SplunkLive! Utrecht - Keynote - Rick Fitz
•Download as PPTX, PDF•
2 likes•758 views
This document contains an agenda for the SplunkLive! Utrecht conference. It includes: - A welcome message and introduction to using Splunk for security and IT operations. - Three customer use cases that will be presented on using Splunk for the CERT EU, NXP, and KPN. - Information on sponsors and speakers at the conference. - An overview of the Splunk platform and how it can be used for security, IT operations, business analytics, IoT, and more.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to SplunkLive! Utrecht - Keynote - Rick Fitz
Similar to SplunkLive! Utrecht - Keynote - Rick Fitz (20)
More from Splunk
More from Splunk (20)
Recently uploaded
Recently uploaded (20)
SplunkLive! Utrecht - Keynote - Rick Fitz
- 1. wificode=defabrique Password: defabrique #SplunkLive WELCOME TO SPLUNKLIVE! Utrecht LIVE AGENDA
- 2. LIVE AGENDA
- 3. MONZY MERZA HEAD OF SECURITY RESEARCH
- 4. 4 Thanks to Our Sponsors Giga Sponsors Mega Sponsors
- 5. 5 Thanks to Our Speakers
- 6. THIS MORNING’S AGENDA 09:30- 09:50 Welcome to SplunkLive! Utrecht 09:50- 10:20 Introduction to Splunk for Security 10:20- 10:40 Customer use case: CERT EU 10:40-11:00 Customer use case: NXP 11:00-11:20 Coffee Break & Sponsor Exhibition 11:20-11:50 Introduction to Splunk for IT Operations 11:50-12:10 Customer use case: KPN 12:10- 12:30 Customer use case: Exact Cloud Development
- 7. RICK FITZ SVP IT MARKETS, SPLUNK
- 8. Auto Banking Healthcare Government Web Music Retail Hotel Telecom Digital Transformation
- 9. 9 Did You Notice? Tom Goodwin – TechTarget, 2015 The world’s largest taxi company, owns no vehicles The world’s most popular media owner, creates no content The world’s valuable retailer, has no inventory The world’s largest accommodation provider, owns no real estate
- 10. Make machine data accessible, usable and valuable to everyone.
- 12. What Does Machine Data Look Like? Sources Order Processing Twitter Care IVR Middleware Error 12
- 13. Machine Data Contains Critical Insights Customer ID Order ID Customer’s Tweet Time Waiting On Hold Twitter ID Product ID Company’s Twitter ID Customer IDOrder ID Customer ID Sources Order Processing Twitter Care IVR Middleware Error 13
- 14. Machine Data Contains Critical Insights Order ID Customer’s Tweet Time Waiting On Hold Product ID Company’s Twitter ID Order ID Customer ID Twitter ID Customer ID Customer ID Sources Order Processing Twitter Care IVR Middleware Error 14
- 15. Disruptive Approach to Unstructured Data Structured RDBMS SQL Search Schema at Write Schema at Read Traditional Splunk ETL Universal Indexing 15 Volume Velocity Variety Unstructured
- 16. Security Operations IT Operations Business Operations With Splunk, Your Enterprise Data Platform SAME DATAOf the Asking Different QUESTIONS Different PEOPLE 16
- 17. Fully Integrated Enterprise Platform HA / DR Admin Data Security Apps SDKs/APIScale Collect Data Index Data Enrich Data Search & Explore Analyze & Predict Report & Visualize Alert & Action
- 18. Enterprise Machine Data Fabric Real-time Machine Data Relational databases Geolocation data External Data Enrich with Other Data Platform for Machine Data Enterprise Data lakes Accessible for low-cost storage and additional analytics Collect and Manage Data Streams Monitor, Alert, Analyze Visualize Apps APIs SDKs
- 19. Platform for Machine Data Application Delivery Security, Compliance and Fraud Business Analytics Internet of Things and Industrial Data IT Operations
- 20. Platform for Machine Data Application Delivery Security, Compliance and Fraud Business Analytics Internet of Things and Industrial Data IT Operations Security, Compliance and Fraud Business Analytics Internet of Things and Industrial Data
- 21. Splunk for IT Operations and App Delivery Platform for Machine Data Service Monitoring IT Operational Analytics Application Management DevOpsIT Troubleshooting
- 22. Platform for Machine Data Application Delivery IT Operations Security, Compliance and Fraud Business Analytics Internet of Things and Industrial Data Security, Compliance and FraudApplication Delivery IT Operations Business Analytics Internet of Things and Industrial Data
- 23. Splunk Security Intelligence Security and Compliance Reporting Monitor and Detect Known/ Unknown Threats Fraud Detection Insider Threat Incident Investigations and Forensics Security Analytics
- 24. Platform for Machine Data Splunk for Business Analytics Business Process Analytics Customer Experience Product Analytics Digital Marketing
- 25. 25 Platform for Machine Data Application Delivery IT Operations Security, Compliance and Fraud Business Analytics Internet of Things and Industrial Data Security, Compliance and FraudApplication Delivery IT Operations Business Analytics Internet of Things and Industrial Data
- 26. Platform for Machine Data Splunk for IoT Monitoring and Diagnostics Security, Safety & Compliance Preventative Maintenance Asset Lifecycle Management
