This document discusses using Splunk to gain insights into end user experience and the factors that influence experience. Splunk provides a platform approach to monitor applications across the full technology stack from networks to databases. It can ingest data from various sources, including APM tools, and provide visibility into both instrumented and non-instrumented applications and environments. Splunk also offers predictive analytics capabilities and allows various stakeholders like operations and business teams to access and analyze data. The document demonstrates how Splunk can help organizations improve user experience, application performance, and collaboration between teams.
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service IntelligenceSplunk
Presented at Splunk Discovery Warsaw 2018:
What's Service Intelligence and Why You Should Care
Introduction to Splunk IT Service Intelligence
IT Service Intelligence Key Concepts
Demo
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...Splunk
Presented at SplunkLive! Munich 2018:
- What data do we need?
- We need Machine Learning
- Real Use Case Example
- Let's Drive Into How it Works
- Next Steps
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...Splunk
Presented at SplunkLive! Paris 2018:
- Challenges with Security Operations Today
- Overview of Splunk Adaptive Response Initiative
- Technology behind the Adaptive Response Framework
- Demonstrations
- How to build your own AR Action
- Resources
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service IntelligenceSplunk
Presented at Splunk Discovery Warsaw 2018:
What's Service Intelligence and Why You Should Care
Introduction to Splunk IT Service Intelligence
IT Service Intelligence Key Concepts
Demo
SplunkLive! Munich 2018: Predictive, Proactive, and Collaborative ML with IT ...Splunk
Presented at SplunkLive! Munich 2018:
- What data do we need?
- We need Machine Learning
- Real Use Case Example
- Let's Drive Into How it Works
- Next Steps
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...Splunk
Presented at SplunkLive! Paris 2018:
- Challenges with Security Operations Today
- Overview of Splunk Adaptive Response Initiative
- Technology behind the Adaptive Response Framework
- Demonstrations
- How to build your own AR Action
- Resources
SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AISplunk
Presented at SpluknLive! Frankfurt 2018:
Why AI & Machine Learning?
What is Machine Learning?
Splunk's Machine Learning Tour
Use Cases & Customer Stories
Wrap Up
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AISplunk
Presented at SplunkLive! Munich 2018:
- Why AI & Machine Learning?
- What is Machine Learning?
- Splunk's Machine Learning Tour
- Use Cases & Customer Stories
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...Splunk
Presented at SplunkLive! Frankfurt 2018:
Introduction
SIEM Migration Methodology
Use Cases
Datasources & Data Onboarding
ES Architecture
Third-Party Integrations
You Got This!
Splunk for Enterprise Security featuring User Behavior Analytics Splunk
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
SplunkLive! London 2017 - Happy Apps, Happy UsersSplunk
No matter what business you’re in, your web applications are front-and-center for your customers. Downtime, or even bad performance not only creates a spike in costs, they often translate into loss of customers and revenue. You need immediate insight into the availability, performance and usage of your applications and the infrastructure your applications run on. In this session, you will learn why you need to take a platform approach to full stack application management, whether your applications reside on-premises or in the cloud. Second, we will show you how you can use Splunk to monitor the usage and performance of your applications, and quickly troubleshoot faults by stepping through some of the most common issues our customers experience. Third, we’ll contrast what Splunk does relative to other APM tools you may already have deployed, and even show you how you can bring APM data into Splunk to gain more insight into application performance.
SplunkLive! Frankfurt 2018 - Get More From Your Machine Data with Splunk AISplunk
Presented at SpluknLive! Frankfurt 2018:
Why AI & Machine Learning?
What is Machine Learning?
Splunk's Machine Learning Tour
Use Cases & Customer Stories
Wrap Up
SplunkLive! Munich 2018: Get More From Your Machine Data Splunk & AISplunk
Presented at SplunkLive! Munich 2018:
- Why AI & Machine Learning?
- What is Machine Learning?
- Splunk's Machine Learning Tour
- Use Cases & Customer Stories
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...Splunk
Presented at SplunkLive! Frankfurt 2018:
Introduction
SIEM Migration Methodology
Use Cases
Datasources & Data Onboarding
ES Architecture
Third-Party Integrations
You Got This!
