The document outlines an upcoming presentation by Splunk on how their software can help financial institutions meet the compliance requirements of the New York State Department of Financial Services' new cybersecurity regulations. It notes that the presentation will contain forward-looking statements and that any information provided is subject to change. Splunk software functionalities that could help with compliance like security monitoring, analytics, and audit logging are highlighted.

1. © 2017 SPLUNK INC.© 2017 SPLUNK INC.
MAY 17 | FINANCIAL SERVICES

2. © 2017 SPLUNK INC.
During the course of this presentation, we may make forward-looking statements regarding future events or
the expected performance of the company. We caution you that such statements reflect our current
expectations and estimates based on factors currently known to us and that actual events or results could
differ materially. For important factors that may cause actual results to differ from those contained in our
forward-looking statements, please review our filings with the SEC.
The forward-looking statements made in this presentation are being made as of the time and date of its live
presentation. If reviewed after its live presentation, this presentation may not contain current or accurate
information. We do not assume any obligation to update any forward looking statements we may make. In
addition, any information about our roadmap outlines our general product direction and is subject to change
at any time without notice. It is for informational purposes only and shall not be incorporated into any contract
or other commitment. Splunk undertakes no obligation either to develop the features or functionality
described or to include any such feature or functionality in a future release.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk
Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2017 Splunk Inc. All
rights reserved.
Forward-Looking Statements

3. © 2017 SPLUNK INC.
Welcome
Peter Benesh | Director, FSI Vertical Solutions Marketing - Splunk
MAY 17 | FINANCIAL SERVICES

4. © 2017 SPLUNK INC.
Program Agenda
Splunk Forum Financial Services New York, City | May 17, 2017
12:45 – 1:00
Welcome
Peter Benesh, Director, Vertical Solutions Marketing, Splunk
1:00 – 1:30
Financial Services Industry Keynote
Julie Conroy, Research Director, Aite Group
1:30 – 2:15
Panel Discussion
Julie Conroy, Research Director, Aite Group
Roy Ben - Alta, Principal Development Manager, Amazon Web Services
Subir Grewal, Head of Splunk Practice, Risk Focus
Conor Sherman, Director of Cyber Security, Apollo Global Management LLC
Frank Angiolelli ,Independent Security Professional
2:15 – 2:30 Break
2:30 – 3:00
Session 1: Meeting Compliance with New Guidance on New York State Department of Financial Services (NYDFS)
Cybersecurity Rule, Michael Natkin, Splunk
3:00 – 3:30 Session 2: Splunk for Electronic Trading Operations Monitoring, Subir Grewal, Risk Focus
3:30 – 4:00 Session 3: Machine Learning and Predictive Analytics for Financial Services, Andrew Stein, Splunk
4:00 – 4:30 Closing Remarks

5. © 2017 SPLUNK INC.
Overall FSI Digital Transformation
2016 Top Industry Drivers*
Fintech Disruption Digital Technologies
Cloud Services Cyber Security
Advanced Analytics
Modernize Core Banking &
Payments
Integrated Risk &
Compliance

6. © 2017 SPLUNK INC.
Corporate Banking
Key Challenges & Priorities by Major FSI Segments
End-to-end digital
transformation is a
primary technology goal.
Cloud expected to be
primary tool for
upgrading core
transaction banking
platforms. Blockchain
apps for cross-border
payments will mature
Capital Markets Retail Banking
Automation is expected
to drive efficiency
through robotics
applications that span
securities ops,
automated trade capture,
transaction monitoring,
and client service reports
Refining customer
experience will be main
driver for technology that
drives core
transformation,
digital/mobile services,
and automation
(Source: Deloitte Report, 2017)

7. © 2017 SPLUNK INC.
Big Data is
central to
these
priorities
and drivers*
(* Source: Cap Gemini Consulting, 2016)

