Splunk Discovery Day Düsseldorf 2016 - Splunk für IT Operations
•
1 like•426 views
This document discusses how IT complexity is increasing due to factors like virtualization, applications, and cloud services. It states that over 70% of IT time is spent on maintenance rather than innovation. The document then introduces Splunk as a platform that provides visibility and analytics for IT operations through capabilities like search, investigation, and monitoring across infrastructure components. It provides summaries of how Splunk can provide insights for different IT roles and optimize areas like security, operations, and applications. Examples are given of how customers have used Splunk for marketing intelligence, revenue insights, and operational intelligence.
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Splunk Discovery Day Düsseldorf 2016 - Splunk für IT Operations
Similar to Splunk Discovery Day Düsseldorf 2016 - Splunk für IT Operations (20)
More from Splunk
More from Splunk (20)
Recently uploaded
Recently uploaded (20)
Splunk Discovery Day Düsseldorf 2016 - Splunk für IT Operations
- 1. Copyright © 2016 Splunk Inc. Delivering New Visibility and Analytics for IT Operations
- 2. CIO Obstacle: Escalating IT Complexity 2 SERVERS STORAGE NETWORKING VIRTUALIZATION INFRASTRUCTURE APPLICATIONS PACKAGED APPLICATIONS CUSTOM APPLICATIONS Identity VPN IP Phone HR Email Finance App Svr DB Web Svr SaaS/PaaS IaaS
- 3. CIO Obstacle: Escalating IT Complexity 3 SERVERS STORAGE NETWORKING VITUALIZATION INFRASTRUCTURE APPLICATIONS PACKAGED APPLICATIONS CUSTOM APPLICATIONS Identity VPN IP Phone HR Email Finance App Svr DB Web Svr SaaS/PaaS IaaS Complex, silo-based technologies Disconnected and outdated point solutions Over 70% of time spent on maintaining, not innovating
- 4. Splunk : The Better Approach For IT 4 Customer Facing Data Outside the Datacenter Applications Web logs Log4J, JMS, JMX .NET events Code and scripts Networking Configurations syslog SNMP netflow Databases Configurations Audit/query logs Tables Schemas Virtualization & Cloud Hypervisor Guest OS, Apps Cloud Linux/Unix Configuration s syslog File system ps, iostat, top Windows Registry Event logs File system sysinternals Logfiles Configs Messages Traps Alerts Metrics Scripts TicketsChanges Click-stream data Shopping cart data Online transaction data Manufacturing, logistics… CDRs & IPDRs Power consumption RFID data GPS data Powerful, end-to-end, real-time platform for Machine Data
- 5. Splunk : The Better Approach For IT 5 Customer Facing Data Outside the Datacenter Applications Web logs Log4J, JMS, JMX .NET events Code and scripts Networking Configurations syslog SNMP netflow Databases Configurations Audit/query logs Tables Schemas Virtualization & Cloud Hypervisor Guest OS, Apps Cloud Linux/Unix Configuration s syslog File system ps, iostat, top Windows Registry Event logs File system sysinternals Logfiles Configs Messages Traps Alerts Metrics Scripts TicketsChanges Click-stream data Shopping cart data Online transaction data Manufacturing, logistics… CDRs & IPDRs Power consumption RFID data GPS data Powerful, end-to-end, real-time platform for Machine Data Noupfrontschema Nocustomconnectors NoRDBMS •Any amount, any location, any source.
- 6. Splunk Enables the Connected Datacenter 6 SERVER, STORAGE, NETWORKING VIRTUALIZATION INFRASTRUCTURE APPLICATIONS PACKAGED APPLICATIONS CUSTOM APPLICATIONS CLOUD SERVICES Operational Visibility Gain operational visibility to make better- informed IT decisions. Proactive Monitoring Monitor infrastructure to identify issues, problems and attacks before they impact your customers and services. Search and Investigation Find and fix problems across the organization using machine data. Business Insights Gain real-time insight from your machine data to make better-informed business decisions.
