Splunk Presentation

Splunk Overview

“Two-thirds of all IT spending is just to sustain the business, not to grow or transform the business” Source: Gartner, IT Metrics: IT Spending and Staffing Report, 2010 Copyright © 2011, Splunk Inc.

2

Listen to your data.

Machine Data Is Pervasive Additional Sources

Customer-facing IT

Core IT

Web Services Shipping

RFID

Data Warehouse

Desktops

GPS/Cellular

Shopping Basket

Developers

Security Energy

Cloud

Servers Telecoms

Online Services

App Support

Virtual

Networking Manufacturing

Storage

Clickstream

Physical

Messaging

Copyright © 2011, Splunk Inc.

3

Listen to your data.

Machine Data Is Pervasive Additional Sources

Core IT

Customer-facing IT

Machine data volumes, sources and types exploding

80-95% of an organization’s data is unstructured If stored, in silos throughout the organization New technologies adding to data explosion (mobile devices, sensors, GPS, virtualization, cloud) Market trends makes this data valuable to the business Contains a categorical record of activity and behavior

Copyright © 2011, Splunk Inc.

4

Listen to your data.

What It’s Like In The Trenches

Application Support

Application Developer

Systems Administrator

Application Developer

Database Administrator

Log call. The console says everything is green.

Java monitoring tools don’t show anything either. Call the developer.

Stop working on new code to troubleshoot. Need production logs!

Stop what they’re doing to identify and gather production logs for developer.

Manual investigation establishes not application problem.

DBA analyzes audit logs which points to bad query.

Escalate.

Escalate.

Escalate.

Respond.

Escalate.

Now what?

Service Desk

Copyright © 2011, Splunk Inc.

5

Listen to your data.

And When The Business Needs Intelligence... I need a new report

We’ll need to change the schema for that

Copyright © 2011, Splunk Inc.

I need to see it in real time

Our system is batch. We’ll need a new system

6

What’s the trend over the last year?

Sorry. We only keep 7 days of data online

Listen to your data.

Collect, index and harness your machine data to identify problems, patterns, risks and opportunities and drive better decisions for IT and the business. Copyright © 2011, Splunk Inc.

7

Listen to your data.

So What is Splunk, Exactly? •

Splunk is the engine for machine data

•

Provides visibility, reporting and search across all your IT systems and infrastructure

Copyright © 2011, Splunk Inc.

It’s software – download and install it in 5 minutes Runs on all modern platforms

8

Listen to your data.

Splunk: The Engine for Machine Data No predefined schema, no custom connectors, no RDBMS, no need to filter/forward. Customer Facing Data

Outside the Datacenter

Click-stream data Shopping cart data Online transaction data

Manufacturing, logistics… CDRs & IPDRs Power consumption RFID data GPS data

Logfiles

Windows Registry Event logs File system sysinternals

Linux/Unix Configurations syslog File system ps, iostat, top

Copyright © 2011, Splunk Inc.

Configs Messages

Traps Alerts

Metrics

Virtualization & Cloud Hypervisor Guest OS, Apps Cloud

9

Scripts

Changes

Tickets

Applications

Databases

Web logs Log4J, JMS, JMX .NET events Code and scripts

Configurations Audit/query logs Tables Schemas

Networking Configurations syslog SNMP netflow

Listen to your data.

Delivering Operational Intelligence Single Data Store

Single UI

Across Use Cases

Three Primary Capabilities Search/Navigate

Real-time Visibility

Data drilldown • “Needle in a haystack” • Root cause analysis/troubleshooting • Incident investigations

• • • • •

•

Copyright © 2011, Splunk Inc.

Live dashboards Event correlation Monitoring and alerting Performance issues Transaction levels • SLA tracking

10

Historical Analytics Baseline and thresholds • Trending • Operational insights • Historical patterns • Compliance reports •

Listen to your data.

Splunk is a Powerful Search Engine for IT Find and fix problems dramatically faster across your organization.

Copyright © 2011, Splunk Inc.

11

Listen to your data.

In The Trenches With Splunk Troubleshoot problems in minutes not hours or days. “192.168.169.100” Trouble Ticket

Search on IP address shows related Web session and User ID

192.168.169.100 Last 60 minutes

Service Desk * AND failure OR error

Search at same time reveals database error and permission failure

failure OR error Last 2 minutes

Search Your Entire IT Infrastructure

User ID=“John” AND permission_change Last 1 minute

Copyright © 2011, Splunk Inc.

12

Search on permission changes shows change without ticket number Listen to your data.

Splunk Proactively Monitors for Incidents Automatically monitor all your infrastructure in real-time to identify issues, problems and attacks before they impact your customers and services.

RSS

Email SNMP Trouble ticket

Copyright © 2011, Splunk Inc.

13

Listen to your data.

Splunk Delivers Operational Visibility Gain end-to-end visibility to track and deliver on IT KPIs and make better-informed IT decisions.

Copyright © 2011, Splunk Inc.

14

Listen to your data.

Splunk Provides New Insights for Business Gain new insight from operational data to make better-informed business decisions.

Copyright © 2011, Splunk Inc.

15

Listen to your data.

