SlideShare ist ein Scribd-Unternehmen logo

SplunkLive! Stockholm 2016 - iZettle

Als PPTX, PDF herunterladen
Splunk
Splunk

Splunk for DevOps at iZettle

Technologie
1 von 15
Copyright © 2015 Splunk Inc. Splunk at iZettle Johannes Lofgren, Head of DevOps j
‹#› Johannes Löfgren - Head of Devops and Infrastructure
‹#› The challenge…. Show me a PCI-DSS compliant centralised logging solution in 5 weeks!
‹#› Why Splunk? • PCI-DSS - Payment Card Industry Data Security Standard • iZettle’s first PCI-DSS audit was in Q2 2012 • Starting point: local logs on around 10 backend servers • Before audit deadline: Prove our control of operations and security using our centralised log solution
‹#› Starting out Daily report email Scheduled alerts (email and sms) File integrity monitoring Learn basic search skills
‹#› Starting out < 1s, Expected result of automated deploy 90 minutes, Further investigation needed File integrity monitoring Daily report email
‹#› iZettle expansion All backend systems logging to Splunk 2011 One market Monolithic backend Single location traditional hosting 2013 Multiple markets in three continents Distributed backend Hybrid cloud infrastructure
‹#› Splunk at iZettle Today Usage 50% of total implemented alerts 80+ users All backend services log to splunk Support Security Development QAOperations Benefits Easy to scale Easy to move Search across multiple services Adapt alert triggers to trends FIM
‹#› Follow the trend - example Weekly and daily trend below
‹#› Follow the trend - example The _internal index tracks logged bytes per source: earliest = -1h@h latest = @h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as last
‹#› Follow the trend - example Run a subsearch for the same, 7 days ago. Column output: earliest = -1h@h latest = @h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as last | appendcols [ search earliest = -169h@h latest = -168h@h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as comparator ]
‹#› Follow the trend - example Calculate the percentage diff. Add explanatory labels: earliest = -1h@h latest = @h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as last | appendcols [ search earliest = -169h@h latest = -168h@h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as comparator ] | eval percent_change=100*(last/comparator)-100 | rename last as "MB Latest hour", comparator as "MB same hour, 7 days ago"
‹#› Follow the trend - example The _internal index is lightweight to search: What to do with this? Create an alert triggering on a positive and negative threshold of the variable “percent_change” Generic enough to suit any system
‹#› Key lessons Insert all your logging services to cross search systems Take a generic anomaly approach on alerts Make use of what’s already summarised for light weight searching Use dynamic alert thresholds
Thank You

Empfohlen

SplunkLive! Stockholm 2016 - Telia Norway
SplunkLive! Stockholm 2016 - Telia Norway SplunkLive! Stockholm 2016 - Telia Norway
SplunkLive! Stockholm 2016 - Telia Norway Splunk
 
GovSummit London 2016 - NHS Choices
GovSummit London 2016 - NHS ChoicesGovSummit London 2016 - NHS Choices
GovSummit London 2016 - NHS ChoicesSplunk
 
SplunkLive! London 2016 - HSCIC / NHS Digital / Spine 2
SplunkLive! London 2016 - HSCIC / NHS Digital / Spine 2SplunkLive! London 2016 - HSCIC / NHS Digital / Spine 2
SplunkLive! London 2016 - HSCIC / NHS Digital / Spine 2Splunk
 
SplunkLive! Warsaw 2016 - Cisco
SplunkLive! Warsaw 2016 - Cisco SplunkLive! Warsaw 2016 - Cisco
SplunkLive! Warsaw 2016 - Cisco Splunk
 
SplunkLive! München 2016 - Splunk @ UniCredit
SplunkLive! München 2016 - Splunk @ UniCreditSplunkLive! München 2016 - Splunk @ UniCredit
SplunkLive! München 2016 - Splunk @ UniCreditSplunk
 
SplunkLive! London 2016 - BBC Worldwide
SplunkLive! London 2016 - BBC WorldwideSplunkLive! London 2016 - BBC Worldwide
SplunkLive! London 2016 - BBC WorldwideSplunk
 
Stream Analytics for Data in Motion
Stream Analytics for Data in MotionStream Analytics for Data in Motion
Stream Analytics for Data in MotionExtraHop Networks
 
Delivering Business Value from Operational Inisights at ING Bank
Delivering Business Value from Operational Inisights at ING BankDelivering Business Value from Operational Inisights at ING Bank
Delivering Business Value from Operational Inisights at ING BankSplunk
 

Empfohlen

SplunkLive! Stockholm 2016 - Telia Norway
SplunkLive! Stockholm 2016 - Telia Norway SplunkLive! Stockholm 2016 - Telia Norway
SplunkLive! Stockholm 2016 - Telia Norway Splunk
 
