring and analysis, web analytics, IT operations and so on.
  • At Splunk, our mission is to make machine data accessible, usable and valuable to everyone. Andthis overarching mission is what drives our company and product priorities.
  • Splunk Enterprise is the industry leading software for machine data analytics and has been driving innovation and setting the standard for Operational Intelligence since 2006.In the beginning, we were first to introduce the paradigm of ‘search’ to IT – to troubleshoot IT operations and application management issues muchfaster than ever before and to find the proverbial “needle in the haystack”. When asking customers, they often referred to it as “google for the datacenter”.As the product evolved, Splunk 4 - the engine for machine data - introduced enterprise-class features – dashboards and apps, real-time search and alerts, universal collection and indexing, enterprise controls and map-reduce for horizontal scalability on commodity servers.And then in 2012 we introduced Splunk 5 – this release represented the evolution of Splunk as an Enterprise Platform for Operational Intelligence. It introduced breakthrough innovations and platform features that included:  A new reporting architecture and transparent summarization technology delivering dramatically faster reportsA new high availability architecture delivering enterprise-class scale and resilience, even while scaling on commodity servers and storageA robust developer API and SDKs available in mainstream programming languages to enable enterprise developers to leverage Splunk softwareBig data ecosystem integrations that includedSplunk Hadoop Connect, Splunk DB Connect and the Splunk App for HadoopOps
  • Here's how using Splunk and your machine data can drive significant benefits for your organization.Search and investigation. Using Splunk, organizations identify and resolve issues up to 70% faster and reduce costly escalations by up to 90%. Splunk is one place to find and fix problems, and investigate incidents across all your IT systems and infrastructure.Proactive monitoring.Monitor IT systems in real time to identify issues, problems and attacks before they impact your customers, services and revenue. Splunk keeps watch of specific patterns, trends and thresholds in your machine data so you don't have to. Trigger notifications in real-time via email or RSS, execute a script to take remedial actions, send an SNMP trap to your system management console or generate a service desk ticket.Operational visibility.See the whole picture, track performance and make better decisions. Visualize usage trends to better plan for capacity; spot SLA infractions, track how you are being measured by the business. Do all of this using your existing machine data without spending millions of dollars instrumenting your IT infrastructure.Real-time business insight. Make better-informed business decisions by understanding trends, patterns and gaining Operational Intelligence from your machine data. See the success of new online services by channel or demographic, reconcile 3rd-party service provider fees against actual use, find your heaviest users and heaviest abusers, and more. Because machine data captures every behavior, the possibilities are game changing. You'll find the lead times to get to this intelligence dramatically less than other solutions - measured in minutes/hours instead of months.
  • Both IT and business professionals can analyze machine data to get real-time visibility and operational intelligence.With our data engine and our customers' machine data, organizations can meaningfully improve their performance in a wide range of areas e.g. meet service levels, reduce costs, mitigate security risks, maintain compliance and gain insights.
  • Whatdoes this platform look like?The platform consists of 2 layer:A core engine and an interface layerOn top of the platform you can’t run a broad spectrum of content that supports use casesUse cases range from application mgmt. and IT operations, to ES and PCI compliance, to web analyticsThe core engine provides the basic services for real time data input, indexing and search as well alerting, large scale distributed processing and role based accessThe Interface layer consist of the basic UI for search, reporting and visualization– it contains developer interfaces, the REST API, SDKs and Web FrameworkThe SDKs provide a convenient access to core engine services in a variety of programing language environments. The Web Framework enables developers to quickly create Splunk Apps by using the modern web programming paradigm including pre-built components, styles, templates, and reusable samples as well as supporting the development of custom logic, interactions, components, and UI. Developers can choose to program their Splunk App using Simple XML,JavaScript or Django (or any combination thereof).These programmatic interfaces allow you to eithe:r:extend Splunkintegrate Splunk with other applicationsbuild completely new applications from scratch that require OI or analytical services that Splunk provides
  • What have developers been building using Splunk Enterprise? Examples include the following:Run searches and retrieve Splunk data from existing Customer Service/Call Center applications (Comcast use case) Integrate Splunk data into existing BI tools and dashboard (Tableau, MS Excel)Build mobile applications with KPI dashboards and alerts powered by Splunk (Otto Group use case)Log directly to Splunk from remote devices (Bosch use cases)Build customer-facing dashboards powered by user-specific data in Splunk (Socialize, Hurricane Labs use cases)Programmatically extract data from Splunk for long-term data warehousingWe hope this is just the beginning. We hope to open up a whole new world of enterprise apps.
