Downloaded 15 times
![© 2017 SPLUNK INC.© 2017 SPLUNK INC.
ORDER, 2016-05-21T14:04:12.484,10098213,569281734,67.17.10.12,43CD1A7B8322,SA-2100
MAY 21 14:04:12.996 wl-01.acme.com Order 569281734 failed for customer 10098213.
Exception follows: weblogic.jdbc.extensions.ConnectionDeadSQLException:
weblogic.common.resourcepool.ResourceDeadException: Could not create pool connection. The
DBMS driver exception was: [BEA][Oracle JDBC Driver] Error establishing socket to host and port:
ACMEDB-01:1521. Reason: Connection refused
05/21 16:33:11.238 [CONNEVENT] Ext 1207130 (0192033): Event 20111, CTI Num:ServID:Type
0:19:9, App 0, ANI T7998#1, DNIS 5555685981, SerID 40489a07-7f6e-4251-801a-
13ae51a6d092, Trunk T451.16
05/21 16:33:11:242 [SCREENPOPEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
CUSTID 10098213
05/21 16:37:49.732 [DISCEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
{actor:{displayName: “Go Boys!!”,followersCount:1366,friendsCount:789,link:
http://dallascowboys.com/,location:{displayName:“Dallas, TX”,objectType:“place”},
objectType:“person”,preferredUsername:“B0ysF@n80”,statusesCount:6072},body: “Can’t buy
this device from @ACME. Site doesn’t work! Called, gave up on waiting for them to answer! RT if
you hate @ACME!!”,objectType:“activity”,postedTime:“2016-05-21T16:39:40.647-0600”}
What Does Machine Data Look Like?
SOURCES
Order Processing
Twitter
Care IVR
Middleware Error](https://image.slidesharecdn.com/analyzingmachinedatawithsplunk-datadrivenmtl-170601142200/85/Analyzing-machine-data-with-splunk-10-320.jpg)
![© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Machine Data Contains Critical Insights
SOURCES
Order Processing
Twitter
Care IVR
Middleware Error
Customer ID Order ID Product ID
ORDER, 2016-05-21T14:04:12.484,10098213,569281734,67.17.10.12,43CD1A7B8322,SA-2100
MAY 21 14:04:12.996 wl-01.acme.com Order 569281734 failed for customer 10098213.
Exception follows: weblogic.jdbc.extensions.ConnectionDeadSQLException:
weblogic.common.resourcepool.ResourceDeadException: Could not create pool connection. The
DBMS driver exception was: [BEA][Oracle JDBC Driver] Error establishing socket to host and port:
ACMEDB-01:1521. Reason: Connection refused
05/21 16:33:11.238 [CONNEVENT] Ext 1207130 (0192033): Event 20111, CTI Num:ServID:Type
0:19:9, App 0, ANI T7998#1, DNIS 5555685981, SerID 40489a07-7f6e-4251-801a-
13ae51a6d092, Trunk T451.16
05/21 16:33:11:242 [SCREENPOPEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
CUSTID 10098213
05/21 16:37:49.732 [DISCEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
{actor:{displayName: “Go Boys!!”,followersCount:1366,friendsCount:789,link:
http://dallascowboys.com/,location:{displayName:“Dallas, TX”,objectType:“place”},
objectType:“person”,preferredUsername:“B0ysF@n80”,statusesCount:6072},body: “Can’t buy
this device from @ACME. Site doesn’t work! Called, gave up on waiting for them to answer! RT if
you hate @ACME!!”,objectType:“activity”,postedTime:“2016-05-21T16:39:40.647-0600”}
Order ID
Twitter ID
Customer ID
Customer ID
Time waiting on hold
Customers Tweet
Company’s Twitter ID](https://image.slidesharecdn.com/analyzingmachinedatawithsplunk-datadrivenmtl-170601142200/85/Analyzing-machine-data-with-splunk-11-320.jpg)
![© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Machine Data Contains Critical Insights
SOURCES
Order Processing
Twitter
Care IVR
Middleware Error
Customer ID Order ID Product ID
ORDER, 2016-05-21T14:04:12.484,10098213,569281734,67.17.10.12,43CD1A7B8322,SA-2100
MAY 21 14:04:12.996 wl-01.acme.com Order 569281734 failed for customer 10098213.