Splunk for Enterprise Security featuring User Behavior Analytics Splunk
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
SplunkLive! London 2017 - Happy Apps, Happy UsersSplunk
No matter what business you’re in, your web applications are front-and-center for your customers. Downtime, or even bad performance not only creates a spike in costs, they often translate into loss of customers and revenue. You need immediate insight into the availability, performance and usage of your applications and the infrastructure your applications run on. In this session, you will learn why you need to take a platform approach to full stack application management, whether your applications reside on-premises or in the cloud. Second, we will show you how you can use Splunk to monitor the usage and performance of your applications, and quickly troubleshoot faults by stepping through some of the most common issues our customers experience. Third, we’ll contrast what Splunk does relative to other APM tools you may already have deployed, and even show you how you can bring APM data into Splunk to gain more insight into application performance.
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...Splunk
With the acceleration of customer and business demands, site reliability engineers and IT Ops analysts now require operational visibility into their entire architecture, something that traditional APM tools, dev logging tools, and SRE tools aren’t equipped to provide. Observability enables you to inspect and understand your IT stack on premises and in the cloud(s); It’s no longer about whether your system works (monitoring), but being able to task why it is not working? (Observability). This presentation will outline key steps to take to move from monitoring to observability.
Monitoring End User Experiences with New Relic & SplunkAbner Germanow
When your digital experience is your brand experience, understanding what your customers go through is critical. Troubleshooting and optimizing their experiences requires visibility into metrics, traces and logs. In this session, we'll demonstrate how to use the combined power of New Relic's real-user monitoring and application performance monitoring with Splunk to keep teams focused on identifying issues before customers tweet, fixing problems fast and knowing what to tackle next.
Splunk MINT for Mobile Intelligence and Splunk App for Stream for Enhanced Op...Splunk
Learn what is new in Splunk App for Stream and how it can help you utilize wire/network data analytics to proactively resolve applications and IT operational issues and to efficiently analyze security threats in real-time, across your cloud and on-premises infrastructures. Additionally, you will learn about Splunk MINT, which allows you to gain operational intelligence on the availability, performance, and usage of your mobile apps. You’ll learn how to instrument your mobile apps for operational insight, and how you can build the dashboards, alerts, and searches you need to gain real-time insight on your mobile apps.
What’s New: Splunk App for Stream and Splunk MINTSplunk
Join us to learn what is new in Splunk App for Stream and how it can help you utilize wire/network data analytics to proactively resolve applications and IT operational issues and to efficiently analyze security threats in real-time, across your cloud and on-premises infrastructures. Additionally, you will learn about Splunk MINT, which allows you to gain operational intelligence on the availability, performance, and usage of your mobile apps. You’ll learn how to instrument your mobile apps for operational insight, and how you can build the dashboards, alerts, and searches you need to gain real-time insight on your mobile apps.
SplunkLive! London 2017 - DevOps Powered by SplunkSplunk
DevOps is powering the computing environments of tomorrow. When properly configured, the Splunk platform allows us to gain real-time visibility into the velocity, quality, and business impact of DevOps-driven application delivery across all roles, departments, process, and systems. Splunk can be used by DevOps practitioners to provide continuous integration/deployment and the real-time feedback to help the organisation with their operational intelligence. Join us for an exciting talk about Splunk’s current approach to DevOps, and for examples of how Splunk is being used by customers today to transform DevOps initiatives.
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk
Splunk's Naman Joshi and Jon Harris presented the Splunk Data Onboarding overview at SplunkLive! Sydney. This presentation covers:
1. Splunk Data Collection Architecture 2. Apps and Technology Add-ons
3. Demos / Examples
4. Best Practices
5. Resources and Q&A
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Splunk is a powerful platform for understanding your data. This session will provide an overview of machine learning capabilities available across Splunk’s portfolio. We'll dive deeply into Splunk's Machine Learning Toolkit App, which extends Splunk Enterprise with a rich suite of advanced analytics, machine learning algorithms, and rich visualizations. It also provides customers with a guided model-building and operationalization environment. The demonstration will include the guided model-building UI for tasks such as predictive analytics, outlier detection, event clustering, and anomaly detection. We’ll also review typical use cases and real-world customers who are using the Toolkit to drive business results.
Presented at SplunkLive! Paris 2018: Get More From Your Machine Data With Splunk AI
- Why AI & Machine Learning?
- What is Machine Learning?
