This document discusses how Splunk can help organizations address challenges related to escalating IT complexity. It notes that IT environments have become more complex with disconnected point solutions, over 70% of time spent maintaining rather than innovating, and latency in resolving issues measured in hours or days. Splunk provides a single platform to gather, analyze, and search machine data from various sources in real-time. It allows correlating data across silos for faster problem resolution. The document highlights how Splunk reduced escalations by 90% and mean time to resolution by 67% for one customer. It then discusses how Splunk offers pre-built apps for monitoring different parts of the IT infrastructure and applications.
SplunkLive! Splunk Enterprise 6.3 - Data On-boardingSplunk
This document discusses Splunk Enterprise 6.3, a platform for machine data that provides breakthrough performance, scale, and total cost of ownership reductions. Key features highlighted include doubling search and indexing speed, increasing capacity by 20-50%, and reducing TCO by over 20%. Advanced analysis and visualization capabilities are improved, along with support for high-volume event collection, enterprise-scale requirements, and development tools. Demo apps showcase custom visualizations and machine learning functionality.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Splunk conf2014 - Dashboard Fun - Creating an Interactive Transaction ProfilerSplunk
Using Simple XML and Splunk Enterprise, learn how to create easy interactive dashboards to explore data. This demo showcases great tools to put ion the hands of Splunk users, help desk users and IT Operations staff.
Splunk for IT Operations Breakout SessionGeorg Knon
This document discusses how IT complexity is a challenge for CIOs due to siloed technologies, disconnected point solutions, and time spent maintaining rather than innovating. It presents Splunk as a solution that provides comprehensive visibility across infrastructure, applications, databases, and more through centralized data collection and analysis. Splunk reduces problem resolution time by 67% and escalations by 90% by enabling "first responders" to search across all IT data from a single interface. The document also outlines how Splunk apps can provide insights by role and technology and its capabilities for various IT functions like virtualization, storage, and operating systems.
Splunk Enterpise for Information Security Hands-OnSplunk
Splunk is the ultimate tool for the InfoSec hunter. In this unique session, we’ll dive straight into the Splunk search interface, and interact with wire data harvested from various interesting and hostile environments, as well as some web access logs. We’ll show how you can use Splunk Enterprise with a few free Splunk applications to hunt for attack patterns. We’ll also demonstrate some ways to add context to your data in order to reduce false positives and more quickly respond to information. Bring your laptop – you’ll need a web browser to access our demo systems!
Come and learn from our experts on ways to improve you IT Operational Visibility by using Splunk for monitoring environment health. In this hands-on session we will cover recommended approaches for end to end monitoring, across applications, OSes, and devices. Topics will include: critical services to monitor, use of the Splunk Common Information Model (CIM) for cross-dataset normalization, commonly deployed apps and TAs to gather data for IT infrastructure uses, and use of pre-made dashboard panels to quickly build dashboards for monitoring your environment.
The document is a transcript from a Splunk presentation about using Splunk for IT operations. It discusses using Splunk to correlate machine data from different sources like servers, applications, and databases to gain visibility into IT services and their components. It provides a live demonstration of how Splunk can be used to monitor system performance, create tickets or alerts when issues arise, and troubleshoot issues by searching through logs and events. The presentation emphasizes how the common information model in Splunk allows mapping these components like hosts, applications, and services for improved IT operations and issue resolution.
Splunk Tutorial for Beginners - What is Splunk | EdurekaEdureka!
The document discusses Splunk, a software platform used for searching, analyzing, and visualizing machine-generated data. It provides an example use case of Domino's Pizza using Splunk to gain insights from data from various systems like mobile orders, website orders, and offline orders. This helped Domino's track the impact of various promotions, compare performance metrics, and analyze factors like payment methods. The document also outlines Splunk's components like forwarders, indexers, and search heads and how they allow users to index, store, search and visualize data.
SplunkLive! Splunk Enterprise 6.3 - Data On-boardingSplunk
This document discusses Splunk Enterprise 6.3, a platform for machine data that provides breakthrough performance, scale, and total cost of ownership reductions. Key features highlighted include doubling search and indexing speed, increasing capacity by 20-50%, and reducing TCO by over 20%. Advanced analysis and visualization capabilities are improved, along with support for high-volume event collection, enterprise-scale requirements, and development tools. Demo apps showcase custom visualizations and machine learning functionality.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Splunk conf2014 - Dashboard Fun - Creating an Interactive Transaction ProfilerSplunk
Using Simple XML and Splunk Enterprise, learn how to create easy interactive dashboards to explore data. This demo showcases great tools to put ion the hands of Splunk users, help desk users and IT Operations staff.
Splunk for IT Operations Breakout SessionGeorg Knon
This document discusses how IT complexity is a challenge for CIOs due to siloed technologies, disconnected point solutions, and time spent maintaining rather than innovating. It presents Splunk as a solution that provides comprehensive visibility across infrastructure, applications, databases, and more through centralized data collection and analysis. Splunk reduces problem resolution time by 67% and escalations by 90% by enabling "first responders" to search across all IT data from a single interface. The document also outlines how Splunk apps can provide insights by role and technology and its capabilities for various IT functions like virtualization, storage, and operating systems.
Splunk Enterpise for Information Security Hands-OnSplunk
Splunk is the ultimate tool for the InfoSec hunter. In this unique session, we’ll dive straight into the Splunk search interface, and interact with wire data harvested from various interesting and hostile environments, as well as some web access logs. We’ll show how you can use Splunk Enterprise with a few free Splunk applications to hunt for attack patterns. We’ll also demonstrate some ways to add context to your data in order to reduce false positives and more quickly respond to information. Bring your laptop – you’ll need a web browser to access our demo systems!
Come and learn from our experts on ways to improve you IT Operational Visibility by using Splunk for monitoring environment health. In this hands-on session we will cover recommended approaches for end to end monitoring, across applications, OSes, and devices. Topics will include: critical services to monitor, use of the Splunk Common Information Model (CIM) for cross-dataset normalization, commonly deployed apps and TAs to gather data for IT infrastructure uses, and use of pre-made dashboard panels to quickly build dashboards for monitoring your environment.
The document is a transcript from a Splunk presentation about using Splunk for IT operations. It discusses using Splunk to correlate machine data from different sources like servers, applications, and databases to gain visibility into IT services and their components. It provides a live demonstration of how Splunk can be used to monitor system performance, create tickets or alerts when issues arise, and troubleshoot issues by searching through logs and events. The presentation emphasizes how the common information model in Splunk allows mapping these components like hosts, applications, and services for improved IT operations and issue resolution.
Splunk Tutorial for Beginners - What is Splunk | EdurekaEdureka!
The document discusses Splunk, a software platform used for searching, analyzing, and visualizing machine-generated data. It provides an example use case of Domino's Pizza using Splunk to gain insights from data from various systems like mobile orders, website orders, and offline orders. This helped Domino's track the impact of various promotions, compare performance metrics, and analyze factors like payment methods. The document also outlines Splunk's components like forwarders, indexers, and search heads and how they allow users to index, store, search and visualize data.