- 27. How VenueNext Improve Customer Experience with Splunk
- 29. 29 Platform for Operational Intelligence The Splunk Portfolio 1000+ Apps and Add-Ons Splunk Premium Solutions Mainframe Data Relational Databases MobileForwarders Syslog/TCP IoT Devices Network Wire Data Hadoop
- 30. Dev.splunk.com65,000+ questions and answers Over 1000 Apps Local User Groups SplunkLive! Events Thriving Community http://www.splunk.com/community
- 31. 31 Why Splunk? FAST TIME-TO-VALUE CLOUD, ON-PREMISE & HYBRID DEPLOYMENT VISIBILITY ACROSS STACK, NOT JUST SILOS ONE PLATFORM, MULTIPLE USE CASES ANY DATA, ANY SOURCE, ASK ANY QUESTION
- 32. Free Cloud Trial Free Software Download Free Enterprise Security IT Service Intelligence Sandbox Easy to Try and Get Started 1 32
- 33. Copyright © 2016 Splunk Inc. THANK YOU
Editor's Notes
- Looking at this room, I see that all of us are experiencing the “connectedness” of our world – and how that connectedness has changed everything. Every industry, every business, everywhere is experiencing the effects of digitization and change. Our world is in the midst of massive change This technical renaissance or digital transformation has only just begun and it’s accelerating Software defined everything, Big data, Web scale, Containerization and microservices, Cloud, Mobile, Analytics, and the world of IoT Add to this, customer and end user expectations have never been higher
- Global economy and businesses are changing. Today it is the rise of the sharing economy and its companies. They don’t rely on making things. Each of these companies was able to leverage data, and the new connectedness of the world to create unfair advantage. What makes these businesses very different then their counterparts of 20 years ago, is that their primary delivery mechanisms are bidirectionally aware machines.
- That’s where we come in. Spunk’s mission is to make machine data accessible, usable, and valuable to everyone.
- We used to catch a taxi – now we have Uber, and Lyft, and InstantCab, and Car2Go; We used to find new music on the radio - now we have Shazam, Spotify, Audible, and Pandora; We used to have travel agents - now we have digital services like Expedia, eTravel and Homeaway We used to shop locally - now we have online retailers like Amazon and CJO and zulily, and shop online even with traditional stores like Nordstrom and Tesco; We used to go to Vegas – now even in Orlando, we can still gamble online with companies like Paddy Power and Amaya Gaming And all of this digital transformation is built on fundamentally new approaches to IT.
- Unlike traditional structured data or multi-dimensional data– for example data stored in a traditional relational database for batch reporting – machine data is non-standard, highly diverse, dynamic and high volume. You will notice that machine data events are also typically time-stamped – it is time-series data. Take the example of purchasing a product on your tablet or smartphone: the purchase transaction fails, you call the call center and then tweet about your experience. All these events are captured - as they occur - in the machine data generated by the different systems supporting these different interactions. Each of the underlying systems can generate millions of machine data events daily. Here we see small excerpts from just some of them.
- When we look more closely at the data we see that it contains valuable information – customer id, order id, time waiting on hold, twitter id … what was tweeted. What’s important is first of all the ability to actually see across all these disparate data sources, but then to correlate related events across disparate sources, to deliver meaningful insight.
- If you can correlate and visualize related events across these disparate sources, you can build a picture of activity, behavior and experience. And what if you can do all of this in real-time? You can respond more quickly to events that matter. For example, if an organizations captured the customers twitter ID in their customer profile this correlation would be possible. Where that didn’t exist, they could at least group by demographic with the tweets. You can extrapolate this example to a wide range of use cases – security and fraud, transaction monitoring and analysis, web analytics, IT operations and so on.
- Traditionally, machine data was generated and part of the data would be stored in a specific, pre-defined way. This creates limits in the questions that can be asked of the data. Splunk takes a disruptive approach by storing the data in it’s raw, original format, and creates a schema at the last possible moment; when the question is asked. Because of this, there are no limits to the questions that can be asked of the data. Speaking of no limits… No limits on where you can collect it from No limits on the formats of data And no limits on scale Some customers are indexing 100’s of TB per day, searching across thousands of types of data all in different formats.