  • Here are just some of the new Splunk Apps that have been delivered over the past year. Their goal is to make it easier to use Splunk for specific technologies and use cases – prepackaging inputs, field extractions, searches and visualizations.Highlight a few apps.These apps along with 100’s of others have beendeveloped not only by Splunk but by partners, customers and members of the Splunk community.
  • Hunk (Splunk Analytics for Hadoop) is a full-featured, integrated product offering – that delivers interactive data exploration, analysis and visualization for Hadoop. Full-featured, integrated product:Insights for everyone:Works with what you have today:
  • With more than 100,000 customers, salesforce.com is leading the shift to the social enterprise. Salesforce found that they had limited visibility and slow response to inbound customer calls. The support team relied on a legacy log mining system that took hours to run queries.  With Splunk, Salesforce indexes more than 1TB per day across multiple datacenters from the entire cloud stack - including application servers, web servers and email servers. With Splunk Salesforce has decreased the time to troubleshoot support issues by more than 90%.  They have now expanded their usage, including capacity planning, and the product managers for Chatter are analyzing customer patterns to improve the user experience.
  • Big data drives high performance for Cars.com!As a website for car shoppers to find, learn about, and purchase vehicles, Cars.com earns fees on car sales along with revenue from banner advertising surrounding content on thousands of cars, trucks, SUVs, and vans from all major manufacturers. With a fast user interface, shoppers spend more time on the site and, thus, are more likely to buy vehicles and click on banner ads.Cars.com's application management team has three key goals for its website: maintaining high performance, protecting content, and tracking traffic sources for advertisers. Behind the scenes, bot and spider traffic is a persistent menace that degrades website performance. Some malicious bots also scrape content such as vehicle listings for use by spammers on fake sites to lure unsuspecting consumers into giving up personal details.
  • Gaining real-time visibility across your operational infrastructure is incredibly powerful. Vodafone operating companies for example use Splunk and by delivering visibility to their customer service team, were able to dramatically improve first call resolution times by reducing escalations by 90% and delivering nearly 70% faster problem resolution.A number of Vodafone operating companies use Splunk for end-to-end visibility of value-added services they offer over their 3G network.Consolidate logs from disparate systems into a single view, providing visibility across end-to-end service delivery from one place - time to problem resolution dropped by 67% Tier 1 support personnel can do iterative searches across all their IT data to investigate, identify, and fix the specific source of a problem – escalations reduced by 90 percentRole-based secure access to logs via Splunk ensures SOX complianceVodafone has been a successful user of Splunk realizing significant material benefits. They have also moved to a proactive phase with Splunk, using it to monitor IT data such as threshold levels for specific systems, and fixing issues before they become visible to their customers.
  • Problem: Cisco is the worldwide leader in networking that transforms how people connect, communicate and collaborate. Cisco’s internal CSIRT Security and Incident Response team found it too costly and time-consuming monitoring and tracking security incidents across 40K employee. They were struggling with dozens of consoles for disparate devices, tools and security systems with no easy way to correlate among the.Solution: They wanted a centralized view into user activities and in-scope systems.Benefit: Splunk helped by enabling proactive threat assessment, mitigation planning, incident trending with analysis, security architecture, incident detection and response.
  • Splunk Enterprise is simple to deploy, scales from a single server deployment to global large-scale operations and delivers fast payback. Download Splunk Enterprise for free, install it in 5 minutes on your laptop or on any commodity server, point it at any machine data and start using it. Splunk software is often deployed for the first time while under fire. A serious service outage or security incident in progress is stressful, but with Splunk Enterprise, you can complete your investigation in a few minutes versus hours or days.
  • SplunkLive! Overview

    1. 1. Copyright © 2013 Splunk, Inc. Splunk Übersicht Olav Strand Director Central Europe
    2. 2. Safe Harbor Statement 2 During the course of this presentation, we may make forward looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described orto includeany suchfeatureor functionalityina futurerelease.