This document provides an overview of Splunk Enterprise, including what it is, how it deploys and integrates, and its capabilities around real-time search, alerting, and reporting. Splunk Enterprise is an industry-leading platform for machine data that allows users to search, monitor, and analyze machine data from any source, location, or volume in real-time or historically. It deploys easily in 4 steps and scales to handle hundreds of terabytes of data per day from diverse sources like servers, applications, sensors, and more.
This document provides an overview and agenda for a Splunk lunch and learn session. It discusses what Splunk is, its key capabilities including searching, alerting, and reporting on machine data, and its universal indexing approach. The document also outlines deployment options and includes a demonstration. It explains how Splunk eliminates finger pointing across IT silos by enabling users to search and investigate issues more quickly. It also discusses how Splunk supports proactive monitoring, operational visibility, and real-time business insights.
Splunk provides software that allows users to search, monitor, and analyze machine-generated data. It collects data from websites, applications, servers, networks and other devices and stores large amounts of data. The software provides dashboards, reports and alerts to help users gain operational intelligence and insights. It is used by over 4,400 customers across many industries to solve IT and business challenges.
How to Design, Build and Map IT and Business Services in SplunkSplunk
Your IT department supports critical business functions, processes and products. You're most effective when your technology initiatives are closely aligned and measured with specific business objectives. This session covers best practices and techniques for designing and building an effective service model, using the domain knowledge of your experts and capturing and reporting on key metrics that everyone can understand. We will design a sample service model and map them to performance indicators to track operational and business objectives. We will also show you how to make Splunk service-ware with Splunk IT Service Intelligence (ITSI).
Splunk Webinar Best Practices für Incident InvestigationGeorg Knon
The document discusses best practices for incident investigation using Splunk, including collecting data from various sources like network traffic, endpoints, user activity, and threat intelligence. Effective investigation requires visibility into who and what communicated on the network, running processes, file system changes, and privileged access on endpoints. The goal is to quickly scope infections and disrupt breaches by understanding attack intent, lateral movement, and exfiltration through correlation of different data sources.
This document provides an overview of data enrichment techniques in Splunk including tags, field aliases, calculated fields, event types, and lookups. It describes how tags can add context and categorize data, field aliases can simplify searches by normalizing field labels, and lookups can augment data with additional external fields. The document also discusses various data sources that Splunk can index such as network data, HTTP events, alerts, scripts, databases, and modular inputs for custom data collection.
The document discusses how Splunk provides a platform for operational intelligence by unifying machine data from various IT systems and applications. It summarizes Splunk's capabilities for monitoring infrastructure components, applications, and virtual environments. The presentation includes an agenda, descriptions of IT complexity challenges and how Splunk addresses them with its platform. It also provides overviews and demonstrations of specific Splunk apps for monitoring Exchange, VMware, NetApp, and other systems.
Getting started with Splunk - Break out SessionGeorg Knon
This document provides an overview and getting started guide for Splunk. It discusses what Splunk is for exploring machine data, how to install and start Splunk, add sample data, perform basic searches, create saved searches, alerts and dashboards. It also covers deployment and integration topics like scaling Splunk, distributing searches across data centers, forwarding data to Splunk, and enriching data with lookups. The document recommends resources like the Splunk community for further support.
The document summarizes Splunk Enterprise 6.3, highlighting key new features and capabilities. It discusses breakthrough performance and scale improvements including doubled search and indexing speed and 20-50% increased capacity. It also covers advanced analysis and visualization features like anomaly detection, geospatial mapping, and single-value display. New capabilities for high-volume event collection and an enterprise-scale platform with expanded management, custom alert actions, and data integrity control are also summarized.
Attend to learn from our experts about ways to improve you IT Operational Intelligence by using Splunk for troubleshooting, monitoring and service-level visibility. In this hands-on session we will cover recommended approaches for end-to-end troubleshooting and monitoring across applications, OSes, and devices to resolve problems faster, reduce downtime and improve user satisfaction and customer retention. Topics will include: monitoring critical services, using commonly deployed apps and TAs to gather data for IT infrastructure uses, and using of pre-made dashboard panels to quickly build dashboards for monitoring your environment.
The document provides an overview of new features in Splunk Enterprise 6, including more powerful analytics capabilities for both technical and non-technical users. Key updates include an intuitive pivot interface that allows drag-and-drop report building without knowledge of the search language, defined data models to represent relationships in machine data, and an analytics store that can accelerate searches and reports up to 1000 times faster than previous versions. The release also includes simplified cluster management for large enterprise deployments and enhanced developer tools.
Machine Data 101: Turning Data Into Insight is a presentation about using Splunk software to analyze machine data. It discusses topics such as:
- What machine data is and examples of common sources like log files, social media, call center systems
- How Splunk indexes machine data from various sources in real-time regardless of format
- Techniques for enriching data in Splunk like tags, field aliases, calculated fields, event types, and lookups from external data sources
- Examples of collecting non-traditional data sources into Splunk like network data, HTTP events, databases, and mobile app data
The presentation provides an overview of Splunk's machine data platform and techniques for analyzing, enrich
The document discusses how Splunk provides a platform for operational intelligence through machine data. It outlines Splunk's capabilities including collecting any machine data, powerful search and investigation tools, and proactive monitoring. Splunk accelerates value through apps that provide deep insights into specific technologies like Exchange, VMware, and storage. The document demonstrates how Splunk apps work through demos and discusses how customers are leveraging Splunk to reduce costs and gain operational visibility across their infrastructure.
This document provides an overview and introduction to Splunk, an enterprise software platform for searching, monitoring, and analyzing machine-generated big data, such as logs, metrics, and events. The agenda covers what Splunk is, how to get started with Splunk including installing and licensing, basic search functionality, creating alerts and dashboards, deployment and integration options to scale Splunk across multiple sites and systems, and resources for support and the Splunk community. Key capabilities highlighted include searching and analyzing structured and unstructured machine data, indexing petabytes of data per day, role-based access controls, high availability, and integrating with third-party systems.
If you’re just getting started with Splunk, this session will help you understand how to use Splunk software to turn your silos of data into insights that are actionable. In this session, we’ll dive right into a Splunk environment and show you how to use the simple Splunk search interface to quickly find the needle-in-the-haystack or multiple needles in multiple haystacks. We’ll demonstrate how to perform rapid ad-hoc searches to conduct routine investigations across your entire IT infrastructure in one place, whether physical, virtual or in the cloud. We’ll show you how to then convert these searches into real time alerts and dashboards, so you can proactively monitor for problems before they impact your end user. We’ll demonstrate how you can use Splunk to connect the dots across heterogeneous systems in your environment for cross-tier, cross-silo visibility. You’ll have access to a demo environment. So, don’t forget to bring your laptop and follow along for a hands-on experience.
Besides seeing the newest features in Splunk Enterprise and learning the best practices for data models and pivot, we will show you how to use a handful of search commands that will solve most search needs. Learn these well and become a ninja.