New Levels of Visibility for IT and the Business

Copyright © 2011, Splunk Inc.

16

Listen to your data.

Scales Across the Datacenter

Offload search load to Splunk Search Heads

Auto load-balanced forwarding to as many Splunk Indexers as you need to index terabytes/day

Send data from 1000s of servers using combination of Splunk Forwarders, syslog, WMI, message queues, or other remote protocols Copyright © 2011, Splunk Inc.

17

Listen to your data.

Easy to Get Started Download and install in minutes.

Copyright © 2011, Splunk Inc.

18

Listen to your data.

What Makes Splunk Different? Any Data Any format of data, from any source • Full access to 100% of data for months/years • Cradle-to-grave data management •

Immediate Results

Completely Flexible Supports any analysis, reporting or monitoring across IT silos • Highly flexible dashboards present any view for any user • Adapts to change—schema-onthe-fly design supports new or unexpected data •

Free download, installs in minutes • Can get started small and grow over time—from laptop to datacenters • Initial benefits realized in hours or days •

Splunk: The Engine for Machine Data

Copyright © 2011, Splunk Inc.

19

Listen to your data.

macys.com “For the first time in six years, macys.com experienced no downtime during peak holiday shopping – despite a 50% increase in traffic.” Camille Bali Senior Analyst, Architecture Team

Copyright © 2011, Splunk Inc.

Delivered the IT team end-to-end visibility across entire technology stack Enabled 100% up-time for two straight seasons during a 50% increase in transactions Supplied role-specific, dashboards to 100+ users across IT

20

Listen to your data.

salesforce.com “We have taken application performance troubleshooting for 87,000 customers to the next level.” “The fact that we had a data treasure chest was not obvious till Splunk came in to the picture.” Narayan Bharadwaj Director, Product Management

Copyright © 2011, Splunk Inc.

Now offering new services: reporting on customer email campaigns Provided business analytics around usage of social platform services and apps on Force.com Provided higher service levels 21

Listen to your data.

Cricket Communications “Splunk lets us build dashboards to compare and correlate whatever we want— nothing else lets us do that.” “I built a business analytics dashboard for my manager in 5 minutes and he was sold.” Roberto Quezada IT Operations Analyst

Copyright © 2011, Splunk Inc.

Correlated F5, firewalls and malware for complete security posture Informed capacity planning Delivered executive dashboards look at activations by minute, by channel, by market

22

Listen to your data.

Vodafone “Splunk reduced our escalations by 90% and our problem resolution time by 67%.” Paulo Carvalho Director Operation

Copyright © 2011, Splunk Inc.

Delivered rapid application troubleshooting and quality management of higher margin 3G services Enabled rapid error search across Java & J2EE infrastructure Provided service desk with required information quickly and improved customer satisfaction level 23

Listen to your data.

Cisco “Splunk allows us to quickly

consolidate and correlate disparate log sources, enabling previously impractical monitoring and response scenarios.” Dave Schwartzburg Computer Security Incident Response Team

Copyright © 2011, Splunk Inc.

Enabled proactive threat assessment, mitigation planning, incident trending with analysis, security architecture, incident detection and response Delivered a centralized view into user activities and in-scope systems 24

Listen to your data.

Edmunds.com “Our Splunk dashboards provide both real-time and historical trending data we use to make the decisions that impact revenue.”

John Martin Senior Director, Application Operations

Copyright © 2011, Splunk Inc.

Root cause analysis and troubleshooting Long-term trending for IT and business Identifying new customer behaviors 25

Listen to your data.

Splunk ROI – Fast, Compelling, Diverse

Copyright © 2011, Splunk Inc.

Increase revenue

Macys.com proactively monitor website, e-commerce and application infrastructure. Eliminated downtime during peak periods, avoiding revenue loss of $300,000/incident

Increase uptime

TransUnion decreased average downtime per incident by 90%, saving millions of dollars per year in extra revenue.

Increase productivity

HealthTrans used to take 7-8 hours to trace a transaction. Now it takes 5 minutes.

Reduce costs

Large mutual fund is using Splunk for compliance review. Through greater efficiency, Splunk paid for itself in 60 days.

Reduce fraud/abuse

Large telecoms company eliminate service abusers. ROI gained on fraud detection in the first month paid for Splunk

Protect the business

Top five US wireless carrier optimizes call routing, saving hundreds of thousands of dollars per month 26

Listen to your data.

Splunking Across Industries Solution Segments

App Mgmt

IT Ops

Security

Compliance

Customer Segments Web & Business Analytics

Federal

Financial Services Developer Framework

Telecoms

Education

Copyright © 2011, Splunk Inc.

27

Listen to your data.

A Growing Family of Apps

Security

IronPort WSA

Copyright © 2011, Splunk Inc.

28

Listen to your data.

2,600+ Licensed Customers in 78 Countries Cloud and Online Services

Education

Energy and Utilities

Financial Services and Insurance

Government

Healthcare

Manufacturing

Media

Retail

Technology

Telecommunications

Travel and Leisure

Copyright © 2011, Splunk Inc.

29

Listen to your data.

Splunk Overview

Thank you!