    3. 3. SplunkLive! Sponsoren:
    4. 4. Unternehmen Börsennotierte Softwarefirma (NASDAQ: SPLK) Gründung 2004, erste Softwarerelease 2006 Sitz: San Francisco / Regional HQ: London, Hong Kong 1,000+ Mitarbeiter in 12 Ländern Umsatz: 302,6 Mio U$ (+52% Vorjahr) Börsenwert rund 7 Milliarden U$ Geschäftsmodell/ Produkte EIN Software Code für Gratisdownload bis Enterprise On-premise, in the cloud und SaaS 7,000+ Kunden Kunden in mehr als 90 Ländern 60 der Fortune 100 Größte Lizenz: 100+ Terabytes pro Tag 4 Fast Company 2013: named Splunk #1 Big Data Innovator, #4 Most Innovative Company in the World Gartner 2013: named Splunk Leader in SIEM Magic Quadrant
    5. 5. Aktuelle Pressemitteilungen zu Splunk 5 • "Finanz Informatik, a German financial IT services provider, is standardized on Splunk as their platform for operational intelligence. FI supports more than half the banks in Germany and will centralize, monitor and analyze all security-related data.” • "Volkswagen AG's big data lab has chosen Splunk to demonstrate the value of the data analyzed and visualized in real-time from next generation of electric vehicles. Volkswagen will demo this solution at CeBIT 2014.” • Computerwoche "Splunk Enterprise named Most Innovative Big Data Solution Platform for Machine Data in “Best of Big Data” Awards” • "Symantec selected Splunk as their platform for security investigations. Symantec will centralize, monitor and analyze all security-related data in Splunk Enterprise, so their security teams can better investigate incidents and detect advance and insider threats. They will also use Splunk to ensure compliance with SOX and PCI data.” • Deutsche Bank ”Splunk in our view is the only public company with a play on the Big Data theme. The company has no close competitor, and is effectively creating the market for machine generated log file analytics and reporting. The addressable market remains relatively underpenetrated, as our checks indicate that only 5%- 10% of useful log files are being indexed and analyzed today. Splunk's product is faster, easier to deploy and use compared to its competitors and its technology advantage has continue to drive its growth.”
    6. 6. Education Healthcare Technology Energy and Utilities Manufacturing Telecommunications Cloud and Online Services Government Retail Financial Services and Insurance Media Travel and Leisure Bewährte Lösung mit 7,000+ Kunden in 90+ Ländern Mehr als die Hälfte der Fortune 100 6
    7. 7. Das beschleunigte Datentempo Volumen | Velozität | Vielfalt | Variabilität GPS, RFID, Hypervisor, Web Servers, Email, Messaging, Clickstreams, Mobile, Telephony, IVR, Databases, Sensors, Telematics, Storage, Servers, Security Devices, Desktops Maschinendaten sind der am Schnellsten Wachsende, Komplexeste, und Wertvollste Anteil an Big Data
    8. 8. Wie sehen Maschinendaten aus? Sources Order Processing Twitter Care IVR Middleware Error
    9. 9. Wie sehen Maschinendaten aus? Customer ID Order ID Customer’s Tweet Time Waiting On Hold Twitter ID Product ID Company’s Twitter ID Customer IDOrder ID Customer ID Sources Order Processing Twitter Care IVR Middleware Error
    10. 10. Wie sehen Maschinendaten aus? Order ID Customer’s Tweet Time Waiting On Hold Product ID Company’s Twitter ID Order ID Customer ID Twitter ID Customer ID Customer ID Sources Order Processing Twitter Care IVR Middleware Error
    11. 11. 11 Macht Maschinendaten zugreifbar, verwertbar und wertvoll für jedermann.
    12. 12. Setzt neue Standards für Operational Intelligence 1 2 3 2006-2008 Tool “Google for the datacenter” Engine 2009-2011 4 4.1 4.2 4.3 “Engine for machine- generated data” Platform 2012 5 “Platform for operational intelligence”
    13. 13. Verwandelt Maschinendaten in Operational Intelligence Reaktiv Proaktiv Echtzeit Geschäfts- einblicke Proaktives Monitoring und AlarmierungSuche und Erkennung Operationelle Sichtbarkeit
    14. 14. Führende Plattform für Maschinendaten Operational Intelligence Search and Investigation Proactive Monitoring Operational Visibility Real-time Business Insights HA Indexes and Storage Commodity Servers Jegliche Maschinendaten Online Services Web Services Servers Security GPS Location Storage Desktops Networks Packaged Applications Custom ApplicationsMessaging Telecoms Online Shopping Cart Web Clickstreams Databases Energy Meters Call Detail Records Smartphones and Devices RFID
    15. 15. Führende Plattform für Maschinendaten Any Machine Data Operational Intelligence HA Indexes and Storage Search and Investigation Proactive Monitoring Operational Visibility Real-time Business Insights Commodity Servers Online Services Web Services Servers Security GPS Location Storage Desktops Networks Packaged Applications Custom ApplicationsMessaging Telecoms Online Shopping Cart Web Clickstreams Databases Energy Meters Call Detail Records Smartphones and Devices RFID Jede Größe und Anzahl, jede Lokation, jede Quelle Schema- on-the-fly Universal forwarding Kein Back-end RDBMS Keine Not- wendigkeit Daten zu filtern
    16. 16. Splunk Enables the Connected Datacenter 16 SERVER, STORAGE, NETWORKING VIRTUALIZATION INFRASTRUCTURE APPLICATIONS PACKAGED APPLICATIONS CUSTOM APPLICATIONS CLOUD SERVICES Operational Visibility Gain operational visibility to make better- informed IT decisions. Proactive Monitoring Monitor infrastructure to identify issues, problems and attacks before they impact your customers and services. Search and Investigation Find and fix problems across the organization using machine data. Business Insights Gain real-time insight from your machine data to make better-informed business decisions.