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingGeorg Knon
This document provides an overview of Splunk's IT operations software. It discusses the challenges facing IT operations, including siloed tools and reactive problem solving. It presents Splunk as a solution, with its ability to index and analyze machine data from any source in real-time. Key benefits highlighted include faster troubleshooting to reduce downtime, proactive monitoring to address issues before they become problems, and increased operational visibility across the IT environment. The document concludes with a demonstration of Splunk's IT service intelligence capabilities.
SplunkLive! München 2016 - Splunk für SecuritySplunk
This document provides an overview of Splunk's security analytics and user behavior analytics capabilities for detecting threats like cyber attacks and insider threats. It discusses how Splunk uses machine learning and behavioral analytics on large datasets to detect anomalies and threats. Examples are given showing how Splunk can detect suspicious user activities across the cyber kill chain and identify external attacks and insider threats. Key workflows for security analysts and threat hunters using Splunk are also outlined.
Join our Security Expert and learn how to use the Splunk App for Enterprise Security (ES) in a live, hands-on session. We'll take a tour through Splunk's award-winning security offering to understand some of the unique capabilities in the product. Then, we'll use ES to work an incident and disrupt an adversary's Kill Chain by finding the Actions on Intent, Exploitation Methods, and Reconnaissance Tactics used against a simulated organization. Data investigated will include threat list intelligence feeds, endpoint activity logs, e-mail logs, and web access logs. This session is a must for all security experts! Please bring your laptop as this is a hands-on session.
This document discusses how IT complexity is a challenge for CIOs due to siloed technologies, disconnected point solutions, and time spent maintaining rather than innovating. It presents Splunk as a solution that provides comprehensive visibility across infrastructure, applications, and customer-facing data to help reduce problem resolution time and escalations. Specific benefits highlighted include consolidating logs from various systems into a single view, enabling faster identification and resolution of issues. The document also outlines how Splunk apps can provide insights by role and accelerate value through plug-ins and templates to analyze data from any source.
SplunkLive! München 2016 - Splunk für IT OperationsSplunk
The document discusses Splunk for IT operations (ITOps). It provides an overview of how Splunk can help organizations gain operational intelligence and visibility across their IT infrastructure and applications. Some key points:
- Splunk consolidates machine data from different sources like servers, storage, networking devices, applications etc. into a single platform for monitoring, searching and analyzing data.
- It helps overcome issues of disconnected point solutions, siloed teams and outdated tools that take up majority of IT time for maintenance instead of innovation.
- Splunk provides real-time search capabilities to help IT teams act as "first responders" and reduce problem resolution time from days to minutes by quickly searching across all log data.
The document provides an overview of Splunk for IT operations (ITOps). It discusses how Splunk can help organizations address escalating IT complexity and issues plaguing IT operations. It introduces Splunk IT Service Intelligence, which provides data-driven service insights for root-cause isolation and improved service operations. Key concepts explained include what a service is, key performance indicators (KPIs), and service health scores. The document also highlights capabilities like service analyzer, glass tables, deep dives, multi-KPI alerts and notable events. Customer stories are presented on how enterprises use Splunk for increased uptime, reduced mean time to resolution, optimized capacity and more.
This document provides an overview of Splunk Enterprise, including what it is, how it deploys and integrates, and its capabilities around real-time search, alerting, and reporting. Splunk Enterprise is an industry-leading platform for machine data that allows users to search, monitor, and analyze machine data from any source, location, or volume in real-time or historically. It deploys easily in 4 steps and scales to handle hundreds of terabytes of data per day from diverse sources like servers, applications, sensors, and more.
This document provides an overview and agenda for a Splunk lunch and learn session. It discusses what Splunk is, its key capabilities including searching, alerting, and reporting on machine data, and its universal indexing approach. The document also outlines deployment options and includes a demonstration. It explains how Splunk eliminates finger pointing across IT silos by enabling users to search and investigate issues more quickly. It also discusses how Splunk supports proactive monitoring, operational visibility, and real-time business insights.
Splunk provides software that allows users to search, monitor, and analyze machine-generated data. It collects data from websites, applications, servers, networks and other devices and stores large amounts of data. The software provides dashboards, reports and alerts to help users gain operational intelligence and insights. It is used by over 4,400 customers across many industries to solve IT and business challenges.
How to Design, Build and Map IT and Business Services in SplunkSplunk
Your IT department supports critical business functions, processes and products. You're most effective when your technology initiatives are closely aligned and measured with specific business objectives. This session covers best practices and techniques for designing and building an effective service model, using the domain knowledge of your experts and capturing and reporting on key metrics that everyone can understand. We will design a sample service model and map them to performance indicators to track operational and business objectives. We will also show you how to make Splunk service-ware with Splunk IT Service Intelligence (ITSI).
Splunk Webinar Best Practices für Incident InvestigationGeorg Knon
The document discusses best practices for incident investigation using Splunk, including collecting data from various sources like network traffic, endpoints, user activity, and threat intelligence. Effective investigation requires visibility into who and what communicated on the network, running processes, file system changes, and privileged access on endpoints. The goal is to quickly scope infections and disrupt breaches by understanding attack intent, lateral movement, and exfiltration through correlation of different data sources.
This document provides an overview of data enrichment techniques in Splunk including tags, field aliases, calculated fields, event types, and lookups. It describes how tags can add context and categorize data, field aliases can simplify searches by normalizing field labels, and lookups can augment data with additional external fields. The document also discusses various data sources that Splunk can index such as network data, HTTP events, alerts, scripts, databases, and modular inputs for custom data collection.
The document discusses how Splunk provides a platform for operational intelligence by unifying machine data from various IT systems and applications. It summarizes Splunk's capabilities for monitoring infrastructure components, applications, and virtual environments. The presentation includes an agenda, descriptions of IT complexity challenges and how Splunk addresses them with its platform. It also provides overviews and demonstrations of specific Splunk apps for monitoring Exchange, VMware, NetApp, and other systems.
Getting started with Splunk - Break out SessionGeorg Knon
This document provides an overview and getting started guide for Splunk. It discusses what Splunk is for exploring machine data, how to install and start Splunk, add sample data, perform basic searches, create saved searches, alerts and dashboards. It also covers deployment and integration topics like scaling Splunk, distributing searches across data centers, forwarding data to Splunk, and enriching data with lookups. The document recommends resources like the Splunk community for further support.
The document summarizes Splunk Enterprise 6.3, highlighting key new features and capabilities. It discusses breakthrough performance and scale improvements including doubled search and indexing speed and 20-50% increased capacity. It also covers advanced analysis and visualization features like anomaly detection, geospatial mapping, and single-value display. New capabilities for high-volume event collection and an enterprise-scale platform with expanded management, custom alert actions, and data integrity control are also summarized.
Attend to learn from our experts about ways to improve you IT Operational Intelligence by using Splunk for troubleshooting, monitoring and service-level visibility. In this hands-on session we will cover recommended approaches for end-to-end troubleshooting and monitoring across applications, OSes, and devices to resolve problems faster, reduce downtime and improve user satisfaction and customer retention. Topics will include: monitoring critical services, using commonly deployed apps and TAs to gather data for IT infrastructure uses, and using of pre-made dashboard panels to quickly build dashboards for monitoring your environment.