- Splunk's Machine Learning Tour
- Use Cases & Customer Stories
Bengaluru Splunk User Group kick off.
Introduction to User Group Leaders,
Session 1 on Splunk Remote Work Insights
Session 2 on Splunk Dashboard Journey
SplunkLive! London 2017 - Splunk Enterprise for IT TroubleshootingSplunk
If you’re just getting started with Splunk, this session will help you understand how to use Splunk software to turn your silos of data into insights that are actionable. In this session, we’ll dive right into a Splunk environment and show you how to use the simple Splunk search interface to quickly find the needle-in-the-haystack or multiple needles in multiple haystacks. We’ll demonstrate how to perform rapid ad hoc searches to conduct routine investigations across your entire IT infrastructure in one place, whether physical, virtual or in the cloud. We’ll show you how to then convert these searches into real-time alerts and dashboards, so you can proactively monitor for problems before they impact your end user. We’ll also demonstrate how you can use Splunk to connect the dots across heterogeneous systems in your environment for cross-tier, cross-silo visibility. Don’t forget to bring your laptop and install Spunk Enterprise before you join us.
Introducing the E.P.I.C. APM: Stimulate User-Loyalty and DifferentiationCA Technologies
In a time when businesses are literally being re-coded by software, applications have now become the face of your business. In the age of rapid adoption and rapid rejection, you have mere seconds to impress your app users. This is the reality of the App Economy.
Despite the enormous complexity of today’s application delivery chain, your end-users expect a flawless app experience, regardless of how, when or where they access your app. This means app issues aren’t IT issues, they’re customer satisfaction and retention issues.
With the APM 9.7 release, CA introduces its E.P.I.C. APM strategy, a solution that creates a competitive advantage in the App Economy by proactively managing the user experience. E.P.I.C. APM delivers a solution that is Easy, Proactive, Intelligent and Collaborative (E.P.I.C.) across the application lifecycle. CA APM 9.7 is the first proof point in our E.P.I.C. APM Strategy, starting an E.P.I.C. trend that will build with each new release.
Anand Akela, Head of Product Marketing for CA APM at CA Technologies and Mike Sydor, Engineering Services Architect used these slides in a recent webinar to introduce E.P.I.C APM and provide an overview of CA APM 9.7 as a proof point of this strategy.
Learn more about APM: http://bit.ly/1Be3e4S
Similar to SplunkLive! Zurich 2018: Monitoring the End User Experience with Splunk (20)
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
.conf Go 2023 presentation:
"Das passende Rezept für die digitale (Security) Revolution zur Telematik Infrastruktur 2.0 im Gesundheitswesen?"
Speaker: Stefan Stein -
Teamleiter CERT | gematik GmbH M.Eng. IT-Sicherheit & Forensik,
doctorate student at TH Brandenburg & Universität Dresden
.conf Go 2023 presentation:
De NOC a CSIRT
Speakers:
Daniel Reina - Country Head of Security Cellnex (España) & Global SOC Manager Cellnex
Samuel Noval - Global CSIRT Team Leader, Cellnex
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
BMW is defining the next level of mobility - digital interactions and technology are the backbone to continued success with its customers. Discover how an IT team is tackling the journey of business transformation at scale whilst maintaining (and showing the importance of) business and IT service availability. Learn how BMW introduced frameworks to connect business and IT, using real-time data to mitigate customer impact, as Michael and Mark share their experience in building operations for a resilient future.
Data foundations building success, at city scale – Imperial College LondonSplunk
Universities have more in common with modern cities than traditional places of learning. This mini city needs to empower its citizens to thrive and achieve their ambitions. Operationalising data is key to building critical services; from understanding complex IT estates for smarter decision-making to robust security and a more reliable, resilient student experience. Juan will share his experience in building data foundations for a resilient future whilst enabling digital transformation at Imperial College London.
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
Learn how Vodafone has provided end-to-end visibility across services by building an Operational Analytics Platform. In this session, you will hear how Stefan and his team manage legacy, on premise, hybrid and public cloud services, and how they are providing a platform for complex triage and debugging to tackle use cases across Vodafone’s extensive ecosystem.
.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own.
Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo.