Exception follows: weblogic.jdbc.extensions.ConnectionDeadSQLException:
weblogic.common.resourcepool.ResourceDeadException: Could not create pool connection. The
DBMS driver exception was: [BEA][Oracle JDBC Driver] Error establishing socket to host and port:
ACMEDB-01:1521. Reason: Connection refused
05/21 16:33:11.238 [CONNEVENT] Ext 1207130 (0192033): Event 20111, CTI Num:ServID:Type
0:19:9, App 0, ANI T7998#1, DNIS 5555685981, SerID 40489a07-7f6e-4251-801a-
13ae51a6d092, Trunk T451.16
05/21 16:33:11:242 [SCREENPOPEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
CUSTID 10098213
05/21 16:37:49.732 [DISCEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
{actor:{displayName: “Go Boys!!”,followersCount:1366,friendsCount:789,link:
http://dallascowboys.com/,location:{displayName:“Dallas, TX”,objectType:“place”},
objectType:“person”,preferredUsername:“B0ysF@n80”,statusesCount:6072},body: “Can’t buy
this device from @ACME. Site doesn’t work! Called, gave up on waiting for them to answer! RT if
you hate @ACME!!”,objectType:“activity”,postedTime:“2016-05-21T16:39:40.647-0600”}
Order ID
Twitter ID
Customer ID
Customer ID
Time waiting on hold
Customers Tweet
Company’s Twitter ID](https://image.slidesharecdn.com/analyzingmachinedatawithsplunk-datadrivenmtl-170601142200/85/Analyzing-machine-data-with-splunk-12-320.jpg)
Analyzing machine data with splunk
- 1. © 2017 SPLUNKINC.© 2017 SPLUNK INC. Analyzing Machine Data with Splunk DATADRIVENMTL May 31st 2017 Sebastien Henry & Daniel Phaneuf
- 2. © 2017 SPLUNKINC.© 2017 SPLUNK INC. Agenda What is Splunk ? What is machine data ? Are there links between Splunk and BI tools ? Demo Questions / Answers
- 3. © 2017 SPLUNKINC. Big Data Comes from Machines Volume | Velocity | Variety | Variability | Value | Vulnerability GPS, RFID, Hypervisor, Web Servers, Email, Messaging, Clickstreams, Mobile, Telephony, IVR, Databases, Sensors, Telematics, Storage, Servers, Security Devices, Desktops © 2017 SPLUNK INC.
- 4. © 2017 SPLUNKINC.© 2017 SPLUNK INC. © 2017 SPLUNK INC. © 2017 SPLUNK INC. © 2017 SPLUNK INC.
- 5. © 2017 SPLUNKINC.© 2017 SPLUNK INC. Why Splunk? FAST TIME-TO-VALUE ONE PLATFORM, MULTIPLE USE CASES VISIBILITY ACROSS STACK, NOT JUST SILOS ASK ANY QUESTION OF DATA ANY DATA, ANY SOURCE OR DEPLOYMENT MODEL
- 6. © 2017 SPLUNKINC.© 2017 SPLUNK INC. Why Splunk? SQL Search Schema at Write Schema at Read Traditional Splunk ETL Universal Indexing Volume Velocity Variety Unstructured Structured RDBMS
- 7. © 2017 SPLUNKINC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Turning Machine Data Into Business Value Index Untapped Data: Any Source, Type, Volume Ask Any Question Application Delivery Security, Compliance and Fraud IT Operations Business Analytics Industrial Data and the Internet of Things On-Premises Private Cloud Public Cloud Storage Online Shopping Cart Telecoms Desktops Security Web Services Networks Containers Web Clickstreams RFID Smartphones and Devices Servers Messaging GPS Location Packaged Applications Custom Applications Online Services DatabasesCall Detail Records Energy Meters Firewall Intrusion Prevention
- 8. © 2017 SPLUNKINC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. HA / DR Admin Data Security Apps SDK / APIScale Collect Data Index Data Enrich Data Search & Explore Analyze & Predict Report & Visualize Alert & Action Fully Integrated Enterprise Platform
- 9. © 2017 SPLUNKINC.© 2017 SPLUNK INC. The Splunk Portfolio Rich Ecosystem of Apps & Add-Ons Splunk Premium Solutions Mainframe Data Relational Databases MobileForwarders Syslog/ TCP IoT Devices Network Wire Data Hadoop Platform for Operational Intelligence