GovSummit London 2016 - NHS Choices
GovSummit London 2016 - NHS ChoicesGovSummit London 2016 - NHS Choices
GovSummit London 2016 - NHS ChoicesSplunk
 
SplunkLive! London 2016 - HSCIC / NHS Digital / Spine 2
SplunkLive! London 2016 - HSCIC / NHS Digital / Spine 2SplunkLive! London 2016 - HSCIC / NHS Digital / Spine 2
SplunkLive! London 2016 - HSCIC / NHS Digital / Spine 2Splunk
 
SplunkLive! Warsaw 2016 - Cisco
SplunkLive! Warsaw 2016 - Cisco SplunkLive! Warsaw 2016 - Cisco
SplunkLive! Warsaw 2016 - Cisco Splunk
 
SplunkLive! München 2016 - Splunk @ UniCredit
SplunkLive! München 2016 - Splunk @ UniCreditSplunkLive! München 2016 - Splunk @ UniCredit
SplunkLive! München 2016 - Splunk @ UniCreditSplunk
 
SplunkLive! London 2016 - BBC Worldwide
SplunkLive! London 2016 - BBC WorldwideSplunkLive! London 2016 - BBC Worldwide
SplunkLive! London 2016 - BBC WorldwideSplunk
 
Stream Analytics for Data in Motion
Stream Analytics for Data in MotionStream Analytics for Data in Motion
Stream Analytics for Data in MotionExtraHop Networks
 
Delivering Business Value from Operational Inisights at ING Bank
Delivering Business Value from Operational Inisights at ING BankDelivering Business Value from Operational Inisights at ING Bank
Delivering Business Value from Operational Inisights at ING BankSplunk
 
SplunkLive! Utrecht 2016 - Exact
SplunkLive! Utrecht 2016 - ExactSplunkLive! Utrecht 2016 - Exact
SplunkLive! Utrecht 2016 - ExactSplunk
 
Splunk and Cisco UCS Breakout Session
Splunk and Cisco UCS Breakout SessionSplunk and Cisco UCS Breakout Session
Splunk and Cisco UCS Breakout SessionSplunk
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
Explain the Value of your Splunk Deployment Breakout Session
Explain the Value of your Splunk Deployment Breakout SessionExplain the Value of your Splunk Deployment Breakout Session
Explain the Value of your Splunk Deployment Breakout SessionSplunk
 
Cisco UCS and Splunk Workshop
Cisco UCS and Splunk WorkshopCisco UCS and Splunk Workshop
Cisco UCS and Splunk WorkshopRobb Boyd
 
Monitoring Consumer Digital Experience
Monitoring Consumer Digital ExperienceMonitoring Consumer Digital Experience
Monitoring Consumer Digital ExperienceThousandEyes
 
Splunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search DojoSplunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search DojoSplunk
 
Ford
FordFord
FordDataWorks Summit/Hadoop Summit
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
How to Align Your Daily Splunk Activities Breakout Session
How to Align Your Daily Splunk Activities Breakout SessionHow to Align Your Daily Splunk Activities Breakout Session
How to Align Your Daily Splunk Activities Breakout SessionSplunk
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkSplunk
 
How to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT OperationsHow to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT OperationsExtraHop Networks
 
Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Splunk
 
Who Broke My Cloud? SaaS Monitoring Best Practices
Who Broke My Cloud? SaaS Monitoring Best PracticesWho Broke My Cloud? SaaS Monitoring Best Practices
Who Broke My Cloud? SaaS Monitoring Best PracticesThousandEyes
 
Operational Analytics at Credit Suisse from ThousandEyes Connect
Operational Analytics at Credit Suisse from ThousandEyes ConnectOperational Analytics at Credit Suisse from ThousandEyes Connect
Operational Analytics at Credit Suisse from ThousandEyes ConnectThousandEyes
 
Data Onboarding Breakout Session
Data Onboarding Breakout SessionData Onboarding Breakout Session
Data Onboarding Breakout SessionSplunk
 
Taking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionTaking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionSplunk
 
EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...ExtraHop Networks
 
ExtraHop Splunk datasheet
ExtraHop Splunk datasheetExtraHop Splunk datasheet
ExtraHop Splunk datasheetExtraHop Networks
 
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Splunk
 
SplunkLive! Stockholm 2016 - Mr Green
SplunkLive! Stockholm 2016 - Mr GreenSplunkLive! Stockholm 2016 - Mr Green
SplunkLive! Stockholm 2016 - Mr GreenSplunk
 
SplunkLive! Stockholm 2015 - Statnett
SplunkLive! Stockholm 2015 - StatnettSplunkLive! Stockholm 2015 - Statnett
SplunkLive! Stockholm 2015 - StatnettSplunk
 

Weitere ähnliche Inhalte

Was ist angesagt?