So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including:
Top challenges faced in improving security posture
Key KPIs implemented in order to measure success
Strategies and approaches applied in the SOC
How MITRE ATT&CK and Splunk Enterprise Security were utilised
Next steps in their maturity journey ahead
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
SplunkLive! Zurich 2018: Monitoring the End User Experience with Splunk
1. Monitoring the End User
Experience with Splunk
Gain insight on both the experience, and the
“why” behind the experience
Dirk Nitschke | Senior Sales Engineer
8th May 2018 | Zurich
4. Complexity – Difficult Issues for Everyone
▶ Is the problem with the app, the network or the backend system?
▶ Why are my specialists all saying “it works” but the application is down?
▶ How does performance compare mobile vs. web vs. desktop?APP MANAGERS/
OPERATIONS
▶ How can I deliver new releases faster?
▶ How can I see how my applications are working in production?
▶ How can other developer, test and monitoring tools improve my coding?DEVELOPERS
▶ How do I ensure new releases don’t break critical apps?
▶ How can I do “full stack” monitoring easily?
▶ What changes will optimize application and infrastructure performance?DEVOPS, SRE
PERF MANAGER
▶ How are customers using my app? How is it impacting my business?
▶ Which features should I prioritize for future versions?
▶ Are my customers impacted by outages and performance issues?LINE OF BUSINESS
5. Infrastructure and Application Silos
Web Servers
Legacy
Systems
End Users Network/
Load Balancing
Messaging
Databases
Java, .NET, PHG, etc.
App Servers
Security
Virtualization,
Containers,
Servers, Storage
6. What Is Needed?
Web Servers
Legacy
Systems
End Users Network/
Load Balancing
Messaging
Databases
Java,.NET, PHG, etc.
App Servers
Security
Virtualization,
Containers,
Servers, Storage
KPIs, SLOs, service visualization, notable events affecting SLAs
Mobile intelligence, wire data, deep integration w/ AWS
Correlation with business data to enable context
Platform: Universal indexing + analytics of data across silos
7. ▶ Ingest data once – single source of truth
across teams
▶ Analyze machine data across entire stack
▶ Integrate data from other management tools
▶ Connect machine data to business services
▶ Identify root cause of problems quickly
▶ Apply best practices in analytics to predict
changes in reliability and service usage
Reliability Requires a Platform Approach
OTHER TEAMS
PRODUCT
MANAGERS/
BUSINESS OWNERS
DEVOPS, SRE
PERF MANAGER
APP MANAGERS/
OPERATIONS
DEVELOPERS
8. A Platform Approach for Application Performance Analytics
Network
InfrastructureLayer
Packet, Payload, Traffic,
Utilization, Perf
Storage
Utilization, Capacity,
Performance
Server
Performance, Usage,
Dependency
ApplicationLayer
User Experience
Usage, Response Time,
Failed Interactions
Byte Code Instrumentation
Usage, Experience,
Performance, Quality
Business Performance
Corporate Data, Intake,
Output, Throughput
Splunk Approach:
▶ Single repository for ALL data
▶ Data in original raw format
▶ Machine learning
▶ Simplified architecture
▶ Fewer resources to manage
▶ Collaborative approach
MACHINE
DATA
9. Apps for Application Monitoring
*ni
x
Splunk Stream,
Real User Monitoring
300+ IT Ops and App
Delivery Apps
and Add-Ons
Splunk for Mobile
Intelligence
Splunk Apps
for Amazon Web
Services and
Microsoft Exchange
10. ▶ Gain real-time insight into application
performance and customer
experience
▶ Attain visibility into cloud services
▶ Deliver immediate insights from
streaming network
▶ Network-based packet capture does
not require DBA or other admin tools
and doesn’t affect performance
Gaining Transaction Insight From Your Network
Splunk Stream
11. HTTP Event Collector – Agentless Fast Insight
▶ Immediate visibility to mobile app crashes
▶ Insight into mobile app use – MAU/DAU, device usage, network insight
▶ Transaction performance insight
curl -k https://<host>:8088/services/collector -H 'Authorization: Splunk <token>' -d
'{"event":"Hello Event Collector"}'
Applications IoT Devices
Agentless, direct data onboarding via a standard API
Scales to Millions of Events/Second
12. ▶ Immediate visibility to mobile app crashes
▶ Insight into mobile app use – MAU/DAU,
device usage, network insight
▶ Transaction performance insights
▶ Correlate mobile with other data types for
complete insight
Gaining Insight on Your Mobile Apps
13. Splunk IT Service Intelligence
Data-driven service monitoring and analytics
Splunk IT Service Intelligence
Time-Series Index
Platform for Operational Intelligence
Dynamic
Service Models
Schema-on-Read Data Model
Common
Information Model
At-a-Glance
Problem Analysis
Early Warning
on Deviations
Event Analytics
Simplified Incident
Workflows
14. Splunk: Application Performance Analytics
End Users
Networking/
Load-balancing Web Servers App Servers
Legacy
Systems
Messaging
Databases
Security
Virtualization,
Containers,
Servers, Storage
Java, .NET, PHP, etc.