- 10. © 2017 SPLUNKINC.© 2017 SPLUNK INC. ORDER, 2016-05-21T14:04:12.484,10098213,569281734,67.17.10.12,43CD1A7B8322,SA-2100 MAY 21 14:04:12.996 wl-01.acme.com Order 569281734 failed for customer 10098213. Exception follows: weblogic.jdbc.extensions.ConnectionDeadSQLException: weblogic.common.resourcepool.ResourceDeadException: Could not create pool connection. The DBMS driver exception was: [BEA][Oracle JDBC Driver] Error establishing socket to host and port: ACMEDB-01:1521. Reason: Connection refused 05/21 16:33:11.238 [CONNEVENT] Ext 1207130 (0192033): Event 20111, CTI Num:ServID:Type 0:19:9, App 0, ANI T7998#1, DNIS 5555685981, SerID 40489a07-7f6e-4251-801a- 13ae51a6d092, Trunk T451.16 05/21 16:33:11:242 [SCREENPOPEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092 CUSTID 10098213 05/21 16:37:49.732 [DISCEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092 {actor:{displayName: “Go Boys!!”,followersCount:1366,friendsCount:789,link: http://dallascowboys.com/,location:{displayName:“Dallas, TX”,objectType:“place”}, objectType:“person”,preferredUsername:“B0ysF@n80”,statusesCount:6072},body: “Can’t buy this device from @ACME. Site doesn’t work! Called, gave up on waiting for them to answer! RT if you hate @ACME!!”,objectType:“activity”,postedTime:“2016-05-21T16:39:40.647-0600”} What Does Machine Data Look Like? SOURCES Order Processing Twitter Care IVR Middleware Error
- 11. © 2017 SPLUNKINC.© 2017 SPLUNK INC. Machine Data Contains Critical Insights SOURCES Order Processing Twitter Care IVR Middleware Error Customer ID Order ID Product ID ORDER, 2016-05-21T14:04:12.484,10098213,569281734,67.17.10.12,43CD1A7B8322,SA-2100 MAY 21 14:04:12.996 wl-01.acme.com Order 569281734 failed for customer 10098213. Exception follows: weblogic.jdbc.extensions.ConnectionDeadSQLException: weblogic.common.resourcepool.ResourceDeadException: Could not create pool connection. The DBMS driver exception was: [BEA][Oracle JDBC Driver] Error establishing socket to host and port: ACMEDB-01:1521. Reason: Connection refused 05/21 16:33:11.238 [CONNEVENT] Ext 1207130 (0192033): Event 20111, CTI Num:ServID:Type 0:19:9, App 0, ANI T7998#1, DNIS 5555685981, SerID 40489a07-7f6e-4251-801a- 13ae51a6d092, Trunk T451.16 05/21 16:33:11:242 [SCREENPOPEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092 CUSTID 10098213 05/21 16:37:49.732 [DISCEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092 {actor:{displayName: “Go Boys!!”,followersCount:1366,friendsCount:789,link: http://dallascowboys.com/,location:{displayName:“Dallas, TX”,objectType:“place”}, objectType:“person”,preferredUsername:“B0ysF@n80”,statusesCount:6072},body: “Can’t buy this device from @ACME. Site doesn’t work! Called, gave up on waiting for them to answer! RT if you hate @ACME!!”,objectType:“activity”,postedTime:“2016-05-21T16:39:40.647-0600”} Order ID Twitter ID Customer ID Customer ID Time waiting on hold Customers Tweet Company’s Twitter ID
- 12. © 2017 SPLUNKINC.© 2017 SPLUNK INC. Machine Data Contains Critical Insights SOURCES Order Processing Twitter Care IVR Middleware Error Customer ID Order ID Product ID ORDER, 2016-05-21T14:04:12.484,10098213,569281734,67.17.10.12,43CD1A7B8322,SA-2100 MAY 21 14:04:12.996 wl-01.acme.com Order 569281734 failed for customer 10098213. Exception follows: weblogic.jdbc.extensions.ConnectionDeadSQLException: weblogic.common.resourcepool.ResourceDeadException: Could not create pool connection. The DBMS driver exception was: [BEA][Oracle JDBC Driver] Error establishing socket to host and port: ACMEDB-01:1521. Reason: Connection refused 05/21 16:33:11.238 [CONNEVENT] Ext 1207130 (0192033): Event 20111, CTI Num:ServID:Type 0:19:9, App 0, ANI T7998#1, DNIS 5555685981, SerID 40489a07-7f6e-4251-801a- 13ae51a6d092, Trunk T451.16 05/21 16:33:11:242 [SCREENPOPEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092 CUSTID 10098213 05/21 16:37:49.732 [DISCEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092 {actor:{displayName: “Go Boys!!”,followersCount:1366,friendsCount:789,link: http://dallascowboys.com/,location:{displayName:“Dallas, TX”,objectType:“place”}, objectType:“person”,preferredUsername:“B0ysF@n80”,statusesCount:6072},body: “Can’t buy this device from @ACME. Site doesn’t work! Called, gave up on waiting for them to answer! RT if you hate @ACME!!”,objectType:“activity”,postedTime:“2016-05-21T16:39:40.647-0600”} Order ID Twitter ID Customer ID Customer ID Time waiting on hold Customers Tweet Company’s Twitter ID
- 13. © 2017 SPLUNKINC.© 2017 SPLUNK INC. Splunk: Complementing BI Investments IT Users Analysts Biz Users Ad hoc Search Custom Dashboards Monitor and Alert Reports/ Analyze Clickstreams HadoopDevices Networks GPS/ Cellular Online Shopping Carts Servers Applications Data Warehouses Structured Data Sources CRM ERP HR Billing Product Finance DB Connect Look-ups ODBC SDK API Analysts Biz Users
- 14. © 2017 SPLUNKINC.© 2017 SPLUNK INC. ▶ Assistants: Guide model building, testing & deployment for common objectives ▶ Showcases: Interactive examples for typical IT, security, business, IoT use cases ▶ SPL ML Commands: New commands to fit, test and operationalize models ▶ Python for Scientific Computing Library: 300+ open source algorithms available for use Splunk Machine Learning Toolkit Build custom analytics for any use case
- 15. © 2017 SPLUNKINC. Optimize Multi-Channel Marketing Campaigns Initial WebOps Use Case ▶ WebOps – site monitoring, errors ▶ Troubleshoot issues with releases ▶ Reduced MTTR from days to seconds ▶ Network monitoring in real time Expansion to Business Analytics ▶ Multi-channel analytics for web, mobile and 10,000+ store locations ▶ Real-time revenue insights, product mix and promotion effectiveness ▶ Marketing campaign optimization ▶ Data sources: weblogs, mobile, app logs, transaction logs, in-store POS data © 2017 SPLUNK INC.
- 16. © 2017 SPLUNKINC.© 2017 SPLUNK INC. Demos
- 17. © 2017 SPLUNKINC.© 2017 SPLUNK INC. Splunk: Complementing BI Investments IT Users Analysts Biz Users Ad hoc Search Custom Dashboards Monitor and Alert Reports/ Analyze Clickstreams HadoopDevices Networks GPS/ Cellular Online Shopping Carts Servers Applications Data Warehouses Structured Data Sources CRM ERP HR Billing Product Finance DB Connect Look-ups ODBC SDK API Analysts Biz Users
- 18. © 2017 SPLUNKINC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. >Thank You
Editor's Notes
- #4 What is this machine data, and why is it a big deal? Well, it’s one of the fastest growing, most complex and most valuable segments of data. All the webservers, applications, network devices, mobile devices, sensors – all of the technology infrastructure running your enterprise – generates massive streams of data, in an array of unpredictable formats that are difficult to process and analyze by traditional methods or in a timely manner. Why is this “machine data” valuable? Because it contains a trace - a categorical record - of user behavior, cyber-security risks, application behavior, service levels, fraudulent activity and customer experience. Characteristics of machine data – the four V’s - the last two are the most interesting / challenging.
