Cloudera, Inc., profile picture
Uploaded byCloudera, Inc.
1,458 views

Supercharge Splunk with Cloudera


Cloudera can help optimize Splunk deployments by providing more cost-effective scalability, increased data flexibility, and enhanced analytics capabilities. Cloudera can ingest data from Splunk indexes and apply enrichment using open-source machine learning before storing the data in its data hub. This provides a single platform for advanced analytics like SQL and Python/R scripts across both historical and new data. Initial use cases include offloading event data from Splunk to reduce costs and loading additional context sources to gain better insights.

Embed presentation

1© Cloudera, Inc. All rights reserved. Supercharge Splunk with Cloudera
2© Cloudera, Inc. All rights reserved. 1,000,000,000,000+ [ events per day ]
3© Cloudera, Inc. All rights reserved. Challenges with Splunk Today Splunk can not cost effectively scale to the volume and variety of modern data Only partial view of the enterprise limits analytics and slows decisions Difficult to deploy custom advanced machine learning capabilities Explosion of Data Limited Enterprise Visibility Limited Analytic Processing DataAccess 1%50%100% DataVolume 10PB1PB1TB IF (X) AND (Y) THEN (Z) Time User Network Endpoint Archived Data Emerging Data
4© Cloudera, Inc. All rights reserved. Advantages of Cloudera over Splunk Cloud-Native & On-Premise Go Beyond Splunk’s SPL • Share enriched data across multiple analytic processing engines • Simple search, SQL, Python, R, Scala Data Flexibility • Faster, more agile, full- fidelity data acquisition • Data portability: Open data model and open storage Cost-Effective Scalability • Elastic scale on-prem or in the cloud • Cloud-native pay-per-use and transience • Proven at big data scale Hybrid • Runs across multi-clouds & on-prem • Multi-storage over S3, HDFS, Kudu, Isilon, etc ¢¢¢
5© Cloudera, Inc. All rights reserved. Optimizing Splunk with Cloudera PackagedApplications Analytic Processing (Spark, Impala, Solr) Management, Governance,Security (ClouderaManager,Cloudera Navigator) Data and Analytic Management Cloudera Data Hub Open Source Custom Apache Spot Open Data Models (HDFS, Hbase, Kudu) Ingestion (Kafka, Flume, Streamsets) (On premise or Cloud) Splunk Servers Threat Intelligence Network User Endpoint
6© Cloudera, Inc. All rights reserved. Support multiple workloads with community defined Open Data Models Endpoint User Network DIVERSE DATA SOURCES SINGLE ACCESS Source: Momentum Partners Cybersecurity Snapshot April 2016
7© Cloudera, Inc. All rights reserved. Many applications on one shared data set and architecture Visualization & machine learning applications can share common data set & infrastructure CustomPackaged Spot community is developing out machine learning (e.g. network threat detection) Open Source Build custom applications & analytics using Cloudera without having to buy new infrastructure
8© Cloudera, Inc. All rights reserved. When to Use Cloudera vs Splunk Cloudera Best for: • Self-service exploratory analytics • Machine learning • Long term archive • Custom data streams Benefits: • Faster performance over large amounts of data • Complete analytic flexibility (search, SQL, statistical, and machine learning) • Cost-effective scale • Open data models and open data storage Splunk Best for: • Workflow management • Using pre-package rules • Hot data management • Preconfigured connectors Benefits: • Optimized for specific use cases • Existing rules and connectors built out • Quickly query for hot data for simple questions • Proprietary data format and data storage optimized for their applications
9© Cloudera, Inc. All rights reserved. Two starter use cases for Splunk Optimization with Cloudera Getting Started
10© Cloudera, Inc. All rights reserved. Potential Goals Demonstrate Splunk optimization ✓ Install and configure Cloudera clusters (cloud or on prem) ✓ Install and configure Apache Spot Open Data Models ✓ Build ingest adapters for Splunk to Apache Spot ✓ Build visualization dashboard that delivers some subset of optics currently defined in Splunk Establish Cloudera data hub Provide analytic foundations ✓ Build IT and cybersecurity analytics platform on the Apache Spot Open Data Model (ODM)
11© Cloudera, Inc. All rights reserved. 2 potential starting places… 1. Splunk Cost Tuning 2. Context Enrichment and Increased Visibility
12© Cloudera, Inc. All rights reserved. Splunk Cost Tuning • Identify where enterprise wants to optimize cost, ingest/ indexing or storage • Offload event data from heavy forward to reduce long term storage and ingest/ indexing costs • Keep enough data in Splunk to power dashboards with long term analytics in Cloudera. Enable flexible analytics: • Search • SQL • Machine Learning (Python, Scala, R) Packaged Applications Analytic Processing (Spark, Impala, Solr) Management,Governance, Security (ClouderaManager,Cloudera Navigator) Data and Analytic Management Cloudera Data Hub Custom Apache Spot Open Data Models (HDFS, Hbase, Kudu) Ingestion (Kafka, Flume, Streamsets) (On premise or Cloud) Splunk Sources Open Source Splunk Heavy Forwarder Splunk Storage Threat Intelligence Network User Endpoint
13© Cloudera, Inc. All rights reserved. Context Enrichment and Increased Visibility • Load events and context sources into EDH landing it in Apache Spot’s Open Data Model • Enrich and enhance events with additional context in the ODM • Keep enough data in Splunk to power dashboards with long term analytics in Cloudera. Enable flexible analytics: • Search • SQL • Machine Learning (Python, Scala, R) Packaged Applications Analytic Processing (Spark, Impala, Solr) Management,Governance, Security (ClouderaManager,Cloudera Navigator) Data and Analytic Management Cloudera Data Hub Custom Apache Spot Open Data Models (HDFS, Hbase, Kudu) Ingestion (Kafka, Flume, Streamsets) (On premise or Cloud) Sources Apache Spot Algorithms Splunk Splunk Heavy Forwarder Splunk Indexer Packaged Applications Analytic Processing (Spark, Impala, Solr) Management,Governance, Security (ClouderaManager,Cloudera Navigator) Data and Analytic Management Cloudera Data Hub Custom Apache Spot Open Data Models (HDFS, Hbase, Kudu) Ingestion (Kafka, Flume, Streamsets) (On premise or Cloud) Splunk Open Source Splunk Heavy Forwarder Splunk Storage Threat Intelligence Network User Endpoint
14© Cloudera, Inc. All rights reserved. Q&A
15© Cloudera, Inc. All rights reserved. Thank You

