This document summarizes the Church of Latter-day Saints' use of Splunk for log aggregation, monitoring, and reporting across their IT platforms. It describes how Splunk helped consolidate over 2,100 log forwarders, provided dashboards for visibility, and enabled self-service troubleshooting. Through automating Splunk deployment on their Cloud Foundry platform, they increased adoption of logging and monitoring services amongst internal application teams.
5. 5
Before Splunk
• Manually Processes for TroubleshooHng
• Log and Event CorrelaHon
• Inconsistent Logging Formats
• Manual VM Setup for Logging
• No Historical Trending Data
• More outages due to lack of visibility
• Complexity of MulHple alerHng systems
“In the past we
had to manually
configure VMs,
runAmes and logs
so it took a lot
longer for that
process to
happen .”
15. 15
Splunk Does It All
Past Present
Log AggregaHon Splunk Splunk
Metric Storage Oracle DB Splunk
AlerHng Nagios & Splunk Splunk
Dashboard Custom Web UI Splunk
Management Email another Team Self Service
Cross System Analysis Good luck Spunk
AcHve Monitoring (Smoke Tests) Anthill Splunk
Changed the world from a VM world to an App and Service World
No VM Configuration
No Runtime Configuration
No Middleware Configuration
No Mismatches of VMs, Software patches, installs
No out of date Security Patches
No Inconsistencies on Deploys across technologies
Same for Java, NodeJS, Static Assets, Docker
Provide all this AND Insulate your application from future hosting and cloud provider differences?
Changed the world from a VM world to an App and Service World
No VM Configuration
No Runtime Configuration
No Middleware Configuration
No Mismatches of VMs, Software patches, installs
No out of date Security Patches
No Inconsistencies on Deploys across technologies
Same for Java, NodeJS, Static Assets, Docker
Provide all this AND Insulate your application from future hosting and cloud provider differences?
Cloud Foundry is a great platform to host applications. Our users love that we make it easy for them to put application data into splunk so they can monitor their applications using splunk.
But, Cloud Foundry itself is also an application. A very important one. If cloud foundry goes down that could impact the availability of running in cloud foundry so it is very important that Cloud Foundry is also monitored.
Here are some of the problems we had with our original monitoring solution.
We went through an extensive evaluation process with the different enterprise monitoring tools available to us.
We soon discovered that Splunk isn’t only good at aggregating log data it is also excellent at injecting metrics and alerting, it is completely self service, you can create dashboards for us and our users.
If app is going slow is it because of the app or some other app running on the same machine?
Would be great to add VMWare Host data to this graph