8. GPS,
RFID,
Hypervisor,
Web Servers,
Email, Messaging
Clickstreams, Mobile,
Telephony, IVR, Databases,
Applications, Telematics, Storage,
Servers, Security Devices, Desktops,
Wire Data, Social Data, Middleware
Big Data Comes from Machines
Machine data is the fastest growing, most
complex, most valuable area of big data
Volume | Velocity | Variety | Variability

9. © 2017 SPLUNK INC.
Diversity & Silos of Machine Data Creates a Challenge

10. © 2017 SPLUNK INC.
FSI Processes & Services Use Data From Diverse Systems
Trade
Capture
Trade
Execution
Validation
Trade
Booking
Trade
Clearing
Trade
Settlement
Sample Trade Processing Flow
Hardware NetworkingFront & Back
Applications
Message
Queues
(SWIFT/FIX)
Enterprise
Service
Bus
Devices
Diverse IT Systems Support Trade Processing

11. © 2017 SPLUNK INC.
Getting Visibility Across These Systems Is Challenging
Search & Identify
Monitor Systems/Process
Gain Operational Visibility
Get Business Insights
• What caused the delay in processing or settlement?
• Where are the transaction confirmation details?
• Does the user have access to the right data?
• How many transactions were processed?
• Can we prevent the problem from happening?
• How is the customer experience? Did we meet SLAs?
Hardware NetworkingFront & Back
Applications
Message
Queues
(SWIFT/FIX)
Enterprise
Service
Bus
Devices
Diverse IT Systems Support Trade Processing

12. © 2017 SPLUNK INC.
Gain Insights Across Financial Services Machine Data
COLLECT,
CORRELATE,
ANALYZESecurity
Messaging
(SWIFT/FIX)
Payment
Formats
(ACH/Wire)
Risk and
Compliance
Apps
Online
Banking
Core
Banking
Engines
Trading
Systems
Infrastructure
Payment
Services
Hubs
Cyber Security
System Modernization,
Monitoring, & Infrastructure
Cost Reduction
Regulation & Compliance
Real-Time Payments
Advanced Analytics
Digital Technologies &
Omnichannel
Emerging Technologies
(e.g. Blockchain)
Middleware

13. © 2017 SPLUNK INC.
Financial Services Industry Keynote
MAY 17, 2017 | NEW YORK CITY
Julie Conroy | Research Director, Aite Group

14. © 2017 SPLUNK INC.
Cybercrime on the rise: How to
beat the bad guys
May | 2017

15. © 2017 SPLUNK INC.
Source: Informationisbeautiful.net

16. © 2017 SPLUNK INC.

17. © 2017 SPLUNK INC.

18. © 2017 SPLUNK INC.
The changing notion of identity: From face-to-face, to
personally identifiable information to digital identity

19. © 2017 SPLUNK INC.
As counterfeit declines, CNP fraud, account
takeover and application fraud are rising around
the globe
$3.2 $3.3
$4.0 $4.4
$5.5 $5.9
$1.4 $1.6
$1.9
$2.2
$2.5
$2.8
$0.6
$0.7
$0.8
$0.8
$0.9
$1.0
2015 2016 e2017 e2018 e2019 e2020
U.S. ATO, CNP, and Application Fraud Growth, 2015 to e2020
(In US$ Billions)
ATO fraud
Application
fraud
CNP fraud

20. © 2017 SPLUNK INC.
Legacy approaches don’t work in the face of
rapidly evolving fraud and cybercrime

21. © 2017 SPLUNK INC.
The evolution of risk analytics
1990s Late2000s
2012 to
present
1980s
Static,inflexiblerules-
basedsystems
Dawnofneural
networkmodels
Emergenceofbig-
data-drivenanalytics
User-friendlyML
Combinationoflow-
techringsand
opportunistic
fraudsters
Increasing
organizationamong
fraudrings,Europe
heavily targeteddue
tobatchauthorization
processes
Frauddrivenby
sophisticatedrings,
fueledbyskimming
anddatabreaches
International
organizedcybercrime
ringsrapidly evolve
tactics—FIsand
merchantshard-
pressedtokeepup
Fraud
analytics
Criminal
tactics