- 7. Splunk Differentiators 7 Capture, retain, correlate and analyze ALL data Reduced MTTR From proactive monitoring to correlation and operational analytics Improved user experience Index data once for multiple uses: capacity planning, help desk support, security, troubleshooting, audit, SLA reporting, change tracking Reduced costs Scale to handle the largest, most complex datacenters Greater productivity Universal Machine Data Platform Fast Time-to-value Scales from Desktop to Enterprise Real-time Architecture
- 8. Copyright © 2016 Splunk Inc. Splunk Apps Accelerate Insight
- 9. Apps Provide Deep Insights By Role Find and resolve problems fast in individual technology areas Exchange Admin Service Health Performance Message tracking VMware/Win/ Linux Admin Infrastructure Health Performance Anomalies/Outliers Storage Admin Infrastructure Health Performance Anomalies/Outliers 11
- 10. End to End Correlation With Splunk Enterprise Reduce Costs: Consolidate tools, eliminate silos, find root cause faster! Exchange Admin Linux/Win Admin Network Admin Applications Admin Line of Business User Application Support VMware/Linux/ Win Admin Security Admin Storage Admin IT Management 12
- 11. Powerful Cross-Tier Operational Analytics Harness IT data for business decision-making Data driven decisions across the enterprise Forecasting and planning Root cause analysis Proactive alerting User/Usage analytics Change monitoring Security and forensics 13
- 12. Index and Analyze Data Across Your Technology Stack Splunk Add-Ons, Templates and Apps Accelerate Value From Machine Data No rigid schemas–add in data from any other source. API SDKs UI Server, Storage, Network Virtualization, Containers Operating Systems + Databases Custom Applications Business Applications Cloud Services App Performance MonitoringOperations and Service Desks Web Intelligence Mobile Applications Stream DB Connect
- 13. Splunk For Operating Systems Proactive Monitoring Operational Analytics End-to-End Visibility Get instant insight into infrastructure health OS Metrics for Performance, Capacity & Resource Allocation Analyses Scale And Correlate Across All Tiers Of Your Technology Stack 15
- 14. Splunk For Virtualization & Storage Proactive Monitoring Operational Analytics End-to-End Visibility Real-time actionable insights into problem spots and health issues Real-time & historical insights into performance, security, capacity, forecasting and change tracking Scalable big data solution for holistic visibility across all technology tiers 16
- 15. Splunk For Infrastructure & Business Applications Keep the Business Running Increase Productivity Access to Intelligence Proactively monitor the one service that all other systems actively depend on Analyze, report & monitor via simple dashboards and decrease troubleshooting time Get detailed information on irregular activates affecting security policies or SLA 17
- 16. Splunk Stream Delivers Wire Data Analytics 18 Enhance Operational Intelligence Efficient, Cloud-ready Wire Data Collection Simple Deployment Supports Fast Time to Value Explore, analyze and visualize real-time wire data for Operational Intelligence Instantly access wire data across infrastructures with a simple software solution; manage wire data volumes with fine-grained filtering Enable rapid deployment and reduced complexity with interface-driven install and configuration
- 17. The Splunk Developer Platform Gain Application Intelligence Increase the speed and efficiency of application development and testing lifecycle Integrate and Extend Splunk Extend Splunk into other applications using the SDKs, programmatic control over search commands and data ingestion Build Splunk Apps Build Splunk apps with flexible UI, custom dashboard and data visualizations, using the Splunk Web Framework 19
- 18. Copyright © 2016 Splunk Inc. Customer Successes
- 19. Better Customer Decisions Analyze success of campaigns & promotions Refine campaigns based on behavior Device & Promotion Trends Devices used to place orders Targeted campaigns in real time Real-time Revenue Insights Online sales data from 10,000 stores Visualise key metrics in real time REAL-TIME MARKETING INTELLIGENCE
- 20. 23 When to market What to market Monitor & model customer behaviour Business, Marketing & IT dashboards Prevent lost revenue via machine data insight OPERATIONAL INTELLIGENCE AT A BILLION POUND ONLINE STORE
- 21. Copyright © 2016 Splunk Inc. Thank You
Editor's Notes
- So how does Splunk help? We offer a powerful, end-to-end, real-time platform for Machine Data. Splunk can collect data from any source, giving our customers real-time visibility and intelligence into what’s happening across the IT infrastructure – whether it’s physical, virtual or in the cloud.
- Splunk’s highly capable platform for machine data can handle any machine generated data from any location and any source – without the need to transform the data to fit a schema, without the need for custom connectors-because unlike most other tools on the market, Splunk does not have a database backend. Splunk’s proprietary map-reduce based high speed index and retrieval system allows management of very large quantities of data at scale with just commodity x86 servers.
- The result of using Splunk for all types of machine data results in enormous benefits to the IT organization as a whole. With data from all tiers of applications and hardware infrastructure in a single central location, customers benefit not just from faster troubleshooting and analysis –but from increasing value as they progress along the ‘maturity model’ . Customers use Splunk and their machine data across IT and the business to gain Operational Intelligence. Operational Intelligence refers to the new levels of visibility and intelligence you gain by harnessing the vast amounts of machine data directly from the systems that support IT and the business. Remember how our CIOs are faced with the challenges of silo-ed tools and having lots of sources of data in non-standard formats. With Splunk, they can start to go up the maturity ladder. Stage 1 is “search and investigate”. In this stage, customers use data in Splunk to find and fix problems dramatically faster across their organization using IT data. You can think of it as finding that “needle in the haystack”, or “multiple needles in multiple haystacks”. Just by effectively harnessing this data, customers have experienced up to 70% improvements in mean time to identify and resolve issues. This alone removes much of the human latency experienced “in the trenches”. Stage 2 is Proactive Monitoring: Turn any root cause analyses into proactive alerts to prevent the same issues from impacting your infrastructure. Find any patterns across different types of data to fill visibility gaps and proactively adapt monitoring to identify issues before they impact customers and services. Systems that used to experience outages have remained running because of implementation of this approach. Macy’s is an excellent example of this concept. They have had 100% up-time for the macys.com site for two straight seasons even with a 50% increase in transactions. Stage 3 is Operational Visibility. Customers gain end-to-end visibility to track and deliver on IT KPIs and make better-informed IT decisions. Rolling up visibility to align it to IT KPIs (how IT is measured by the business) provides unprecedented intelligence to the NOC and senior IT personnel. Being able to spot SLA infractions in real time, or measure utilization as new services are launched enables IT to meet and exceed its objectives. Finally, stage 4 is about delivering business insight - gain insight from operational data to make better-informed business decision. Combining and correlating machine-generated IT data with business data provides unique business insights. Watching the consumption of new online services by channel or demographics. Combining telecoms call records with tariff databases to get a real time view of revenue and 3rd party charges. There is a diverse set of cases where surfacing machine-generated IT data provides operational intelligence to the business.