More Related Content

PPTX
Multi Cloud Architecture Approach
byMaganathin Veeraragaloo
 
PPTX
SplunkLive 2011 Beginners Session
bySplunk
 
PDF
ClearPass Guest 6.4 User Guide
byAruba, a Hewlett Packard Enterprise company
 
PPTX
EMEA Airheads_ Advance Aruba Central
byAruba, a Hewlett Packard Enterprise company
 
PPTX
The Ideal Approach to Application Modernization; Which Way to the Cloud?
byCodit
 
PDF
Useful cli commands v1
byAruba, a Hewlett Packard Enterprise company
 
PPTX
Airheads Tech Talks: Advanced Clustering in AOS 8.x
byAruba, a Hewlett Packard Enterprise company
 
PPTX
Managing APIs with MuleSoft
byGuilherme Pereira Silva
 
Multi Cloud Architecture Approach
byMaganathin Veeraragaloo
 
SplunkLive 2011 Beginners Session
bySplunk
 
ClearPass Guest 6.4 User Guide
byAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads_ Advance Aruba Central
byAruba, a Hewlett Packard Enterprise company
 
The Ideal Approach to Application Modernization; Which Way to the Cloud?
byCodit
 
Useful cli commands v1
byAruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Advanced Clustering in AOS 8.x
byAruba, a Hewlett Packard Enterprise company
 