22. © 2017 SPLUNK INC.
Machine learning and AI: Buzz words realizing their
potential

23. © 2017 SPLUNK INC.
Artificial Intelligence
Cognitive computing
and automation
Natural language
processing
Cloud
computing
Big data
Distributed
networking
Low data costs
Concurrent/parallel/
distributed
computing
Marketing
Know
Your
Customer Trading
technology
Robo-advisors
Trade surveillance
Fraud
prevention
Technology roots
Financial services
use cases
Anti-money
laundering
Cyber-
security

24. © 2017 SPLUNK INC.
Advances in analytics coupled with ready
availability of data is driving significant leaps in
performance
$40,000
$295
$0.56
$0.02
1980 1996 2006 2016
Hard Drive Cost Per Gigabyte, 1980 to 2016

25. © 2017 SPLUNK INC.
Financial institution challenges
▶ Siloed data and
processes
▶ IT resource constraints
▶ Bureaucratic overhead
▶ Inconsistent UX

26. © 2017 SPLUNK INC.
Internet of Things: New risk frontiers coming fast

27. © 2017 SPLUNK INC.
Solution: Increased data visibility
▶ Use Splunk to collapse the
data silos
▶ Differing business rules and
analytics for different use
cases
▶ Enables rapid identification
and response

28. © 2017 SPLUNK INC.
Thank you.
Julie Conroy| Research
Director
jconroy@aitegroup.com
Aite Group is a global research and advisory firm
delivering comprehensive, actionable advice on
business, technology, and regulatory issues and their
impact on the financial services industry. With expertise
in banking, payments, insurance, wealth management,
and the capital markets, we guide financial institutions,
technology providers, and consulting firms worldwide.
We partner with our clients, revealing their blind spots
and delivering insights to make their businesses smarter
and stronger.
Visit us on the Web and connect with us on Twitter
and LinkedIn.
Ron van Wezel| Sr. Analyst
rvanwezel@aitegroup.com

29. © 2017 SPLUNK INC.
Panel Discussion – How Splunk Addresses Critical FSI Industry
Drivers
Julie Conroy, Research Director, Aite Group
Roy Ben–Alta, Principal Development Manager, Amazon Web Services
Subir Grewal, Head of Splunk Practice, Risk Focus
Conor Sherman, Director of Cyber Security, Apollo Global Management LLC
Frank Angiolelli, Independent Security Professional
MAY 17, 2017 | NEW YORK CITY

30. © 2017 SPLUNK INC.
Meeting Compliance with New Guidance on New York
State Department of Financial Services (NYDFS)
Cybersecurity Rule
Michael Natkin | Splunk Sales Engineer
MAY 17, 2017 | NEW YORK CITY

31. © 2017 SPLUNK INC.
(in other words)
Splunking
NY DFS 23 NYCRR 500
Michael Natkin | Senior SE
MAY 17 | FINANCIAL SERVICES

32. © 2017 SPLUNK INC.
During the course of this presentation, we may make forward-looking statements regarding future events or
the expected performance of the company. We caution you that such statements reflect our current
expectations and estimates based on factors currently known to us and that actual events or results could
differ materially. For important factors that may cause actual results to differ from those contained in our
forward-looking statements, please review our filings with the SEC.
The forward-looking statements made in this presentation are being made as of the time and date of its live
presentation. If reviewed after its live presentation, this presentation may not contain current or accurate
information. We do not assume any obligation to update any forward looking statements we may make. In
addition, any information about our roadmap outlines our general product direction and is subject to change
at any time without notice. It is for informational purposes only and shall not be incorporated into any contract
or other commitment. Splunk undertakes no obligation either to develop the features or functionality
described or to include any such feature or functionality in a future release.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk
Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2017 Splunk Inc. All
rights reserved.
Forward-Looking Statements

33. © 2017 SPLUNK INC.
DISCLAIMER
▶ Not a Lawyer
▶ Did not play one on TV
▶ Did not stay at a Holiday Inn Express last night
“I AM…
SPLUNKING NY DFS 23 NYCRR 500