Manage to KPIs, SLOs – isolate root case and service impact
Analytics for hybrid and cloud environments + microservices stacks
Full stack monitoring that integrates your APM tool’s data
Platform approach that spans technology and team silos
16. Traditional APM tools excel at… … but have critical limitations
▶ End user response time
(and alerting when performance is slow)
▶ Byte code instrumentation
(detecting what code causes bottlenecks)
▶ App server metrics
▶ Application mapping and transaction profiling
▶ Deploying quickly for base-level use cases
▶ “Full stack” monitoring
(including networks, load balancers, etc.)
▶ Finding the root cause
(that’s usually found in logs)
▶ Reactive (not predictive)
▶ Usually don’t store raw data indefinitely
▶ Advanced analytics
(prediction, anomalies, ML, etc.)
▶ Data access for multiple stakeholders
(LOBs, security, etc.)
APM Tools – Valuable, But Not Enough
17. ▶ Some, but not all of your apps are instrumented
▶ Other “off-the-shelf” apps can’t be instrumented with
traditional APM
▶ Non-instrumented parts of your stack can’t be “seen”
Covering APM “Blind Spots”
Without Splunk
Physical Server (Dell, HP, CISCO blades or servers)
Guest OS (Windows/Linux/*Nix)
Database (Oracle, SQL Server, MySQL)
Hypervisor (ESX, HyperV, Citrix)
Applications, business/mission services
App Server (WebLogic, Jboss EAP, WebSphere)
Web Server (Apache, TomCat)
SAN/NAS Storage (EMC, AppNet)
Network
AWS
Firewalls
Database (Oracle, SQL Server, MySQL)
SAN/NAS Storage (EMC, AppNet)
Network
Load Balancers
Legacy Environments (AS400, Mainframe, ESBs, others)
Akamai
Packaged Apps (SAP, PeopleSoft, etc)
Log Analysis (System, Application, Security, etc)
APMInstrumented-
ApplicationA
APMInstrumented-
ApplicationB
ApplicationD
(notAPMInstrumented)
ApplicationC
(notAPMInstrumented)
▶ End-to-end, holistic visibility to the complete service
▶ Insight across ALL data sources and applications
▶ PREDICTIVE analysis, before issues occur
With Splunk
18. ▶ Pull data from APM tools and provide
events to APM tools
▶ Gain insight into EUM, application
requests, app errors and correlate
with logs all in one platform
▶ Reduce the “clicks” between spotting
problems and finding root cause
▶ Forecast, predict and detect
anomalies in APM data
▶ Integrate triage with non-application
layers of the stack
APM as a Data Source for Splunk
19. APM Tools
▶ Splunk Add-on and App for New Relic
▶ Splunk Add-on and App for AppDynamics
▶ Dynatrace App (provided by Dynatrace)
Other Notable APM Apps
▶ Web Performance (based on boomerang.js)
▶ Splunk Mobile Intelligence (Splunk MINT)
▶ Splunk Stream
splunkbase.splunk.com
Splunk Apps for APM
25. ▶ Splunk Usergroup Zürich
▶ Regular Splunk User get-togethers
▶ Frequent Splunk Ninja Presentations (D/E)
▶ Meetings throughout all major german
speaking cities (not only Zurich)
▶ Amtssprache deutsch
▶ Not a sales thing
▶ Kick-off soon
▶ Join now:
▶ https://usergroups.splunk.com/group/splunk-
user-group-zurich.html
Splunk Usergroup Zurich
http://bit.do/SPLUGZ
Editor's Notes
Hi, my name is Dirk Nitschke and I‘m working for Splunk as a Sales Engineer primarily covering Germany.