Managing APIs with MuleSoft
byGuilherme Pereira Silva
 

What's hot

PDF
Data Lakes with Azure Databricks
byData Con LA
 
PPTX
Introduction to snowflake
bySunil Gurav
 
PDF
Consolidating MLOps at One of Europe’s Biggest Airports
byDatabricks
 
PPTX
1- Introduction of Azure data factory.pptx
byBRIJESH KUMAR
 
PDF
Configuration Management
byhdicapitalarea
 
PDF
VMware Tanzu Introduction
byVMware Tanzu
 
PDF
MuleSoft PKO - C4E and Platform Insights
byAngel Alberici
 
PPTX
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
byAruba, a Hewlett Packard Enterprise company
 
PDF
Microservice Architecture
byNguyen Tung
 
PPTX
NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...
byCisco DevNet
 
PDF
Guest Access with ArubaOS
byAruba, a Hewlett Packard Enterprise company
 
PPTX
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
byAruba, a Hewlett Packard Enterprise company
 
PPTX
Enabling AirPrint & AirPlay on Your Network
byAruba, a Hewlett Packard Enterprise company
 
PDF
Introducing log analysis to your organization
bySematext Group, Inc.
 
PPTX
EMEA Airheads- Aruba Central with Instant AP
byAruba, a Hewlett Packard Enterprise company
 
PPTX
AWS reInvent 2023 re:Cap services Slide deck
bySammy Cheung
 
PPTX
Introduction-to-Wazuh-and-its-integration.pptx
bymprakaash5
 
PPTX
EMEA Airheads - AP Discovery Logic and AP Deployment
byAruba, a Hewlett Packard Enterprise company
 
PPTX
EMEA Airheads- ArubaOS - Cluster Manager
byAruba, a Hewlett Packard Enterprise company
 
PPTX
What is an API Gateway?
byLunchBadger
 
Data Lakes with Azure Databricks
byData Con LA
 
Introduction to snowflake
bySunil Gurav
 
Consolidating MLOps at One of Europe’s Biggest Airports
byDatabricks
 
1- Introduction of Azure data factory.pptx
byBRIJESH KUMAR
 
Configuration Management
byhdicapitalarea
 
VMware Tanzu Introduction
byVMware Tanzu
 
MuleSoft PKO - C4E and Platform Insights
byAngel Alberici
 
EMEA Airheads– Aruba Clarity. Because a Wi-Fi Problem's Often Not a "Wi-Fi" P...
byAruba, a Hewlett Packard Enterprise company
 
Microservice Architecture
byNguyen Tung
 
NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...
byCisco DevNet
 
Guest Access with ArubaOS
byAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
byAruba, a Hewlett Packard Enterprise company
 
Enabling AirPrint & AirPlay on Your Network
byAruba, a Hewlett Packard Enterprise company
 
Introducing log analysis to your organization
bySematext Group, Inc.
 
EMEA Airheads- Aruba Central with Instant AP
byAruba, a Hewlett Packard Enterprise company
 
AWS reInvent 2023 re:Cap services Slide deck
bySammy Cheung
 
Introduction-to-Wazuh-and-its-integration.pptx
bymprakaash5
 
EMEA Airheads - AP Discovery Logic and AP Deployment
byAruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- ArubaOS - Cluster Manager
byAruba, a Hewlett Packard Enterprise company
 
What is an API Gateway?
byLunchBadger
 

Similar to Supercharge Splunk with Cloudera


PPTX
Clear the Mist from your Clouds with Splunk
bySplunk
 
PDF
Splunk Cloud
bySplunk
 
PDF
Splunk Cloud
bySplunk
 
PPTX
Splunk
byDeep Mehta
 
ODP
Splunk
byKnoldus Inc.
 