34. © 2017 SPLUNK INC.
DISCLAIMER
▶ An IT Security specialist…
• with >20 years experience
• Who works with financial institutions small and large
• Who understands the practical and operational implications of
financial regulation
“I AM…
SPLUNKING NY DFS 23 NYCRR 500

35. © 2017 SPLUNK INC.
NEW YORK STATE
DEPARTMENT OF FINANCIAL SERVICES
23 NYCRR 500
CYBERSECURITY REQUIREMENTS FOR FINANCIAL SERVICES
COMPANIES

36. © 2017 SPLUNK INC.
What motivated the
legislation?
A practical view of the threat
landscape

37. © 2017 SPLUNK INC.
As many breaches to
Financial and insurance as
to Information Services
Of organizations have
1,000 or more files
containing sensitive
information open to every
employee
Increase year-over-year
against Financial services
By the Numbers
Risk drives legislation
6x 47% 29%

38. © 2017 SPLUNK INC.
$101 Million
…and nearly another $951 Million

39. © 2017 SPLUNK INC.
And, of course…

40. © 2017 SPLUNK INC.
Keep Calm
and…

41. © 2017 SPLUNK INC.

42. © 2017 SPLUNK INC.
Building upon a strong foundation
A well-established path

43. © 2017 SPLUNK INC.
Security?
Identifying risk,
demanding
accountability

44. © 2017 SPLUNK INC.
The role that Risk Assessment and Risk-based policies shall play
“Risk”

45. © 2017 SPLUNK INC.
Governance
framework for a
robust
cybersecurity
program
Access controls,
data protection
including
encryption, and
penetration testing
IR plan,
preservation of
data, notice of
material events
Documentation,
documentation,
documentation
What is DFS really demanding?
Control
Risk-Based
Standards Accountability
Breach
Response

46. © 2017 SPLUNK INC.
▶ (b) ...Perform the following core cybersecurity functions:
• (1) …identify and assess internal and external cybersecurity risks...
• (2) …use defensive infrastructure and the implementation of policies and procedures...
• (3) …detect Cybersecurity Events…
• (4) …respond to identified or detected Cybersecurity events...
• (6) …fulfill applicable regulatory reporting obligations...
Section 500.02 Cybersecurity Program

47. © 2017 SPLUNK INC.
Splunk for FISMA
https://splunkbase.splunk.com/app/964/#/details

48. © 2017 SPLUNK INC.
Splunk Security Essentials
https://splunkbase.splunk.com/app/3435/

49. © 2017 SPLUNK INC.
CIS Critical Security Controls
https://splunkbase.splunk.com/app/3064/

50. © 2017 SPLUNK INC.
Section 500.03 Cybersecurity Policy

51. © 2017 SPLUNK INC.
Risk-Based
Analytics
Visualize and
Discover
Relationships
Enrich Security
Analysis with Threat
Intelligence
Splunk Enterprise Security
The Next-Generation Analytics-Driven SIEM

52. © 2017 SPLUNK INC.

53. © 2017 SPLUNK INC.
▶ (a) (2) Include audit trails designed to detect and respond to Cybersecurity
Events
▶ (b) …maintain records required by section 500.06(a)(2) for no fewer than three
years
Section 500.06 Audit Trail

54. © 2017 SPLUNK INC.
Connecting the “Data-Dots” Via Multiple/Dynamic Relationships
Attacker, know relay/C2 sites, infected sites, file
hashes, IOC, attack/campaign intent and attribution
Where they went, who talked to whom, attack
transmitted, abnormal traffic, malware download
What process is running (malicious, abnormal, etc.)
Process owner, registry mods, attack/malware artifacts,
patching level, attack susceptibility
Access level, privileged users, likelihood of infection,
where they might be in kill chain
Delivery, Exploit
Installation
Gain Trusted
Access
ExfiltrationData Gathering
Upgrade (Escalate)
Lateral Movement
Persist, Repeat
Threat intelligence
Network
Activity/Security
Host
Activity/Security
Auth - User Roles

55. © 2017 SPLUNK INC.
▶ limit user access privileges to Information Systems that provide access to
Nonpublic Information and shall periodically review such access privileges.
Section 500.07 Access Privileges.