This presentation is called „Monitorin the end user experience with Splunk“.
It‘s not only about getting insights into user experience but also about identifying the root cause which means to find out why a user is experiencing, say, a long application response time. Based on these insights you will typically try to enhance the user experience and probably try to adress issues proactively before end users are impacted by service degregation.
Why do you want to do this? Well, for many digital services we are using today, there are multiple providers. And I‘ll use the provider who‘s service is the easiest to use for me.
OK, what do we need to do this? Obviously, we need data about the user‘s experience. And if we ask ourselves, why the user experience is as good or bad as it is currently, we also need data about the application itself.
But what kind of information and insights do we expect to get from this data?
As always, it depends on your point of view. On this slide we have listed 4 different personas that may be interested in application performance:
As application manager who is respnsible for running an application it is important to ensure the appliaction works as expected. And if this is not the case, I want to quickly identify that there is a problem, who is impacted, identify the root cause and quickly frind and implement a solution such that normal operations is restored.
As an application developer I want finish a new version of my application quickly, identify errors quickly, make sure that test and build cycles run smoothly. In addition, I might be interested whether my current version behaves the same way in production as in my typically limited test environment. You don‘t test new software version in prioduction, do you?
As site reliability engineer I have to look at the entire technology stack. My decisions have to take into account theimpact a new version of an application may have on the entire production environment. Which code changes result in performance and user experience enhancements? Therefore, I need a view on the individual application but also dependent applications, endpoints used by end users, the infrastructure – including hardware but also all th elittle helpers like DNS. What happens, when DNS is slow or even down?
As business owner I want to know how many users are using my service (not a single application but an entire service!). How are they using my service? Are there functions users don‘t use at all? What is the financial impact of high response times or even a downtime of the service to my business?
Complexity of IT environments has always been a challenge. Current developments like containerization micro-services, the use of on-premise and cloud-based services don‘t simplify IT environments. You r IT environemnt will only look as simple as the one shown on this slide when you take a look from crusing altitude at 30.000 feet.
Bottom line is that everyone who is using an application or service today, will interact with components from all these areas directly or indirectly.
Operating and monitoring of these areas is typically organized in silos. Each silo using their specific set of tools resulting in multiple challenges when it comes to root cause analysis of problems. Namely, echange of information between different teams, a missing common view on the entire environment –including conponents located in the cloud.
So what do we need and what are we looking for?
First of all a platform that allows to process and analyzes any kind of machin data – across all silos.
Based on this machine data we evaluate the health status of entire services and report deviations from the target state and outliers. Direct access to machine data allows to find the root cause of problems.
The solution allows to integrate data from on-premise, cloud-based system, and also mobile devices.
Additionally, we can correlate business data and machine data coming from IT systems. E.g. add product prices stored in a database to web server data of you rweb shop to see revenue made in the last hour – or to see how many filled carts have not been checked out telling you how much revenue you did not make in the last hour.
A platform approach has multiple advantages:
* Data is only read and ingested once instead of storing the same data in multiple systems. This gives you a single source of truth for all teams.
* Data can be analyzed across the netire technology stack. Exitsing tools can be integrated.
* A centralized view usually allows to analyze the root cause of problems much quicker than based on a set of different tool that don‘t interact.
If we apply all this to application performance analytics, this means: in the application layer we need data about the user experience. How do users use an application or service, which response time do they experience, which interactions are successful, which fail.
Information that can be gathered through means like byte code instrumentation provide insights into use and runtime of individual methods and functions.
In the infrastructure layer we talk about data from servers, storage system and network components.
Data is stored centrally in Splunk. Splunk keeps data in it‘s original format and keeps it as long as you like to. Data can be used and analyzed for different use cases, by different teamys Different user get their individual view to the common set of data.
These views can show you simple statistics like the number of users on your web store in the last hour. But you can also do much more sophisticated things like prediting the number of users of your web site based on historical data. Or you classify your users based on their buying behaviour.
Over all, this leads to a consolidation of tools used and a simplification of the architecture.
Which tools do I need to perform application monitoring with Splunk?
We want to monitor the entire technology stack, not only individual applications but also components your apps or service depends on. Usually databases, middleware, infrastructure components like operating systems , virtualization, network, storage – and probably some cloud services you are using.