The document provides an overview of new features in Splunk Enterprise 6, including more powerful analytics capabilities for both technical and non-technical users. Key updates include an intuitive pivot interface that allows drag-and-drop report building without knowledge of the search language, defined data models to represent relationships in machine data, and an analytics store that can accelerate searches and reports up to 1000 times faster than previous versions. The release also includes simplified cluster management for large enterprise deployments and enhanced developer tools.
Machine Data 101: Turning Data Into Insight is a presentation about using Splunk software to analyze machine data. It discusses topics such as:
- What machine data is and examples of common sources like log files, social media, call center systems
- How Splunk indexes machine data from various sources in real-time regardless of format
- Techniques for enriching data in Splunk like tags, field aliases, calculated fields, event types, and lookups from external data sources
- Examples of collecting non-traditional data sources into Splunk like network data, HTTP events, databases, and mobile app data
The presentation provides an overview of Splunk's machine data platform and techniques for analyzing, enrich
The document discusses how Splunk provides a platform for operational intelligence through machine data. It outlines Splunk's capabilities including collecting any machine data, powerful search and investigation tools, and proactive monitoring. Splunk accelerates value through apps that provide deep insights into specific technologies like Exchange, VMware, and storage. The document demonstrates how Splunk apps work through demos and discusses how customers are leveraging Splunk to reduce costs and gain operational visibility across their infrastructure.
This document provides an overview and introduction to Splunk, an enterprise software platform for searching, monitoring, and analyzing machine-generated big data, such as logs, metrics, and events. The agenda covers what Splunk is, how to get started with Splunk including installing and licensing, basic search functionality, creating alerts and dashboards, deployment and integration options to scale Splunk across multiple sites and systems, and resources for support and the Splunk community. Key capabilities highlighted include searching and analyzing structured and unstructured machine data, indexing petabytes of data per day, role-based access controls, high availability, and integrating with third-party systems.
If you’re just getting started with Splunk, this session will help you understand how to use Splunk software to turn your silos of data into insights that are actionable. In this session, we’ll dive right into a Splunk environment and show you how to use the simple Splunk search interface to quickly find the needle-in-the-haystack or multiple needles in multiple haystacks. We’ll demonstrate how to perform rapid ad-hoc searches to conduct routine investigations across your entire IT infrastructure in one place, whether physical, virtual or in the cloud. We’ll show you how to then convert these searches into real time alerts and dashboards, so you can proactively monitor for problems before they impact your end user. We’ll demonstrate how you can use Splunk to connect the dots across heterogeneous systems in your environment for cross-tier, cross-silo visibility. You’ll have access to a demo environment. So, don’t forget to bring your laptop and follow along for a hands-on experience.
Besides seeing the newest features in Splunk Enterprise and learning the best practices for data models and pivot, we will show you how to use a handful of search commands that will solve most search needs. Learn these well and become a ninja.
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingGeorg Knon
This document provides an overview of Splunk's IT operations software. It discusses the challenges facing IT operations, including siloed tools and reactive problem solving. It presents Splunk as a solution, with its ability to index and analyze machine data from any source in real-time. Key benefits highlighted include faster troubleshooting to reduce downtime, proactive monitoring to address issues before they become problems, and increased operational visibility across the IT environment. The document concludes with a demonstration of Splunk's IT service intelligence capabilities.
SplunkLive! München 2016 - Splunk für SecuritySplunk
This document provides an overview of Splunk's security analytics and user behavior analytics capabilities for detecting threats like cyber attacks and insider threats. It discusses how Splunk uses machine learning and behavioral analytics on large datasets to detect anomalies and threats. Examples are given showing how Splunk can detect suspicious user activities across the cyber kill chain and identify external attacks and insider threats. Key workflows for security analysts and threat hunters using Splunk are also outlined.
Join our Security Expert and learn how to use the Splunk App for Enterprise Security (ES) in a live, hands-on session. We'll take a tour through Splunk's award-winning security offering to understand some of the unique capabilities in the product. Then, we'll use ES to work an incident and disrupt an adversary's Kill Chain by finding the Actions on Intent, Exploitation Methods, and Reconnaissance Tactics used against a simulated organization. Data investigated will include threat list intelligence feeds, endpoint activity logs, e-mail logs, and web access logs. This session is a must for all security experts! Please bring your laptop as this is a hands-on session.
This document discusses how IT complexity is a challenge for CIOs due to siloed technologies, disconnected point solutions, and time spent maintaining rather than innovating. It presents Splunk as a solution that provides comprehensive visibility across infrastructure, applications, and customer-facing data to help reduce problem resolution time and escalations. Specific benefits highlighted include consolidating logs from various systems into a single view, enabling faster identification and resolution of issues. The document also outlines how Splunk apps can provide insights by role and accelerate value through plug-ins and templates to analyze data from any source.
SplunkLive! München 2016 - Splunk für IT OperationsSplunk
The document discusses Splunk for IT operations (ITOps). It provides an overview of how Splunk can help organizations gain operational intelligence and visibility across their IT infrastructure and applications. Some key points:
- Splunk consolidates machine data from different sources like servers, storage, networking devices, applications etc. into a single platform for monitoring, searching and analyzing data.
- It helps overcome issues of disconnected point solutions, siloed teams and outdated tools that take up majority of IT time for maintenance instead of innovation.
- Splunk provides real-time search capabilities to help IT teams act as "first responders" and reduce problem resolution time from days to minutes by quickly searching across all log data.
The document provides an overview of Splunk for IT operations (ITOps). It discusses how Splunk can help organizations address escalating IT complexity and issues plaguing IT operations. It introduces Splunk IT Service Intelligence, which provides data-driven service insights for root-cause isolation and improved service operations. Key concepts explained include what a service is, key performance indicators (KPIs), and service health scores. The document also highlights capabilities like service analyzer, glass tables, deep dives, multi-KPI alerts and notable events. Customer stories are presented on how enterprises use Splunk for increased uptime, reduced mean time to resolution, optimized capacity and more.
Delivering New Visibility and Analytics for IT OperationsGabrielle Knowles
The document discusses how Splunk provides visibility and analytics for IT operations. It outlines Splunk's ability to ingest data from various sources like applications, databases, networks and more. This gives organizations a universal platform to gain operational visibility, enable proactive monitoring, and obtain business insights from their machine data in real-time. Splunk differentiators include analyzing all data, scaling for large environments, and reducing MTTR, costs and improving user experiences.
The document discusses how Splunk provides visibility and analytics for IT operations. It describes how Splunk can ingest data from various sources like applications, databases, networks, virtualization and more. This gives organizations operational visibility across their infrastructure and enables proactive monitoring, search and investigation capabilities for troubleshooting and problem solving. Splunk offers a universal platform for machine data that can scale to handle large, complex environments.