56. © 2017 SPLUNK INC.
Section 500.16 Incident Response Plan
▶ establish a written incident response plan designed to promptly respond to, and
recover from, any Cybersecurity Event materially affecting the confidentiality,
integrity or availability of the Covered Entity’s Information Systems or the
continuing functionality of any aspect of the Covered Entity’s business or
operations.

57. © 2017 SPLUNK INC.
Incident Response in Action
Detection is key

58. © 2017 SPLUNK INC.
“For more information
— Visit Splunk on the Web at https://www.splunk.com/en_us/solutions/solution-
areas/security-and-fraud.html
— Contact your Splunk account team
— Visit the booth

59. © 2017 SPLUNK INC.
Section 500.08 Application Security.

60. © 2017 SPLUNK INC.
▶ (a) (2) provide cybersecurity personnel with cybersecurity updates and training
▶ (a) (3) verify the key cybersecurity personnel take steps to maintain current
knowledge of changing threats and countermeasures
Section 500.10 Cybersecurity Personnel and
Intelligence

61. © 2017 SPLUNK INC.
▶ Encryption of Data at Rest
▶ Encryption of Data in Motion
Section 500.15 Encryption of Nonpublic Information

62. © 2017 SPLUNK INC.© 2017 SPLUNK INC.
THANK YOU

63. © 2017 SPLUNK INC.
Splunk for Electronic Trading
Operations Monitoring
Subir Grewal | Head of Splunk Practice, Risk Focus
MAY 17, 2017 | NEW YORK CITY

64. © 2017 SPLUNK INC.
Splunk partners of choice for Capital Markets

65. © 2017 SPLUNK INC.
Agenda
▶ Introduction
▶ Splunk Adoption Path
▶ Case Studies:
• Cloud infra monitoring
• Validate.Trade / App Development
• Fraud detection case study
• Splunk multi-tenant cluster automation
▶ Strategic partner relationships:
66

66. © 2017 SPLUNK INC.
Risk Focus
▶ Expertise in Trading, Risk Management & Cloud Transformation
▶ Right-sized: technical organization big enough to deliver, small enough to be efficient
▶ Capital Markets specialists
▶ Top Ten Most Promising Cloud Banking Solution Providers of 2015 by Banking CIO Outlook Magazine
▶ Splunk Practice
• Splunk Premier partner with Certified SEs, Architects and Consultants (US and EU).
• Integrated into every solution we deliver to provide operational visibility.
67

67. © 2017 SPLUNK INC.
APIsMessaging
layer
Standard Capital Market business process
68
Transactio
n
Data
Reference
Data
Market
Data
Logs
Post-trade,
(Settlement,
Finance,
Regulatory
Reporting)
Exchang
e, CCP,
Liquidity
provider
Trade
Capture
Risk /
Margin,
Valuatio
n Engine
Confirms,
statements,
client
reporting

68. © 2017 SPLUNK INC.
Additional complexities
69
▶ Multiply this across business lines:
• FX/Rates
• Equities
• Fixed Income
• Prime Brokerage
▶ Mix of proprietary and vendor systems
▶ Various generations of technology

69. © 2017 SPLUNK INC.
Splunk Adoption Path
▶ Successful Splunk adoption follows a specific path at financial institutions
1. Log aggregation, security and infrastructure monitoring
• App/System logs readily available/searchable
2. Run The Bank (RTB) dashboards/transaction monitoring
• Operational Visibility into legacy/existing applications
3. Change The Bank (CTB) SDLC/DevOps transformation
• Integrated into automated build/deploy/test cycle
70