PPTX
Cloudera Analytics and Machine Learning Platform - Optimized for Cloud
byStefan Lipp
 
PDF
Splunk Cloud
bySplunk
 
PPTX
Splunk .conf18 Updates, Config Add-on, SplDevOps
byHarry McLaren
 
PDF
December Bengaluru Splunk User Group Meetup
bykamlesh2410
 
PPTX
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
bySplunk
 
PDF
SplunkLive! Amsterdam 2015 Breakout - Getting Started with Splunk
bySplunk
 
PPTX
Leveraging the cloud for analytics and machine learning 1.29.19
byCloudera, Inc.
 
PDF
Splunk Cloud
bySplunk
 
PPTX
Large-Scale Data Science on Hadoop (Intel Big Data Day)
byUri Laserson
 
PPTX
Getting Started with Splunk Enterprise
bySplunk
 
PPTX
Getting Started with Splunk Enterprise
byShannon Cuthbertson
 
PDF
Quelles nouveautés avec la version 6.5 de Splunk Enterprise
bySplunk
 
PDF
Optimize IT Infrastructure
byScalar Decisions
 
PPTX
Machine Data 101: Turning Data Into Insight
bySplunk
 
PPTX
Big Data at the Speed of Business: Lessons Learned from Leading at the Edge
byDataWorks Summit
 
Clear the Mist from your Clouds with Splunk
bySplunk
 
Splunk Cloud
bySplunk
 
Splunk Cloud
bySplunk
 
Splunk
byDeep Mehta
 
Splunk
byKnoldus Inc.
 
Cloudera Analytics and Machine Learning Platform - Optimized for Cloud
byStefan Lipp
 
Splunk Cloud
bySplunk
 
Splunk .conf18 Updates, Config Add-on, SplDevOps
byHarry McLaren
 
December Bengaluru Splunk User Group Meetup
bykamlesh2410
 
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
bySplunk
 
SplunkLive! Amsterdam 2015 Breakout - Getting Started with Splunk
bySplunk
 
Leveraging the cloud for analytics and machine learning 1.29.19
byCloudera, Inc.
 
Splunk Cloud
bySplunk
 
Large-Scale Data Science on Hadoop (Intel Big Data Day)
byUri Laserson
 
Getting Started with Splunk Enterprise
bySplunk
 
Getting Started with Splunk Enterprise
byShannon Cuthbertson
 
Quelles nouveautés avec la version 6.5 de Splunk Enterprise
bySplunk
 
Optimize IT Infrastructure
byScalar Decisions
 
Machine Data 101: Turning Data Into Insight
bySplunk
 
Big Data at the Speed of Business: Lessons Learned from Leading at the Edge
byDataWorks Summit
 

More from Cloudera, Inc.

PPTX
Federated Learning: ML with Privacy on the Edge 11.15.18
byCloudera, Inc.
 
PPTX
Cloudera SDX
byCloudera, Inc.
 
PPTX
Introducing Cloudera DataFlow (CDF) 2.13.19
byCloudera, Inc.
 
PPTX
Partner Briefing_January 25 (FINAL).pptx
byCloudera, Inc.
 
PPTX
Introducing Cloudera Data Science Workbench for HDP 2.12.19
byCloudera, Inc.
 
PPTX
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
byCloudera, Inc.
 
PPTX
Modern Data Warehouse Fundamentals Part 2
byCloudera, Inc.
 
PPTX
Introducing the data science sandbox as a service 8.30.18
byCloudera, Inc.
 
PPTX
Modern Data Warehouse Fundamentals Part 1
byCloudera, Inc.
 
PPTX
Data Driven With the Cloudera Modern Data Warehouse 3.19.19
byCloudera, Inc.
 
PPTX
Extending Cloudera SDX beyond the Platform
byCloudera, Inc.
 
PPTX
Build a modern platform for anti-money laundering 9.19.18
byCloudera, Inc.
 
PPTX
Edc event vienna presentation 1 oct 2019
byCloudera, Inc.
 
PPTX
Modern Data Warehouse Fundamentals Part 3
byCloudera, Inc.
 
PPTX
2020 Cloudera Data Impact Awards Finalists
byCloudera, Inc.
 
PPTX
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
byCloudera, Inc.
 