The document discusses how Splunk provides visibility and analytics for IT operations. It outlines Splunk's ability to ingest data from various sources like applications, databases, networks and more. This gives organizations a universal platform to gain operational visibility, enable proactive monitoring, and power search and investigation across machine data for improved IT operations and business insights.
Attend to learn from our experts about ways to improve you IT Operational Intelligence by using Splunk for troubleshooting, monitoring and service-level visibility. In this hands-on session we will cover recommended approaches for end-to-end troubleshooting and monitoring across applications, OSes, and devices to resolve problems faster, reduce downtime and improve user satisfaction and customer retention. Topics will include: monitoring critical services, using commonly deployed apps and TAs to gather data for IT infrastructure uses, and using of pre-made dashboard panels to quickly build dashboards for monitoring your environment.
Learn from our experts about ways to improve you IT Operational Intelligence by using Splunk for troubleshooting, monitoring and service-level visibility. In this hands-on session we will cover recommended approaches for end-to-end troubleshooting and monitoring across applications, OSes, and devices to resolve problems faster, reduce downtime and improve user satisfaction and customer retention. Topics will include: monitoring critical services, using commonly deployed apps and TAs to gather data for IT infrastructure uses, and using of pre-made dashboard panels to quickly build dashboards for monitoring your environment.
This document discusses how Splunk provides new visibility and analytics for IT operations. It notes that IT environments are becoming increasingly complex with more servers, applications, virtualization, and cloud services. Splunk offers a platform for operational intelligence that can consolidate machine data from various sources and provide search, monitoring, and analytics capabilities. It also discusses how Splunk apps can provide deep insights into specific technology areas.
Come and learn from our experts on ways to improve you IT Operational Visibility by using Splunk for monitoring environment health. In this hands-on session we will cover recommended approaches for end-to-end monitoring, across applications, OSes, and devices. Topics will include: critical services to monitor, use of the Splunk Common Information Model (CIM) for cross-dataset normalization, commonly deployed apps and TAs to gather data for IT infrastructure uses, and use of pre-made dashboard panels to quickly build dashboards for monitoring your environment.
Splunk Discovery Day Düsseldorf 2016 - Splunk für IT OperationsSplunk
This document discusses how IT complexity is increasing due to factors like virtualization, applications, and cloud services. It states that over 70% of IT time is spent on maintenance rather than innovation. The document then introduces Splunk as a platform that provides visibility and analytics for IT operations through capabilities like search, investigation, and monitoring across infrastructure components. It provides summaries of how Splunk can provide insights for different IT roles and optimize areas like security, operations, and applications. Examples are given of how customers have used Splunk for marketing intelligence, revenue insights, and operational intelligence.
How to Design, Build and Map IT and Business Services in SplunkSplunk
Your IT department supports critical business functions, processes and products. You're most effective when your technology initiatives are closely aligned and measured with specific business objectives. This session covers best practices and techniques for designing and building an effective service model, using the domain knowledge of your experts and capturing and reporting on key metrics that everyone can understand.
How to Design, Build and Map IT and Business Services in Splunk Splunk
Your IT department supports critical business functions, processes and products. You're most effective when your technology initiatives are closely aligned and measured with specific business objectives. This session covers best practices and techniques for designing and building an effective service model, using the domain knowledge of your experts and capturing and reporting on key metrics that everyone can understand. We will design a sample service model and map them to performance indicators to track operational and business objectives. We will also show you how to make Splunk service-ware with Splunk IT Service Intelligence (ITSI).
Steven Hatch of Cox Automotive discusses how they used Splunk IT Service Intelligence (ITSI) to gain operational visibility into massive amounts of audio, video, network, and storage data from their global auction platforms. This helped them pinpoint issues, improve mean time to identify and resolve incidents, and ensure high customer satisfaction. Splunk ITSI simplified the complex technical details into intelligence through correlating key performance indicators into services and actionable events. It also empowered Cox Automotive to scale infrastructure on demand with cloud solutions and proactively replace equipment. Use of Splunk ITSI reduced auction incidents by 90% with real-time infrastructure monitoring and positively impacted reliability and the bottom line. Next steps include training partners in DevOps
Splunk is used by many large financial services companies to gain operational intelligence and insights across diverse business processes. Some key uses of Splunk mentioned in the document include enabling high performance global trade infrastructure, gaining visibility across FIX order routing systems, providing end to end visibility across applications and infrastructure to deliver $6M annual ROI, enabling timely transaction settlement processing, and being integrated into a risk metrics group's high performance cloud computing offering.
The document discusses Splunk IT Service Intelligence, a solution from Splunk for monitoring IT services. It provides real-time insights into key performance indicators (KPIs) for defined IT services. The solution allows customers to quickly gain visibility into the health and performance of critical services through dashboards, alerts and reports. Case studies show how Splunk IT Service Intelligence has helped customers reduce incident tickets, gain unified insights across their IT operations and support proactive, service-level monitoring.
The document provides an overview of Splunk for IT operations (ITOps). It begins with an agenda for the presentation and discusses the increasing complexity facing IT operations. Splunk is introduced as an industry-leading platform for machine data that can ingest data from any source. The presentation describes how Splunk turns machine data into operational intelligence through search, investigation, proactive monitoring, and visibility. It highlights Splunk apps and add-ons that accelerate insights and the Splunk IT Service Intelligence product. The presentation concludes with a customer success story and information about the annual Splunk .conf user conference.
SplunkLive! Utrecht - Splunk for IT Operations - Rick FitzSplunk
This document discusses how increasing IT complexity from technologies like virtualization, SaaS applications, and custom applications has made IT operations more difficult. It presents Splunk as a solution for capturing data from all IT systems and applications in order to perform operational analytics. This allows organizations to gain insights across their IT infrastructure and applications for tasks like root cause analysis, capacity planning, security monitoring, and service level reporting. The document highlights some of Splunk's key capabilities and differentiators like indexing data once for multiple uses, scaling to large environments, and providing a fast time to value. It also includes two customer examples of how Credit Suisse and Surrey Satellite have benefited from using Splunk for IT operations.
The document is an agenda for a Splunk conference session on using Splunk for IT operations. The agenda includes an introduction to Splunk for IT operations, a discussion of Splunk apps to accelerate insights, and a presentation on Splunk IT Service Intelligence. It outlines the growing complexity faced by IT operations and how Splunk provides a platform to index and investigate machine data from any source, in order to improve troubleshooting, monitoring, and gaining operational visibility and insights.
Brighttalk understanding the promise of sde - finalAndrew White
Mr. White has 15 years of experience designing and managing systems monitoring and event management software. He previously led monitoring organizations at a Fortune 100 company and consulted for various organizations. He is now a cloud and smarter infrastructure specialist at IBM. The document discusses software-defined environments and their promise to increase agility through automation and integration of IT infrastructure.
Similar to SplunkLive! - Splunk for IT Operations (20)
.conf Go 2023 - Raiffeisen Bank InternationalSplunk
This document discusses standardizing security operations procedures (SOPs) to increase efficiency and automation. It recommends storing SOPs in a code repository for versioning and referencing them in workbooks which are lists of standard tasks to follow for investigations. The goal is to have investigation playbooks in the security orchestration, automation and response (SOAR) tool perform the predefined investigation steps from the workbooks to automate incident response. This helps analysts automate faster without wasting time by having standard, vendor-agnostic procedures.