70. © 2017 SPLUNK INC.
Cloud Infra monitoring case study
▶ Our Cloud Solutions team worked with a Top 5 NA Bank set up a private cloud.
▶ We worked alongside partners to:
• Deliver a functional private cloud hosting over 10,000 VMs
• Develop tools to manage internal provisioning, rollout process
▶ Stack: Rackspace/RedHat, OpenStack, Cloudify, Splunk.
▶ Splunk monitors cloud service layer, and all VMs.
▶ For the first time, application dev teams had ready access to system and application logs across their
entire fleet.
71

71. © 2017 SPLUNK INC.
Validate.Trade Use Case
▶ Used by clients to validate trade data prior to reporting it to global trade repositories (such as DTCC,
ESMA).
▶ Objective is to improve Dodd-Frank/EMIR compliance.
▶ Emulators permit pre-production tests of trade data.
▶ Can handle multiple product types and supports all major regulatory requirements (US, EU, Canada,
HK, etc.)
▶ Splunk dashboard built into product.
72

72. © 2017 SPLUNK INC.
Anti-fraud use case
▶ Commercial bank wanted visibility into fraud attempts targeting business banking customers.
▶ Using application logs, a Splunk dashboard based on a multi-variable algorithm using the geolocation, time,
number of attempts etc, raises alerts.
73

73. © 2017 SPLUNK INC.
Fraud alerts based on location/time
74

74. © 2017 SPLUNK INC.
Complete SDLC integration
Dev
QAProd

75. © 2017 SPLUNK INC.
Splunk cluster objectives/capabilities
▶ Multi-Tenant, scalable Splunk cluster:
• segregates data to support information barriers
• hierarchical design offers role-based access that allows some users to search across tenants
• leverages administration benefits of common environment
▶ Can be deployed on private or public clouds
▶ Can be adapted to your DevOps/Cloud toolkit of choice
▶ Simplified Integration into Complex Ecosystems
▶ Customizable deployment, workflows

76. © 2017 SPLUNK INC.
Blueprint Overview
▶ Number of nodes configurable at
deployment
▶ “Surge” capacity or additional tenants
can be deployed in similar manner at
scheduled/arbitrary time
▶ Installs are automated with minimal
manual intervention

77. © 2017 SPLUNK INC.
Cloudify and Ansible roles and
responsibilities
78
Cloudify
• Interprets DSL
• Provisions VMs
• Defines
networking,
access policy and
permissions
• Sets up auto-
scaling policy
• Calls
Ansible/SALT
Ansible/SALT
• Installs
Application
Server’s
packages
• Configures
Application Server
• Installs
Applications

78. © 2017 SPLUNK INC.
Automated Splunk deployment workflow
Cloudify Manager IaaS Virtual Machine Cloudify Agent
Provision VM
VM
Install Agent
Execute individual node operations
Install Splunk
Register and configure
indexers

79. © 2017 SPLUNK INC.
Multi-Tenant Splunk for a firm-wide data
lakeA rich topology with many
different components
Deployment
sequencing can be
complex

80. © 2017 SPLUNK INC.© 2017 SPLUNK INC.
THANK YOU

81. © 2017 SPLUNK INC.
Machine Learning and Predictive
Analytics for Financial Services
Andrew Stein | Splunk Data Scientist
MAY 17, 2017 | NEW YORK CITY

82. © 2017 SPLUNK INC.
“Machine Learning Tour”

83. © 2017 SPLUNK INC.
Overview of ML at Splunk
CORE PLATFORM
SEARCH
PACKAGED PREMIUM
SOLUTIONS
MACHINE LEARNING
TOOLKIT
Platform for Operational Intelligence

84. © 2017 SPLUNK INC.
▶ Assistants: Guided model building, testing
and deployment for common objectives
▶ Showcases: Interactive examples for typical
IT, security, business and IoT use cases
▶ Algorithms: 25+ standard algorithms included
with the toolkit
▶ ML Commands: New SPL commands to
fit, test and operationalize models
▶ Python for Scientific Computing Library:
Access to 300+ open source algorithms
Splunk Machine Learning Toolkit
Extends Splunk platform functions and
provides a guided modeling environment
Build custom analytics for any use case