For many of these there are ready to use extensions, so-called apps and add-ons that help collecting data and also analyzing it by, e.g., providing useful searches, dashboards, and alerts.
On the left hand side we have, for example, the Splunk Add-on for Amazon Web Services and the corresponding app, that collect and visualize data from AWS.
On the right hand side we see some example extensions for Vmware, databases, windows and Unix operating systems, the usual web and application server. And yes, we can also use data from specialized APM tools in Splunk.
If you have access to the source code of an application, Splunk HTTP Event Collector may be helpful and for mobile apps we provide Splunk MINT – Splunk for mobile intelligence.
Sometime it is not possible to install software like the Splunk Universal Forwarder om a system or get data remotely. Not all applications can or should be instrumenatilized or you prefer to collect data passively. In this case Splunk Stream can be of interest.
Who already knows Splunk Stream?
Splunk stream allows to collect and use the content of network packets. Network traffic is surely the ultimate source if you want to analyze how components communicate with each pther. And sometimes it is the only source we have, e.g., if it is not possible to install Splunk Universal forwarder on a system.
Network data comtains a lot of information. If we take a look at HTTP connections, we can get valuable information for operations, e.g. performance metrics like round trip time, response times.
As a developer of a web application, it is of interest which pages people look at, in which sequence.
And as business owner of a webshop I‘m interested in the good sold or not sold, filled carts, number of users etc.
Splunk HTTP Event collector allows to collect data easily via HTTP or HTTPS without installing an additional agent. Developers can easily add it to their applications. The variant is not only simple to use but also effective, secure and scales very well.
Let‘s assume we sell a mobile app. In this case, we are interested in the user‘s experience. We are interested in things like the app‘s performance, network latency, how do users naviagte through the app, how do crash reports look like. Are problems related to the app version, the kind of mobile device being used, the firmware or the carrier?
Splunk MINT provides an SDK for Android and iOS which makes it easy to send valuable machine data from mobile apps to Splunk.
OK, now we have all data in Splunk. What‘s next?
As said before, applications don‘t live on their own. They are part of a business services and it makes sense to monitor these services end-to-end across the entire technology stack.
Splunk IT Service Intelligence as an extention of Splunk provides exactly these options. We create a service model with all components of the sercvices, their dependancies and key performance indicators that allow to calculate a health score or the quality of a service.
Based on threshold, we can be notified. Adaptive threshold, outlier detection and event grouping based on services that allow to prioritize notable events add additional value.
Splunk as the basis still alows to access raw events for root cause analysis within the same tool.
Let‘s summarize: Splunk is aplatform that allows to collect and analyze all kinds of machine data across different teams.
Key performance indicators, service level targets including dependancies and their impact on services and be modeled. You still have access to all your raw event data for root cause analysis of problems showing up.
Data can be gathered on premise or from cloud environments giving you insights into hybrid environments.
Central data store allows to take a view across the entire technology stack, including data collected by APM or other existing tools.
APM tools are very good in things like byte code instrumentalization, application mapping, or meauring end user response times.
On theother hand, they do not cover the entire technology stack. But this coverage is important, because something like 40% of all outages are caused by errors in your application, another 40% are caused by problems in your infratstructure and the remaining 20% are caused by, say, power outages, ddos attacks or outages of important services like DNS.
Not every application can or should be instrumenatlized and these can be considered a blind spot on your map.
Splunk helps to remove blind spots and provide an end-to-end view across the netire technology stack – acentral view to all your data sources.
We can use this data to evaluate the health score of a service or help with root cause analysis. Splunk keeps data in ist original granularity as long as you want o such that you can become proactive and do predictive analysis based on historical data. This helps to address problems before end users are impacted.
For the overall view it makes sense to put data from APM tools into Splunk. Most of these tools have an interface to export data. Splun indexes the data and can be correlated with other sources for root cause analysis. Or you use your APM data to make predictions or find outliers.
For APM tools like New Relic or App Dynamics Aplounk Add-ons exists for intergation. You can find them free of charge on splunkbase.splunk.com.
Valuable information can also be gathered using Splunk Stream, Splunk MINT or web performance data basedon boomerang.
OK, let‘s do a littel demo. How could monitoring a web store look like with Spunk?
This web store is currently undergoing a migration from on-premise to cloud. And the business owner is quite nervous.