- By giving different people the ability to ask different questions of the Same data, when they need to, we’re helping customers across all of our core use cases move from reactive to proactive.
- Splunk provides an open, fully integrated platform. That means you can collect, index, analyze, report and predict on machine-generated data from a single product. It’s enterprise-ready with high availability and disaster recovery features, role-based access control and scales to index hundreds of terabytes per day. It’s an open platform with over 500 Splunk Apps available and allows for custom development.
- and this is what is enabling splunk to become the enterprise machine data fabric -we collect and feed into our platform for real-time ingestion (enriching, alerting, monitoring, analytics, visualizations, etc) -open platform including ability to build apps, access the data in splunk via API’s, etc. -you can store the data long-term in Splunk and/or -as an enterprise data fabric, you can also choose to export the data for additional custom analytics or long-term archiving in a “data lake” and still access the data via Splunk
- We continue to invest to make Splunk the leading platform for machine data. We’re continuing to invest in both Splunk Enterprise as software, as well as our SaaS offering, Splunk Cloud. Splunk uniquely supports organizations that are running operations on premises, in the cloud or in a hybrid environment. We’re also investing heavily in solutions that make it easy for you to meet your goals across IT Operations, App delivery, Security, Fraud, Compliance; business analytics and industrial data.
- Most of our customers are using Splunk to solve issues related to IT Operation sand Application Delivery.
- - Splunk is used to quickly troubleshoot IT issues and outages, monitor end-to-end services and detect anomalies by thousands of organizations around the world. - With Splunk, you can reduce mean-time-to-resolution (MTTR), lower monitoring costs, improve system uptime and support strategic initiatives like DevOps and Continuous Delivery practices, because IT teams have visibility across their entire stack and developers can see real-time production data without having access to production systems
- We're focusing on security.
- I want to draw your attention to 3 key areas that you said, are top of mind for you! You said… You want Splunk to do more to: Enable Rapid Investigation and Incident Response You’ve asked us to develop new analytics for emerging challenges like user behavior analysis And you want us to help you address Insider Threats
- Organizations are increasingly using Splunk to provide valuable insights beyond IT and security. We’re making it easy to leverage your machine data with other structured data whether you're focused on business process analytics, customer experience or other areas
- We're focusing on security.
- Customers are using Splunk solutions to collect and correlate data from control systems, sensors, mobile devices and IT systems for a variety of Industrial Data and IoT use cases. These use cases include operational efficiency, predictive maintenance, industrial cybersecurity and asset analytics.
- AdvancedMD Customer Video
- Data from any source Available to visualize, analyze report Specialized content to deliver on specific use cases The Splunk platform consists of multiple products and deployment models to fit your needs. Splunk Enterprise – for on-premise deployment Splunk Cloud – Fully managed service with 100% SLA and all the capabilities of Splunk Enterprise…in the Cloud Splunk Light – allows smaller IT organizations to get started with Splunk – on premise or in the cloud Hunk – for analytics on data in Hadoop Apps and add-pns from Splunk and our community extend and simplify deployments by providing pre-packaged content designed for specific use cases and data types. And premium solutions from Splunk apply real-time intelligence and rich, domain-specific functions to manage your security posture, IT operations and more.
- Splunk has an active community: There is an emerging ecosystem of new companies building apps on top of Splunk. They are taking advantage of open APIs and new platform capabilities to create an entirely new generation of applications. Splunk Answers is the go-to place for your questions – and answers. Our technical support is consistently rated as industry leading and Splunk Answers has answers to thousands of questions. You can participate in meet-ups and User Groups, contribute to our forums, or attend local SplunkLive events (like this one) to hear from you peers.
- Fast Time-To-Value – Splunk can be downloaded and installed in minutes. If that’s not fast enough you can get a cloud instance in seconds. Any Data – Splunk can ingest data from any machine data source. It’s not application, vendor, or hardware specific. Ask any question – It’s impossible to know all the questions you will ask of your data. Often answering one question leads to another. The schema-on-the-fly approach allows you to ask any question of your data. Visibility across stack – Because you can ingest this data from any source you can quickly gain visibility across all of them. One Platform – This is more than log aggregation and search software. Let me show you. Choose Splunk as a SaaS offering, on-premise or hybrid. You get one universal view of your data.
- The best part is that Splunk is really easy to try and deploy. We have multiple options for getting started: - Try out Splunk Enterprise, Splunk Cloud, or light with our free downloads or online trials. - Or try our free software download. The free Splunk Enterprise download is the same product that scales to ingest petabytes of data per day. - Already running with Amazon Cloud deployments? AMIs for Splunk Enterprise and Hunk make it easy to get up and running.