85. © 2017 SPLUNK INC.
Algorithms supported (v2.0, .conf2016)

86. © 2017 SPLUNK INC.
Custom Machine Learning – Success Formula
Domain
Expertise
(IT, Security, …)
Data
Science
Expertise
Splunk
Expertise
Identify use cases
Drive decisions
Set business/ops priorities
SPL
Data prep
Statistics/math background
Algorithm selection
Model building
Splunk ML Toolkit
facilitates and simplifies
via examples & guidance
Operational success

87. © 2017 SPLUNK INC.
AI
Machine
Learning
Deep
Learning
AI, Deep Learning, And Machine Learning
Intelligent Agents
No Human Involvement
Sentient Machines
Tensorflow
Data sets
are large and
unknowable
Guided Data Driven Decisions
Augmenting Human Reasoning
Operational
Intelligence
Splunk ML offerings today
Neural Networks

88. © 2017 SPLUNK INC.
”Where does the MLTK live in the Splunk platform?”

89. © 2017 SPLUNK INC.
Continuous Data Ingest at Scale
DevelopVisualize PredictAlertSearch
Engineers Data
Analysts
Security
Analysts
Business
Users
Native Inputs
TCP, UDP, Logs, Scripts, Wire, Mobile
Industrial Data
SCADA, AMI, Meter Reads
Modular Inputs
MQTT, AMQP, COAP, REST, JMS
HTTP Event Collector
Token Authenticated Events
Technology Partnerships
Kepware, AWS IoT, Cisco, Palo Alto
Maintenance
Info
Asset
Info
Data
Stores
External
Lookups/EnrichmentOT
Industrial Assets
IT
Consumer and
Mobile Devices Real Time

90. © 2017 SPLUNK INC.
Sense and Respond
OT
Industrial Assets
IT
Consumer and
Mobile Devices
Search
Third-Party
Applications
Smartphones
and Devices
Tickets
Email
Send an
email
File a
ticket
Send a text
Flash lights
Trigger
process flow
Every Search Can Use
Machine Learning
AlertReal Time

91. © 2017 SPLUNK INC.
Splunk: Data Fabric
OT
Industrial Assets
IT
Consumer and
Mobile Devices
Real Time
IT Users Analysts Biz Users
Ad hoc
Search
Custom
Dashboards
Monitor
and Alert
Reports/
Analyze
Clickstreams HadoopDevices Networks
GPS/
Cellular
Online
Shopping
Carts
Servers Applications
Data Warehouses
Structured Data Sources
CRM ERP HR Billing Product Finance
DB
Connect
Look-ups
ODBC
SDK
API
Analysts Biz Users

92. © 2017 SPLUNK INC.
Splunk and Tensorflow for Security
Catching the Fraudster with Behavior Biometrics

93. © 2017 SPLUNK INC.
Qualitative
Rule Engine
Identify
Transaction
Paths
Uncover
Relationships
and
Relevancy
Part of a
Solution Suite
Partner Solutions: Transaction Analysis
Investigate and Analyze Transactional Behavior.

94. © 2017 SPLUNK INC.
“The Future”

95. © 2017 SPLUNK INC.
Today’s Workflow for Splunk to Spark
Hive Meta Store
Splunk DB
Connect
Simba JDC
Splunk Thrift
Server

96. © 2017 SPLUNK INC.
Future Splunk MLTK workflow with Spark
MACHINE LEARNING
TOOLKIT

97. © 2017 SPLUNK INC.
Coming Soon : Mini Solutions
Predicting when a system is going to be resource constrained
MACHINE LEARNING
TOOLKIT
ML Use Case
Technical
overview
•Preselected Algorithm
•Customer identifies the target field
•Focused on single use case
•A Customizable Workflow
•Custom configuration of insights generated from workflow
•Requires the MLTK and Python for Scientific Computing

98. © 2017 SPLUNK INC.
▶ Get the Machine Learning Toolkit from Splunkbase
▶ Go watch Machine Learning Videos on Splunk YouTube Channel
http://tiny.cc/splunkmlvideos
▶ Go watch the Machine Learning talks from .conf2016:
• Advanced Machine Learning in SPL with the Machine Learning Toolkit
by Jacob Leverich
• Extending SPL with Custom Search Commands and the Splunk SDK
for Python by Jacob Leverich
▶ Early Adopter and Customer Advisory Program:
mlprogram@splunk.com
▶ Field ML Architects: Andrew Stein (astein@), Brian Nash (bnash@)
What Else?