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
.conf Go 2023 presentation:
"Das passende Rezept für die digitale (Security) Revolution zur Telematik Infrastruktur 2.0 im Gesundheitswesen?"
Speaker: Stefan Stein -
Teamleiter CERT | gematik GmbH M.Eng. IT-Sicherheit & Forensik,
doctorate student at TH Brandenburg & Universität Dresden
El documento describe la transición de Cellnex de un Centro de Operaciones de Seguridad (SOC) a un Equipo de Respuesta a Incidentes de Seguridad (CSIRT). La transición se debió al crecimiento de Cellnex y la necesidad de automatizar procesos y tareas para mejorar la eficiencia. Cellnex implementó Splunk SIEM y SOAR para automatizar la creación, remediación y cierre de incidentes. Esto permitió al personal concentrarse en tareas estratégicas y mejorar KPIs como tiempos de resolución y correos electrónicos anal
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)Splunk
Este documento resume el recorrido de ABANCA en su camino hacia la ciberseguridad con Splunk, desde la incorporación de perfiles dedicados en 2016 hasta convertirse en un centro de monitorización y respuesta con más de 1TB de ingesta diaria y 350 casos de uso alineados con MITRE ATT&CK. También describe errores cometidos y soluciones implementadas, como la normalización de fuentes y formación de operadores, y los pilares actuales como la automatización, visibilidad y alineación con MITRE ATT&CK. Por último, señala retos
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
BMW is defining the next level of mobility - digital interactions and technology are the backbone to continued success with its customers. Discover how an IT team is tackling the journey of business transformation at scale whilst maintaining (and showing the importance of) business and IT service availability. Learn how BMW introduced frameworks to connect business and IT, using real-time data to mitigate customer impact, as Michael and Mark share their experience in building operations for a resilient future.
The document is a presentation on cyber security trends and Splunk security products from Matthias Maier, Product Marketing Director for Security at Splunk. The presentation covers trends in security operations like the evolution of SOCs, new security roles, and data-centric security approaches. It also provides updates on Splunk's security portfolio including recognition as a leader in SIEM by Gartner and growth in the SIEM market. Maier highlights some breakout sessions from the conference on topics like asset defense, machine learning, and building detections.
Data foundations building success, at city scale – Imperial College LondonSplunk
Universities have more in common with modern cities than traditional places of learning. This mini city needs to empower its citizens to thrive and achieve their ambitions. Operationalising data is key to building critical services; from understanding complex IT estates for smarter decision-making to robust security and a more reliable, resilient student experience. Juan will share his experience in building data foundations for a resilient future whilst enabling digital transformation at Imperial College London.
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
Learn how Vodafone has provided end-to-end visibility across services by building an Operational Analytics Platform. In this session, you will hear how Stefan and his team manage legacy, on premise, hybrid and public cloud services, and how they are providing a platform for complex triage and debugging to tackle use cases across Vodafone’s extensive ecosystem.
.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own.
Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo.
So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including:
Top challenges faced in improving security posture
Key KPIs implemented in order to measure success
Strategies and approaches applied in the SOC
How MITRE ATT&CK and Splunk Enterprise Security were utilised
Next steps in their maturity journey ahead
This document summarizes a presentation about observability using Splunk. It includes an agenda introducing observability and why Splunk for observability. It discusses the need for modernization initiatives in companies and the thousands of changes required. It presents that Splunk provides end-to-end visibility across metrics, traces and logs to detect, troubleshoot and optimize systems. It shares a customer case study of Accenture using Splunk observability in their hybrid cloud environment. Finally, it concludes that observability with Splunk can drive results like reduced downtime and faster innovation.
This document contains slides from a Splunk presentation covering the following topics:
- Updated Splunk logo and information about meetings in Zurich and sales engineering leads
- Ideas for confused or concerned human figures in design concepts
- Three buckets of challenges around websites slowing, apps being down, and supply chain issues
- Accelerating mean time to detect, identify, respond and resolve through cyber resilience with Splunk
- Unifying security, IT and DevOps teams
- Splunk's technology vision focusing on customer experience, hybrid/edge, unleashing data lakes, and ubiquitous machine learning
- Gaining operational resilience through correlating infrastructure, security, application and user data with business outcomes
This document summarizes a presentation about Splunk's platform. It discusses Splunk's mission of helping customers create value faster with insights from their data. It provides statistics on Splunk's daily ingest and users. It highlights examples of how Splunk has helped customers in areas like internet messaging and convergent services. It also discusses upcoming challenges and new capabilities in Splunk like federated search, flexible indexing, ingest actions, improved data onboarding and management, and increased platform resilience and security.
The document appears to be a presentation from Splunk on security topics. It includes sections on cyber security resilience, the data-centric modern SOC, application monitoring at scale, threat modeling, security monitoring journeys, self-service Splunk infrastructure, the top 3 CISO priorities of risk based alerting, use case development, a security content repository, security PVP (posture, vision, and planning) and maturity assessment, and concludes with an overview of how Splunk can provide end-to-end visibility across an organization.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframePrecisely
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
2. CIO Obstacle: Escalating IT Complexity
SERVERS STORAGE NETWORKING
VIRTUALIZATION
INFRASTRUCTURE
APPLICATIONS
PACKAGED
APPLICATIONS
CUSTOM
APPLICATIONS
Identity
VPN
IP Phone
HR
Email
Finance
App Svr
DB
Web Svr SaaS/PaaS
IaaS
3. CIO Obstacle: Escalating IT Complexity
SERVERS STORAGE NETWORKING
VITUALIZATION
INFRASTRUCTURE
APPLICATIONS
PACKAGED
APPLICATIONS
CUSTOM
APPLICATIONS
Identity
VPN
IP Phone
HR
Email
Finance
App Svr
DB
Web Svr SaaS/PaaS
IaaS
Complex, silo-based
technologies
Disconnected and outdated point
solutions
Over 70% of time spent on
maintaining, not innovating
5. From Days to Minutes With Splunk
“First
Responder”
2012-12-05 07:04:44 Id=Rd910EAJ City=New York Email.jdoe@gmail.com
product_id=product_i BD-
66.57.19.112 ..[05/Dec/2012 07:05:22:152]”GET /card.do?action=addtocart
&itemid=K9
[1208/12 02:39:03:209 UTC] 000000c6 ConnectionEve A J2CA00561:
ConnectionExeception:[IBM][CLI Driver] SQL1224N
Report and
analyze
Custom
dashboards
Monitor
and alert
Ad hoc
search
2012-12-05 07:04:44 Id=Rd910EAJ
City=New York Email.jdoe@gmail.com
product_id=product_i BD-
66.57.19.112 ..[05/Dec/2012
07:05:22:152]”GET
/card.do?action=addtocart
&itemid=K9
[1208/12 02:39:03:209 UTC]
000000c6 ConnectionEve A
J2CA00561:
ConnectionExeception:[IBM][CLI
Driver] SQL1224N
Outage
Occurs
6. “Splunk reduced our
escalations by 90% and our
problem resolution time by
67%.