PPTX
Machine Learning with Limited Labeled Data 4/3/19
byCloudera, Inc.
 
PPTX
Leveraging the Cloud for Big Data Analytics 12.11.18
byCloudera, Inc.
 
PPTX
Cloudera Data Impact Awards 2021 - Finalists
byCloudera, Inc.
 
PPTX
Analyst Webinar: Doing a 180 on Customer 360
byCloudera, Inc.
 
Federated Learning: ML with Privacy on the Edge 11.15.18
byCloudera, Inc.
 
Cloudera SDX
byCloudera, Inc.
 
Introducing Cloudera DataFlow (CDF) 2.13.19
byCloudera, Inc.
 
Partner Briefing_January 25 (FINAL).pptx
byCloudera, Inc.
 
Introducing Cloudera Data Science Workbench for HDP 2.12.19
byCloudera, Inc.
 
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
byCloudera, Inc.
 
Modern Data Warehouse Fundamentals Part 2
byCloudera, Inc.
 
Introducing the data science sandbox as a service 8.30.18
byCloudera, Inc.
 
Modern Data Warehouse Fundamentals Part 1
byCloudera, Inc.
 
Data Driven With the Cloudera Modern Data Warehouse 3.19.19
byCloudera, Inc.
 
Extending Cloudera SDX beyond the Platform
byCloudera, Inc.
 
Build a modern platform for anti-money laundering 9.19.18
byCloudera, Inc.
 
Edc event vienna presentation 1 oct 2019
byCloudera, Inc.
 
Modern Data Warehouse Fundamentals Part 3
byCloudera, Inc.
 
2020 Cloudera Data Impact Awards Finalists
byCloudera, Inc.
 
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
byCloudera, Inc.
 
Machine Learning with Limited Labeled Data 4/3/19
byCloudera, Inc.
 
Leveraging the Cloud for Big Data Analytics 12.11.18
byCloudera, Inc.
 
Cloudera Data Impact Awards 2021 - Finalists
byCloudera, Inc.
 
Analyst Webinar: Doing a 180 on Customer 360
byCloudera, Inc.
 

Recently uploaded

PDF
Projectlify: Everything You Need to Get Things Done
byRafal Ksiazek
 
PDF
What-Every-Tech-Leader-Needs-to-Know-About-AI-in-2025.pdf
byrishabhxbohra
 
PPTX
apidays Australia 2025 | Hey man, which one will deploy much faster, API or kid?
byapidays
 
PPTX
apidays Australia 2025 | Advanced GraphQL Security with AI Driven Threat Dete...
byapidays
 
PDF
Salesforce Careers in 2026_ Trends, Certifications, and Must-Have Skills
byDele Amefo
 
PDF
Gojek Clone Business Strategy: From Launch to Scale
byV3CUBE TECHNOLABS
 
PDF
Princeton RSE: Python Histograms as objects
byHenry Schreiner
 
PDF
Princeton RSE: What's new in Python π (3.14)
byHenry Schreiner
 
PDF
apidays Australia 2025 | Designing with workflows: Using Arazzo and OpenAPI f...
byapidays
 
PDF
A Complete Guide to Progressive Web App and Their Development
byMaxtra Technologies
 
PDF
apidays Australia 2025 | APIs in Government: A blueprint to automating Busine...
byapidays
 
PDF
Edge AI vs Cloud AI: Why Frontend Developers Must Master On-Device Machine Le...
byWorkfall hire developers
 
PPTX
wAIred_RabobankWRProducts__22012026.pptx
bySimonedeGijt
 
PDF
IoT/OT Security: Penetration Testing for an Expanding Attack Surface.pdf
byCybernetic Global Intelligence
 
PDF
Postmates Clone App Delivery Service Business Solution.pdf
byV3CUBE TECHNOLABS
 