99. © 2017 SPLUNK INC.© 2017 SPLUNK INC.
THANK YOU

100. © 2017 SPLUNK INC.
Closing Remarks
Peter Benesh | Director, FSI Vertical Solutions Marketing - Splunk
MAY 17 | FINANCIAL SERVICES

101. 102
b e f o r e 2 0 1 52 0 1 2
Splunk for targeted
solutions only. Isolated
pockets of data and
dashboard expertise
2 0 1 4
Desktop/Server Events and
Performance for Plant Management.
Consolidated Splunk metrics & logs
for Proxy, App, Infra, Desktops
Federated Splunk
• All data accessible to all users
• Correlation across firm on a
global scale
Splunk Center of
Excellence providing self-
service and custom
visualization solutions
dashboard
expertise
indexed
data
Splunk install

102. Monitoring can be divided into three layers
It checks performance and availability of application
functionality e.g. by simulation end-user experience,
interfaces, queues etc. – legal constraints to be considered.
It checks performance and availability of end to-end
process leveraging also on functional monitoring
results/application.
It manages and monitors base infrastructure in terms of
resources utilization (memory, CPU, file systems, swap,
network, disk space, throughput…) and main subsystems
activity (processes, services…)
Business
Process
Function
Layer
Technology
 Components on Mainframe/Open
(JCL, DB, Server…)
 Application
 Process
Target
Group
Aggregation&Integration
 Business- / Process-
Owner
 IT Application
Manager
 IT Application
Manager
 Application Owner
 Application Owner
 Operating/
Provider
Server Data
Base
Sto-rage
etc..

103. Ally’s Splunk Journey
Multiple LoB
ADOPTION
2012 2013 2014 2015 2016
“Find & Fix”
Tool
Developers
LoB
Dashboards
Enterprise
Security
SINGLE LINE OF BUSINESS ENTERPRISE DEPLOYMENT,
MULTIPLE LINES OF BUSINESS
© 2017 Ally Financial. Ally is a registered trademark. All rights reserved.

104. © 2017 SPLUNK INC.
Splunk Enterprise at ING Bank Śląski
Collected data and its value
Data Operational Intelligence
Search and
Investigation
Proactive
Monitoring
Operational
Visibility,
DevOps
Real-time
Business
Insights
Online
Services
Web
Services
Servers Security
Networks
Domain
systems
Custom
Applications
Databases
Active
Directory
Logfiles
SocialMedia

105. © 2017 SPLUNK INC.
Take the Survey on Pony Poll
ponypoll.com/finforum

106. © 2017 SPLUNK INC.
SEPT 25-28, 2017
Walter E. Washington Convention Center
Washington, D.C.
.conf2017
The 8th Annual Splunk Conference
conf.splunk.com
You will receive an email after registration
opens with a link to save over $450 on the
full conference rate.
You’ll have 30 days to take advantage of
this special promotional rate!
SAVE OVER $450

107. © 2017 SPLUNK INC.
Delivered
Globally: Online,
Classroom, Self-
Paced
15 Free
Getting Started
Videos
Get Splunk Certified
in 5 Days
20 Classes
For more information: splunk.com/education
Knowledge is Power
Splunk Education

108. © 2017 SPLUNK INC.
Get Started Fast!
splunk.com/education

109. © 2017 SPLUNK INC.
Doug Merritt
Chief Executive Officer
Splunk
Join us at SplunkLive! NYC
Tuesday, July 11th
live.splunk.com/newyork
REGISTER NOW
Ed Davis
Former Commissioner
Of the Boston Police
Department