- #5 And so that’s our mission: to help organizations make better decisions and deliver better customer experiences by making machine data accessible, usable, and valuable to everyone. Why Splunk? Splunk is different from point solutions across each of these areas. Fast Time-To-Value – Splunk can be downloaded and installed in minutes. If that’s not fast enough you can get a cloud instance in seconds. Any Data – Splunk can ingest data from any machine data source. It’s not application, vendor, or hardware specific. Ask any question – It’s impossible to know all the questions you will ask of your data. Often answering one question leads to another. The schema-on-the-fly approach allows you to ask any question of your data. Visibility across stack – Because you can ingest this data from any source you can quickly gain visibility across all of them. One Platform – This is more than log aggregation and search software. We’ll show you shortly. Choose Splunk as a SaaS offering, on-premise or hybrid. You get one universal view of your data. And, we give you access to that data, anywhere you want it. Your Choice: Splunk Cloud (with a 100% uptime SLA), On Prem or Hybrid So let’s take a look. Over to XX to show you
- #6 What would you do if you could install software, point it at your data, then ask any questions you have? That’s the power of Splunk software and cloud services. Our software was designed to be downloaded and installed in minutes. The same software that’s a free download scales to hundreds of terabytes of data per day, and enables you to ask questions across your entire infrastructure—even across data silos. As you add more data, you receive more insights. All data is relevant to how you run your business and to support strategic priorities. Splunk Enterprise can be deployed on-premises or in the cloud, and can be deployed as either software or SaaS.
- #7 The rise of big data has forced IT organizations to transition from a focus on structured, relational data, to accommodate unstructured data, driven by the volume, velocity and variety of today’s applications and systems. As the data has changed from structured data to unstructured data, the technology approach needs to change as well. When you don’t know what data types you’ll need to analyze tomorrow or what questions you need to ask in a week, flexibility becomes a key component of your technology decisions. The ability to index any data type, search across silos and avoid being locked into a rigid schema opens a new world of analytics and business insights to your organization. Schema at Read – Enables you ask any question of the deal Search – Enables rapid, iterative exploration of the data along with advanced analytics Universal Indexing – Enables you to ingest any type of machine data Horizontal scaling over commodity hardware enables big data analytics
- #8 Splunk products are being used for data volumes ranging from gigabytes to hundreds of terabytes per day. Splunk software and cloud services reliably collects and indexes machine data, from a single source to tens of thousands of sources. All in real time. Once data is in Splunk Enterprise, you can search, analyze, report on and share insights form your data. The Splunk Enterprise platform is optimized for real-time, low-latency and interactivity, making it easy to explore, analyze and visualize your data. This is described as Operational Intelligence. The insights gained from machine data support a number of use cases and can drive value across your organization. [In North America] Splunk Cloud is available in North America and offers Splunk Enterprise as a cloud-based service – essentially empowering you with Operational Intelligence without any operational effort.
- #9 Compared to open source alternatives, where you have to integrate the various components yourself, Splunk provides an open and fully integrated platform. That means you can collect, index, analyze, report and predict on machine-generated data from a single platform. No integration projects, no troubleshooting, no additional scripts. No strain on your IT resources. You can realize rapid time-to-value compared to other alternatives. It’s enterprise-ready with high availability and disaster recovery features, role-based access control and scales to index hundreds of terabytes per day.
- #10 Splunk has several applications and partnerships that make us especially relevant for the Internet of Things: Community apps such as modular inputs for REST Endpoints, Kinesis, Kafka, and JMS Messaging Services allow easy connection to and ingestion of the high velocity and volume data available from the web services and from web based messaging queues that are becoming so common in IoT data delivery. Splunk’s DB Connect allows connection to data stored in relational databases, as well as to traditional structured metadata sources which can be used for Splunk lookups. And for the makers in the house, a community supported Splunk Universal Forwarder for ARM architectures runs on platforms like Raspberry Pi for easy access to the data and applications running on those IoT devices. Strong partnerships with companies well established in the internet of things, including Kepware, CQCloud and DataFlare for industrial data collection, analytics and visualization, and ThingWorx and MachineShop for IoT platforms integration in the Enterprise.