“Escalations reduced by 90% and MTTR dropped by 67%”
Splunk at Service Desk: Vodafone
Paulo Carvalho
Director Operations
Theoldway:DisparateITsilos impactCustomerService
• Manuallyintensive,error-proneprocessesresultinconstantescalationsandlongdelays
• Expensive,home-growntoolsforlogcollectionandanalysisdon’tprovidethecompletepicture
• Disconnectedsystemscreatetroubleinmeetingsecurityandcompliancemandates
Thenewway:Providecomprehensivevisibility andcontrol
✓ Asingle Tier 1support person can now perform iterative searches across alltheir IT data to
investigate, identify, and fixthe problem – escalations reduced by90percent
✓ Splunk consolidates logs from disparate systems into asingle view, providing visibility across end-
to-end service delivery from one place -time to problem resolution dropped by67%
✓ Role-based secure access to logs viaSplunk ensures SOX compliance
✓ Monitor IT data and find issues before they become visible to customers
7. Splunk : The Better Approach For IT
7
Customer
Facing Data
Outside the
Datacenter
Applications
Web logs
Log4J, JMS, JMX
.NET events
Code and scripts
Networking
Configurations
syslog
SNMP
netflow
Databases
Configurations
Audit/query
logs
Tables
Schemas
Virtualization
& Cloud
Hypervisor
Guest OS, Apps
Cloud
Linux/Unix
Configurations
syslog
File system
ps, iostat, top
Windows
Registry
Event logs
File system
sysinternals
Logfiles Configs Messages Traps
Alerts
Metrics Scripts TicketsChanges
Click-stream data
Shopping cart data
Online transaction data
Manufacturing,
logistics…
CDRs & IPDRs
Power consumption
RFID data
GPS data
Powerful, end-to-end, real-time platform for Machine Data
8. Splunk : The Better Approach For IT
8
Customer
Facing Data
Outside the
Datacenter
Applications
Web logs
Log4J, JMS, JMX
.NET events
Code and scripts
Networking
Configurations
syslog
SNMP
netflow
Databases
Configurations
Audit/query
logs
Tables
Schemas
Virtualization
& Cloud
Hypervisor
Guest OS, Apps
Cloud
Linux/Unix
Configuration
s
syslog
File system
ps, iostat, top
Windows
Registry
Event logs
File system
sysinternals
Logfiles Configs Messages Traps
Alerts
Metrics Scripts TicketsChanges
Click-stream data
Shopping cart data
Online transaction data
Manufacturing,
logistics…
CDRs & IPDRs
Power consumption
RFID data
GPS data
Powerful, end-to-end, real-time platform for Machine Data
Noupfrontschema
Nocustomconnectors
NoRDBMS
•Any amount, any location, any source.
12. Reduce Costs: Consolidate tools, eliminate silos, find root cause faster!
Exchange
Admin
Linux/Win
Admin
Network Admin
Applications
Admin
Line of
Business User
Application
Support
VMware/Linux/
Win Admin
Security
Admin
Storage Admin IT
Management
19. Current Challenges
19
Can’t access the data that matters
Multiple products lack deep integration
Complex and customized tools require
significant expertise and time
IT organizations continue to struggle with aligning operations with business
FRAGMENTED INSIGHTS
SLOW & REACTIVE
INEFFICIENT
& UNSCALABLE
20. Even More Challenges
20
Increased Business Expectations around – IT Agility, Availability, and Support
I am measured on service performance KPI’s focus on components
As services change, I need to quickly adapt
Previous attempts to model
service failed
I need to understand what is going on at
any point in time (including history)
Snapshots in time don’t help
with troubleshooting or
continuous improvement
21. Splunk IT Service Intelligence
21
Data Driven
• All IT Data - events, metrics, and logs
Service-awareness
• Provides actionable insights into high visibility services
• Personal contextual visualizations
• Mitigate problems before they impact customers.
Powerful Platform
• Fast correlation across services & KPIs
• Deploys Quickly
• Scalable, flexible and fast time-to-value
• Scalable Universal Platform (any point in time)
22. The Splunk IT SI Solution in a Nutshell
1. Splunk IT SI core concepts
• Services
• KPIs
• Health Scores
2. Solution capabilities and features
• Glass Tables & Deep Dives
• Service Analyzer
• Multi-KPI Alerts & Notable Events
22
24. What is a Service?
DNS
Requests
Responses
Technical Services
Customer
Transactions
Requests
Responses
Business Services
Auth
Requests
Responses
Web
Requests
Responses
Support Desk
Requests
Responses
25. What is a Service?
Packet Network
Hypervisor and Hosts
RBMDBs
Storage Tier
API Services
Web Services
CustomerTransactions
Mobile
API/Middleware
PartnerPortal
DNS
26. What is a KPI?
DNS
Requests
Responses
KPI: Number of requests
KPI: Error rate
KPI: Average response time
KPI: Servicer CPU load
KPI: Server network I/F errors
Customer
Transactions
Requests
Responses
KPI: Number of transactions
KPI: Error rate
KPI: Average response time
KPI: Count of Incident Tickets
KPI: Synthetic Transx Health
Welcome to SplunkLive [City].
Thank you for taking the time to attend today’s event.
Company Background:
Vodafone Group Plc is the world's leading mobile telecommunications company, providing a wide range of services including voice and data communications. Paulo Carvalho works in Vodafone's DSSL group supports Vodafone live! Which includes popular mobile video, news, music and other services. Paulo is the Services Network Manager at Vodafone Portugal and is responsible for all services on top of GSM Network, MMS, SMS, Voice Mail, Unified Messaging, streaming, Mobile Portal, VAS Services, Prepaid Services.
Other Notes:
Vodafone uses Splunk for application troubleshooting and management of services they offer over their 3G network. The environment is complex, with many services being offered, running on many platforms and servers - Solaris, Redhat Linux and introducing virtualized environments. They also have a huge Java and J2EE infrastructure and often need to search quickly for errors or exceptions occurring within the last sixty minutes.
Vodafone has been a successful user of Splunk realizing significant material benefits. They have also moved to a proactive phase with Splunk, using it to monitor IT data such as threshold levels for specific systems, and fixing issues before they become visible to their customers.
So how does Splunk help? We offer a powerful, end-to-end, real-time platform for Machine Data. Splunk can collect data from any source, giving our customers real-time visibility and intelligence into what’s happening across the IT infrastructure – whether it’s physical, virtual or in the cloud.
Splunk’s highly capable platform for machine data can handle any machine generated data from any location and any source – without the need to transform the data to fit a schema, without the need for custom connectors-because unlike most other tools on the market, Splunk does not have a database backend. Splunk’s proprietary map-reduce based high speed index and retrieval system allows management of very large quantities of data at scale with just commodity x86 servers.
Welcome to SplunkLive [City].
Thank you for taking the time to attend today’s event.