PDF
contusion pulmonar y antibiotico en el atls
byMARIAPETRONILAMONTAO
 
PPTX
Anomalies in Relational Database Management systems.pptx
byamutham12
 
Projectlify: Everything You Need to Get Things Done
byRafal Ksiazek
 
What-Every-Tech-Leader-Needs-to-Know-About-AI-in-2025.pdf
byrishabhxbohra
 
apidays Australia 2025 | Hey man, which one will deploy much faster, API or kid?
byapidays
 
apidays Australia 2025 | Advanced GraphQL Security with AI Driven Threat Dete...
byapidays
 
Salesforce Careers in 2026_ Trends, Certifications, and Must-Have Skills
byDele Amefo
 
Gojek Clone Business Strategy: From Launch to Scale
byV3CUBE TECHNOLABS
 
Princeton RSE: Python Histograms as objects
byHenry Schreiner
 
Princeton RSE: What's new in Python π (3.14)
byHenry Schreiner
 
apidays Australia 2025 | Designing with workflows: Using Arazzo and OpenAPI f...
byapidays
 
A Complete Guide to Progressive Web App and Their Development
byMaxtra Technologies
 
apidays Australia 2025 | APIs in Government: A blueprint to automating Busine...
byapidays
 
Edge AI vs Cloud AI: Why Frontend Developers Must Master On-Device Machine Le...
byWorkfall hire developers
 
wAIred_RabobankWRProducts__22012026.pptx
bySimonedeGijt
 
IoT/OT Security: Penetration Testing for an Expanding Attack Surface.pdf
byCybernetic Global Intelligence
 