- #11 Unlike traditional structured data or multi-dimensional data– for example data stored in a traditional relational database for batch reporting – machine data is non-standard, highly diverse, dynamic and high volume. You will notice that machine data events are also typically time-stamped – it is time-series data. Take the example of purchasing a product on your tablet or smartphone: the purchase transaction fails, you call the call center and then tweet about your experience. All these events are captured - as they occur - in the machine data generated by the different systems supporting these different interactions. Each of the underlying systems can generate millions of machine data events daily. Here we see small excerpts from just some of them.
- #12 When we look more closely at the data we see that it contains valuable information – citizen id, case id, time waiting on hold, twitter id … what was tweeted. What’s important is first of all the ability to actually see across all these disparate data sources, but then to correlate related events across disparate sources, to deliver meaningful insight.
- #13 If you can correlate and visualize related events across these disparate sources, you can build a picture of activity, behavior and experience. And what if you can do all of this in real-time? You can respond more quickly to events that matter. For example, if an organizations captured the customers twitter ID in their customer profile this correlation would be possible. Where that didn’t exist, they could at least group by demographic with the tweets. You can extrapolate this example to a wide range of use cases – security and fraud, transaction monitoring and analysis, web analytics, IT operations and so on.
- #15 Machine learning is bringing data analysis into a new era, allowing companies to use predictive analytics that continually “learn” from historical data. These analytics can optimize IT, security and business operations—helping to detect incidents, reduce resolution times, and predict and prevent undesired outcomes. The Splunk platform makes it easy for you to harness the power of machine learning by offering a rich set of machine learning commands and a guided workbench to create custom models for any use case. Assistants: Assistants let you choose the algorithm and then guide you through model creation, testing and deployment for common objectives like forecasting values, predicting numeric or categorical fields, and detecting numeric or categorical outliers. Showcases: Walk through interactive examples of model creation organized by common use cases for IT, security, IoT and business analytics. Examples include predicting disk failures, finding outliers in response time, predicting VPN usage and forecasting internet traffic. SPL ML Commands: The Splunk platform offers over 20 machine learning commands that can be applied directly to your data for detection, alerting or analysis. Commands such as outlier, predict, cluster and correlate utilize fixed algorithms, while others such as anomalydetection allow you to choose between several algorithms to best fit your needs. Want more flexibility? With the Machine Learning Toolkit, you get access to additional commands and open source algorithms to create custom models for any use case. Python for Scientific Computing Library: Use machine learning SPL commands like fit, apply and allow to directly build, test and operationalize models using open source Python algorithms from the Splunk Python for Scientific Computing Add-on.
- #16 Company Background: Dominos Pizza is the world leader in Pizza delivery with over 10,000 corporate and franchised stores in US and international markets. Dominos customers use multiple channels (web, phone, mobile) to order food. Initial Use Case: Dominos needed a solution to analyze and aggregate logging data from our OS (Linux and Solaris) and middleware in a timely manner at the same time they needed to understand site errors and monitor the website, troubleshoot issues. Expansion: After the initial success in WebOps use cases, Dominos quickly realized that the data from their weblogs had a wealth of insights for marketing organization. Combining and correlating data from mobile devices, POS data into Splunk for real-time insights into multi-channel analytics, understanding their customers and optimize marketing campaigns and promotions. Data sources used: weblogs, mobile, app logs, transaction logs, in-store POS data Key metrics: Popular products sold, orders per minute, coupon usage, etc. Online ordering trends Efficiency of marketing promotions Track performance of online promotions - 50% off online coupon promotion Sales monitoring by regions Case Study/Video link: Video: http://www.splunk.com/ view/ SP-CAAAH8H Webinar: http://www.splunk.com/ goto/ dominos_webcast