    17. 17. Industrial Data / Internet of Things Digital Intelligence Business Analytics IT Operations Management Application Management Security and Compliance Operational Intelligence für IT und Geschäfts- anwender 17 LOB Owners/ Executives System Administrator Operations Teams Security Analysts IT Executives Application Developers Auditors Website/Business Analysts Customer Support
    18. 18. Developer Platform (REST API, SDKs) IT Operations Security and Compliance Digital Intelligence App Dev and App Mgmt. Business Analytics Industrial Data and Internet of Things Small Data. Big Data. Huge Data. Splunk erzeugt Mehrwert über die IT und das Business
    19. 19. Splunk-Kern Sammlung Indexing Search Processing Language Kernfunktionen Die Splunk Plattform Eingaben, Apps, weitere InhalteOperational Intelligence Plattform Inhalt Anwender und Entwickler- schnittstellen SDK Web Framework REST API
    20. 20. Was ist möglich mit der Splunk Plattform? REST API SDKs Web Framework Mobile Apps Direkt Logs schreiben Daten extrahieren Kunden- sichten Integration BI Tools Integration Plattform Dienste
    21. 21. Eine Fülle an Splunk Apps Mehr als 400 Apps verfügbar auf der Splunk Seite REST API Server Virtualization Operating Systems XenApp XenDesktop Infrastructure Applications Cloud Services Other Monitoring Ticketing/Help Desk Custom Biz Applications Mobile Applications Server, Storage, Network SDKs Web Framework
    22. 22. Copyright © 2013 Splunk Inc. Neues Produkt von Splunk liefert interaktive Daten- erkundung , -analyse und visualisierung für Hadoop Hunk Splunk Analytics for Hadoop
    23. 23. 23 Voll ausgestattetes, integriertes Produkt Einblicke für jedermann Funktioniert mit Ihrer existierenden Hadoop Umgebungt Hadoop (MapReduce & HDFS) Erkunden Visualisieren Dashboards VerteilenAnalysieren 23 Integrierte Analyseplattform
    24. 24. Führende Kunden 24
    25. 25. Operational Intelligence über das komplette Business Ein ‘Brennglas’ über die vollständige, unternehmensweite Cloud Umgebung Verbessert Troubleshooting um 96% Verbessert Anwendungsperformanz Bessere Erfahrungswerte über 100,000+ Kunden
    26. 26. Messung des Anwendererlebnisses im großen Umfang Weblog Traffic Daten 750 Millionen Web Anwender Clickstreams 12 Millionen monatliche Besuche Anfragen pro Monat Aufrechterhalten hohe Performanz Schützen Inhalt gegen schadhafte Bots Verfolgen Quellen für Anbieter
    27. 27. Echtzeiteinsichten in operative Infrastrukturen Maschinendaten aus End-to-End Service Systemen 90% reduzierte Eskalationen 67% schnellere Problemlösung Vorantreiben eines erstklassigen Kundendienstes
    28. 28. Reduktion der Stromrechnung Zentrale Sicht des Energieverbrauchs Korrelation multipler Gebäudesysteme McKenney’s Business Intelligence for Buildings Optimierung der Betriebsausgaben
    29. 29. Einfach zu beginnen Download und Installation in Minuten 1. Download 3. Start Splunking2. Verarbeiten Ihrer Maschinen- daten
    30. 30. Copyright © 2013 Splunk, Inc. Macht Maschinendaten zugreifbar, verwertbar und wertvoll für IT und Geschäftsanwender.
    31. 31. Herzlichen Dank