Er schaut auf seinen Executive View -> sehe niederieg Anzahl an erfolgreichen Käufen und schlechte umsatzzahlen, Mittelmäßiger ApDex (wer weiss, was ApDex ist?)
Apdex: #good + 0.5#tolerated / #total
Da wir gerade eine Migration machen, wollen wir doch einmal prüfen, ob es etwas gibt, was auffällig ist zwischen on-premise und Cloud. Die Kollegen aus der IT schauen sich das an. Sieht eigentlich alles gut aus. Keine Unterschiede zwischen Cloud und VMware Umgebung. Daher schließen wir die Migration als Ursache aus.
Wie geht es dem Web Shop? Lange Antwortzeiten... in allen Tiern über dem Mittelwert des letzten Tages. Sehe Fehler bei DB Verbindungen des Tomcat Servers. Und bei der DB sehe ich Fehler, dass Logdateien nicht geschrieben werden konnten. Kann jetzt genauer auf die Datenbank schauen (klick on Database Tier!!!) Hier kann ich bestätigen, dass es Probleme mit dem freien Speicherplatz gibt. Eigentlich sollte die Logs ja regelmäßig gelöscht werden. Aber ich sehe, dass mysql Server Problem mit einem Locked Account hat.
Hmm, aber die letzten Fehler sind schon eine Weile her. Ist da noch mehr?
Schauen wir noch auf die Mobile App. Wie sieht es da aus?
End User Performance Metrics (MINT)
Error Rate by App Version -> only 6.0!
Latency per App Version -> 6.0!!!
Am Ende: Mobile App Health, Latency by App Version -> Version 6.0 hat lange Antwortzeiten.
Industry
Online services
Real estate
Splunk Use Cases
• Business analytics• IT operations• Application delivery
Challenges
Third-party and homegrown open-source solutions could not keep up with data volume
Needed to ensure uptime and maintain SLAs for issue resolution
Log les were not standardized and contained unnecessary information
Required robust monitoring and reporting solution
Lacked visibility into vast volumes of siloed log data
Needed the ability to create ad hoc reporting and provide visibility into the health of key transactions, end-to-end, in real time
Additional Business Impact:
Provides self-service to teams across the enterprise to create their own solutions
Faster incident isolation and mitigation
Correlates user experience metrics with application performance for improved customer website experience
Splunk Products
• Splunk Enterprise• Splunk Cloud (Planned: Trulia,® Retsly®)
• Splunk SDK
Data Sources
• Application logs• Server logs• Website logs including property listings • Data from API endpoints (JSON)• Mobile application data• Website performance data
Case Study
http://www.splunk.com/en_us/customers/success-stories/zillow.html
Video
http://www.splunk.com/en_us/resources/video.psbW41MzE6QgFDBeMDL0VtdskHezTBDw.html
Blog Post:
http://blogs.splunk.com/2016/05/10/zillow-finds-its-way-home-with-splunk/?awesm=splk.it_w0S
Sales Email template:
https://splunk.my.salesforce.com/06933000001O5t0
SplunkLive! Seattle presentation:
http://www.slideshare.net/Splunk/zillow-35018327
Splunk blog by Grigori Melnick:
http://blogs.splunk.com/2015/05/13/zillow-developing-on-splunk/
Industry
Technology
Splunk Use Cases
IT operations
Application delivery
Business analytics
Challenges
Difficulty accessing and managing data across the enterprise
Open source platform lacked stability and scalability needed to accommodate large and growing data volume
Accessing data to make actionable decisions took up to weeks
Developers lacked infrastructure visibility needed to ensure smooth application delivery
Splunk Products
Splunk Enterprise
Splunk App for Unix and Linux
Splunk Machine Learning Toolkit
Splunk App for AWS
Data Sources
Application
Database
Third-party
Case Study
https://www.splunk.com/en_us/customers/success-stories/yelp.html
The key takeaways are:
To monitor the user experience it is not sufficient to monitor individual applications. Transcend the silos in your monitoring environement and gather data centrally in Splunk. This gives you access to the full information hidden in your machine data. This is also true for data currently gathered in other tools. Add them to Splunk, too.
Thank you! Please give feedback and rate this session on Pony Poll. The URL can be found on the right hand side – and is also encoded in the QR code.