Remember we said before, that Splunk is a “platform” for machine data? Splunk has evolved over the years from an engine for any kind of machine data to a robust platform, complete with a REST API, 6 different SDKs and numerous “apps” that sit on top of Splunk and provide out of the box value from your data. These “apps” are available on Splunkbase and they accelerate getting g data into Splunk and getting pre-built visualizations for that data. Note that these apps are not like connectors because they don’t lock away the data in a silo or restrict its usage to particular sets of views – the data is in Splunk and can be used side by side with any other data in Splun k. You can move dashboards and key indicators across apps or customize them in any way you want. Apps make it faster to get value out of your data and several key apps provide new visibility into areas that were formerly “black box” in the infrastructure – such as the virtualization apps.
We also recently introduced the 2 new offerings – one to collect wire data, with the Splunk App for Stream (stemming from the acquisition of Cloudmeter) and MINT (Mobile Intelligence) that stems from our acquisition of Bugsense. The Splunk App for Stream enables the capture of real-time streaming wire data, which is the data transmitted between applications over the network. It enables visibility into application, business and user activity without the need for instrumentation, enhancing various operational use cases across IT, security and the business.
And Splunk MINT helps you gain visibility into mobile app performance and quality, so you can deliver better mobile apps
Splunk MINT helps you combine and correlate mobile app data with other data in Splunk so you can pinpoint problems faster and analyze user experience/behavior across mobile, desktop and web channels.
The main value from the apps is providing context for data from silos and making it available inside Splunk for correlation with other data from other silos.
In addition to prebuilt apps, customers can also build their own.
What have developers been building using Splunk Enterprise? Examples include the following:
Run searches and retrieve Splunk data from existing Customer Service/Call Center applications (Comcast use case)
Integrate Splunk data into existing BI tools and dashboard (Tableau, MS Excel)
Build mobile applications with KPI dashboards and alerts powered by Splunk (Otto Group use case)
Log directly to Splunk from remote devices (Bosch use cases)
Build customer-facing dashboards powered by user-specific data in Splunk (Socialize, Hurricane Labs use cases)
Programmatically extract data from Splunk for long-term data warehousing
We hope this is just the beginning. We hope to open up a whole new world of enterprise apps.
Welcome to SplunkLive [City].
Thank you for taking the time to attend today’s event.
That brings us to Splunk IT Service Intelligence – a packaged solution that enables real-time visibility into services driven by machine data.
Splunk ITSI speeds and simplifies service monitoring and analytics and enables IT to make better, smarter and informed business decisions.
This solution allows you to gain a deep understanding of your services. With Splunk ITSI, you have real-time views into the health of your services, and can use advanced analytics to find patterns, detect anomalies and trends to proactively monitor and address issues.
As a result you have improved service visibility, reduced resolution times, and a transformative approach to monitoring and analytics driven by machine-data.
Discovery and CMDB DO NOT WORK in service context
- They lack service awareness
- Too many assets are discovered
- Inability to easily categorize entities
- Can’t get the data that matters
o Do not have access to right data (inability to troubleshoot, no idea what to do when the light goes red - still go to another system/multiple systems of record)
- Cannot see metrics, events and log data together
- Aggregated and limited set of metrics gathered
o Multiple different products integrated that lack deep integration between the parts
- No continuous workflow
- complicates the product
1. Every IT manager provides individual metrics that show great KPI’s but those don’t always translate into 99% uptime for a service.
And KPI’s are typically associated with physical metrics of components. Are those the ONLY metrics you want to focus on for the health of your services? What about one’s from your applications, business processing, etc.?
2. Historically, if you attempted to model your services was it time consuming? What happens if you need to make a change?
3. Say users call and complain about a performance problem yesterday but most of your tools only tell you what is going on NOW. Wouldn’t it be nice to see trends and use historical data to develop a true baseline if there truly was a problem? Even use that historical data as indicators to catch problems before they happen, not after?
Splunk’s IT SI represents a new approach to service intelligence
Rather than bolting a mish-mash of products together, ITSI uses a data-driven approach (all data, across silos)
Provides insights into the highest-visibility services-- the ones which directly impact business and operations with –
personal, meaningful contextual visualizations.
Provides sophisticated alerting mechanisms and workflow, to catch and mitigate problems early, before they impact customers
Allows fast correlation across services & KPIs, to quickly determine root cause and reduce MTTR
Deploys in days & weeks, rather than weeks & months
It’s Scalable, flexible (schema on the fly) and continues to provide fast time-to-value
1.
2.
3. We’ll use a simulated failure scenario which a NOC might encounter
We’ll show how to isolate a particular problem, from a NOC operator's perspective
We’ll show how to significantly reduce MTTR and provide actionable alerts to avoid outages in the future
A services can literally be sources of data a customer wants to group together to monitor in a single healthscore or just wants to logically group together because they need to be managed by a specific team or needs to be reported in such a way. Services derive their value when KPIs are defined within them or dependencies are defined to other services. Therefore you could have a more abstractly defined service which only depends on other services to derive its own health. E.g. Partner portal is a conceptual service which depends on the API service which in turn has its own KPIs but depends on Web Services. Alternatively you could have Partner portal depend on each and every one in blue, or not even have all the ones in blue and have all the Kpis be inside Partner portal. Everything you see in the diagram above could be a service in ITSI.
A services can literally be sources of data a customer wants to group together to monitor in a single healthscore or just wants to logically group together because they need to be managed by a specific team or needs to be reported in such a way. Services derive their value when KPIs are defined within them or dependencies are defined to other services. Therefore you could have a more abstractly defined service which only depends on other services to derive its own health. E.g. Partner portal is a conceptual service which depends on the API service which in turn has its own KPIs but depends on Web Services. Alternatively you could have Partner portal depend on each and every one in blue, or not even have all the ones in blue and have all the Kpis be inside Partner portal. Everything you see in the diagram above could be a service in ITSI.
A services can literally be sources of data a customer wants to group together to monitor in a single healthscore or just wants to logically group together because they need to be managed by a specific team or needs to be reported in such a way. Services derive their value when KPIs are defined within them or dependencies are defined to other services. Therefore you could have a more abstractly defined service which only depends on other services to derive its own health. E.g. Partner portal is a conceptual service which depends on the API service which in turn has its own KPIs but depends on Web Services. Alternatively you could have Partner portal depend on each and every one in blue, or not even have all the ones in blue and have all the Kpis be inside Partner portal. Everything you see in the diagram above could be a service in ITSI.
A services can literally be sources of data a customer wants to group together to monitor in a single healthscore or just wants to logically group together because they need to be managed by a specific team or needs to be reported in such a way. Services derive their value when KPIs are defined within them or dependencies are defined to other services. Therefore you could have a more abstractly defined service which only depends on other services to derive its own health. E.g. Partner portal is a conceptual service which depends on the API service which in turn has its own KPIs but depends on Web Services. Alternatively you could have Partner portal depend on each and every one in blue, or not even have all the ones in blue and have all the Kpis be inside Partner portal. Everything you see in the diagram above could be a service in ITSI.