Postmates Clone App Delivery Service Business Solution.pdf
byV3CUBE TECHNOLABS
 
contusion pulmonar y antibiotico en el atls
byMARIAPETRONILAMONTAO
 
Anomalies in Relational Database Management systems.pptx
byamutham12
 

Supercharge Splunk with Cloudera


  • 1.
    1© Cloudera, Inc.All rights reserved. Supercharge Splunk with Cloudera
  • 2.
    2© Cloudera, Inc.All rights reserved. 1,000,000,000,000+ [ events per day ]
  • 3.
    3© Cloudera, Inc.All rights reserved. Challenges with Splunk Today Splunk can not cost effectively scale to the volume and variety of modern data Only partial view of the enterprise limits analytics and slows decisions Difficult to deploy custom advanced machine learning capabilities Explosion of Data Limited Enterprise Visibility Limited Analytic Processing DataAccess 1%50%100% DataVolume 10PB1PB1TB IF (X) AND (Y) THEN (Z) Time User Network Endpoint Archived Data Emerging Data
  • 4.
    4© Cloudera, Inc.All rights reserved. Advantages of Cloudera over Splunk Cloud-Native & On-Premise Go Beyond Splunk’s SPL • Share enriched data across multiple analytic processing engines • Simple search, SQL, Python, R, Scala Data Flexibility • Faster, more agile, full- fidelity data acquisition • Data portability: Open data model and open storage Cost-Effective Scalability • Elastic scale on-prem or in the cloud • Cloud-native pay-per-use and transience • Proven at big data scale Hybrid • Runs across multi-clouds & on-prem • Multi-storage over S3, HDFS, Kudu, Isilon, etc ¢¢¢
  • 5.
    5© Cloudera, Inc.All rights reserved. Optimizing Splunk with Cloudera PackagedApplications Analytic Processing (Spark, Impala, Solr) Management, Governance,Security (ClouderaManager,Cloudera Navigator) Data and Analytic Management Cloudera Data Hub Open Source Custom Apache Spot Open Data Models (HDFS, Hbase, Kudu) Ingestion (Kafka, Flume, Streamsets) (On premise or Cloud) Splunk Servers Threat Intelligence Network User Endpoint
  • 6.
    6© Cloudera, Inc.All rights reserved. Support multiple workloads with community defined Open Data Models Endpoint User Network DIVERSE DATA SOURCES SINGLE ACCESS Source: Momentum Partners Cybersecurity Snapshot April 2016
  • 7.
    7© Cloudera, Inc.All rights reserved. Many applications on one shared data set and architecture Visualization & machine learning applications can share common data set & infrastructure CustomPackaged Spot community is developing out machine learning (e.g. network threat detection) Open Source Build custom applications & analytics using Cloudera without having to buy new infrastructure
  • 8.
    8© Cloudera, Inc.All rights reserved. When to Use Cloudera vs Splunk Cloudera Best for: • Self-service exploratory analytics • Machine learning • Long term archive • Custom data streams Benefits: • Faster performance over large amounts of data • Complete analytic flexibility (search, SQL, statistical, and machine learning) • Cost-effective scale • Open data models and open data storage Splunk Best for: • Workflow management • Using pre-package rules • Hot data management • Preconfigured connectors Benefits: • Optimized for specific use cases • Existing rules and connectors built out • Quickly query for hot data for simple questions • Proprietary data format and data storage optimized for their applications
  • 9.
    9© Cloudera, Inc.All rights reserved. Two starter use cases for Splunk Optimization with Cloudera Getting Started
  • 10.
    10© Cloudera, Inc.All rights reserved. Potential Goals Demonstrate Splunk optimization ✓ Install and configure Cloudera clusters (cloud or on prem) ✓ Install and configure Apache Spot Open Data Models ✓ Build ingest adapters for Splunk to Apache Spot ✓ Build visualization dashboard that delivers some subset of optics currently defined in Splunk Establish Cloudera data hub Provide analytic foundations ✓ Build IT and cybersecurity analytics platform on the Apache Spot Open Data Model (ODM)
  • 11.
    11© Cloudera, Inc.All rights reserved. 2 potential starting places… 1. Splunk Cost Tuning 2. Context Enrichment and Increased Visibility
  • 12.
    12© Cloudera, Inc.All rights reserved. Splunk Cost Tuning • Identify where enterprise wants to optimize cost, ingest/ indexing or storage • Offload event data from heavy forward to reduce long term storage and ingest/ indexing costs • Keep enough data in Splunk to power dashboards with long term analytics in Cloudera. Enable flexible analytics: • Search • SQL • Machine Learning (Python, Scala, R) Packaged Applications Analytic Processing (Spark, Impala, Solr) Management,Governance, Security (ClouderaManager,Cloudera Navigator) Data and Analytic Management Cloudera Data Hub Custom Apache Spot Open Data Models (HDFS, Hbase, Kudu) Ingestion (Kafka, Flume, Streamsets) (On premise or Cloud) Splunk Sources Open Source Splunk Heavy Forwarder Splunk Storage Threat Intelligence Network User Endpoint
  • 13.
    13© Cloudera, Inc.All rights reserved. Context Enrichment and Increased Visibility • Load events and context sources into EDH landing it in Apache Spot’s Open Data Model • Enrich and enhance events with additional context in the ODM • Keep enough data in Splunk to power dashboards with long term analytics in Cloudera. Enable flexible analytics: • Search • SQL • Machine Learning (Python, Scala, R) Packaged Applications Analytic Processing (Spark, Impala, Solr) Management,Governance, Security (ClouderaManager,Cloudera Navigator) Data and Analytic Management Cloudera Data Hub Custom Apache Spot Open Data Models (HDFS, Hbase, Kudu) Ingestion (Kafka, Flume, Streamsets) (On premise or Cloud) Sources Apache Spot Algorithms Splunk Splunk Heavy Forwarder Splunk Indexer Packaged Applications Analytic Processing (Spark, Impala, Solr) Management,Governance, Security (ClouderaManager,Cloudera Navigator) Data and Analytic Management Cloudera Data Hub Custom Apache Spot Open Data Models (HDFS, Hbase, Kudu) Ingestion (Kafka, Flume, Streamsets) (On premise or Cloud) Splunk Open Source Splunk Heavy Forwarder Splunk Storage Threat Intelligence Network User Endpoint
  • 14.
    14© Cloudera, Inc.All rights reserved. Q&A
  • 15.
    15© Cloudera, Inc.All rights reserved. Thank You