- Here are some key metrics and rapid ROI achieved by using Splunk for IT Operational Intelligence. Verisign reduced the time to track deliveries by 90%. Cars.com achieved a 200% ROI in usage analytics. CERYX achived a 200% ROI and a better customer experience And Ping Identity achieved a 70% reduction in MTTR. Other areas that people are seeing value in is with: Reduce/avoid downtime Gain control over costs, capacity, user experience User and usage analytics to support real-time business decision-making Real-time and historical data analysis for trending and pattern detection
- We talked about CIO priorities before – this slide maps real customer examples back to those priorities. Splunk is a strategic solution for IT, and provides value along every vector of interest to IT. You will see on this slide several examples about Splunk fostering Visibility across silos and making it faster to deliver business solutions. In the following pages, we’ll talk about each of these examples.
- Over the last couple of years Splunk has evolved from an engine for machine data to a platform for machine data – nothing is a testimony of this more than our Apps store apps which range from plugins and templates to full fledged apps that help you collect, analyze and harness data from every layer of your technology stack. These apps are built by our customers, technology partners such as Cisco, NetApp, or others and Splunk employees. We are a platform as it is very easy to get data into Splunk and out of Splunk. We are complementing other solutions in the data center Two important things to remember: If a logo you have doesn't show up here, Splunk still doesn't’t limit you – you can always index data from that technology – Splunk extensions simply help you accelerate the process. We provide a full featured REST API and a variety of SDKs that help you build your own custom apps for technologies and insights custom to your business. This is to help you create a specific interface to your data in special format and development languages your team is used to. Lastly, each of the Splunk extensions is not comparable to point solutions in every silo, simply because your data from each silo is more valuable when in context of other data from other technology tiers. Splunk apps simply help you get to the point faster where you can see correlations and comparisons of machine data ACROSS silos. We also recently introduced the 2 new offerings – one to collect wire data, with the Splunk App for Stream (stemming from the acquisition of Cloudmeter) and MINT (Mobile Intelligence) that stems from our acquisition of Bugsense. The Splunk App for Stream enables the capture of real-time streaming wire data, which is the data transmitted between applications over the network. It enables visibility into application, business and user activity without the need for instrumentation, enhancing various operational use cases across IT, security and the business. And Splunk MINT helps you gain visibility into mobile app performance and quality, so you can deliver better mobile apps Splunk MINT helps you combine and correlate mobile app data with other data in Splunk so you can pinpoint problems faster and analyze user experience/behavior across mobile, desktop and web channels. The main value from the apps is providing context for data from silos and making it available inside Splunk for correlation with other data from other silos. In addition to prebuilt apps, customers can also build their own. What have developers been building using Splunk Enterprise? Examples include the following: Run searches and retrieve Splunk data from existing Customer Service/Call Center applications (Comcast use case) Integrate Splunk data into existing BI tools and dashboard (Tableau, MS Excel) Build mobile applications with KPI dashboards and alerts powered by Splunk (Otto Group use case) Log directly to Splunk from remote devices (Bosch use cases) Build customer-facing dashboards powered by user-specific data in Splunk (Socialize, Hurricane Labs use cases) Programmatically extract data from Splunk for long-term data warehousing We hope this is just the beginning. We hope to open up a whole new world of enterprise apps.
- Availity is a leading health information network optimizing information exchange between mutliple stakeholders through a single secure network. Availity has a very complex application infrastructure over which they deliver their service and maintaining SLAs was a problem for them. Before Splunk they had challenges visualizing data from multiple sources in one place and it took them tremendous man power to sort through customer facing issues. Within days of implementing Splunk, they saved money by finding unnecessary backups that had caused their hosting bill to shoot way up. They use Splunk to stitich together transactions as they pass through different application components and report/alert on variations from a baseline. Instead of spending hours doing this, they had transactions figured out in 10 mins. They could combine data from various sources to figure out what server capacity was appropriate for what volume of transactions and thus use Splunk to guide capacity planning. Splunk has many uses and in addition to proactive alerting, monitoring , transaction inteligence and capacity analytics – they are also using Splunk data for analytics like where are the hotspots in the network, where are the outages, what is performance looking like across geographic locations. Splunk dashboards are used by everyone from developers to the CTO.