SplunkLive! Utrecht 2016 - Exact
SplunkLive! Utrecht 2016 - ExactSplunkLive! Utrecht 2016 - Exact
SplunkLive! Utrecht 2016 - ExactSplunk
 
Splunk and Cisco UCS Breakout Session
Splunk and Cisco UCS Breakout SessionSplunk and Cisco UCS Breakout Session
Splunk and Cisco UCS Breakout SessionSplunk
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
Explain the Value of your Splunk Deployment Breakout Session
Explain the Value of your Splunk Deployment Breakout SessionExplain the Value of your Splunk Deployment Breakout Session
Explain the Value of your Splunk Deployment Breakout SessionSplunk
 
Cisco UCS and Splunk Workshop
Cisco UCS and Splunk WorkshopCisco UCS and Splunk Workshop
Cisco UCS and Splunk WorkshopRobb Boyd
 
Monitoring Consumer Digital Experience
Monitoring Consumer Digital ExperienceMonitoring Consumer Digital Experience
Monitoring Consumer Digital ExperienceThousandEyes
 
Splunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search DojoSplunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search DojoSplunk
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer PresentationSplunk
 
How to Align Your Daily Splunk Activities Breakout Session
How to Align Your Daily Splunk Activities Breakout SessionHow to Align Your Daily Splunk Activities Breakout Session
How to Align Your Daily Splunk Activities Breakout SessionSplunk
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkSplunk
 
How to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT OperationsHow to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT OperationsExtraHop Networks
 
Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Splunk
 
Who Broke My Cloud? SaaS Monitoring Best Practices
Who Broke My Cloud? SaaS Monitoring Best PracticesWho Broke My Cloud? SaaS Monitoring Best Practices
Who Broke My Cloud? SaaS Monitoring Best PracticesThousandEyes
 
Operational Analytics at Credit Suisse from ThousandEyes Connect
Operational Analytics at Credit Suisse from ThousandEyes ConnectOperational Analytics at Credit Suisse from ThousandEyes Connect
Operational Analytics at Credit Suisse from ThousandEyes ConnectThousandEyes
 
Data Onboarding Breakout Session
Data Onboarding Breakout SessionData Onboarding Breakout Session
Data Onboarding Breakout SessionSplunk
 
Taking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionTaking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionSplunk
 
EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...ExtraHop Networks
 
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Splunk
 

Was ist angesagt? (20)

SplunkLive! Utrecht 2016 - Exact
SplunkLive! Utrecht 2016 - ExactSplunkLive! Utrecht 2016 - Exact
SplunkLive! Utrecht 2016 - Exact
 
Splunk and Cisco UCS Breakout Session
Splunk and Cisco UCS Breakout SessionSplunk and Cisco UCS Breakout Session
Splunk and Cisco UCS Breakout Session
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer Presentation
 
Explain the Value of your Splunk Deployment Breakout Session
Explain the Value of your Splunk Deployment Breakout SessionExplain the Value of your Splunk Deployment Breakout Session
Explain the Value of your Splunk Deployment Breakout Session
 
Cisco UCS and Splunk Workshop
Cisco UCS and Splunk WorkshopCisco UCS and Splunk Workshop
Cisco UCS and Splunk Workshop
 
Monitoring Consumer Digital Experience
Monitoring Consumer Digital ExperienceMonitoring Consumer Digital Experience
Monitoring Consumer Digital Experience
 
Splunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search DojoSplunk Ninjas: New Features and Search Dojo
Splunk Ninjas: New Features and Search Dojo
 
Ford
FordFord
Ford
 
Customer Presentation
Customer PresentationCustomer Presentation
Customer Presentation
 
How to Align Your Daily Splunk Activities Breakout Session
How to Align Your Daily Splunk Activities Breakout SessionHow to Align Your Daily Splunk Activities Breakout Session
How to Align Your Daily Splunk Activities Breakout Session
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in Splunk
 
How to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT OperationsHow to Use Big Data to Transform IT Operations
How to Use Big Data to Transform IT Operations
 
Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)Power of Splunk Search Processing Language (SPL)
Power of Splunk Search Processing Language (SPL)
 
Who Broke My Cloud? SaaS Monitoring Best Practices
Who Broke My Cloud? SaaS Monitoring Best PracticesWho Broke My Cloud? SaaS Monitoring Best Practices
Who Broke My Cloud? SaaS Monitoring Best Practices
 
Operational Analytics at Credit Suisse from ThousandEyes Connect
Operational Analytics at Credit Suisse from ThousandEyes ConnectOperational Analytics at Credit Suisse from ThousandEyes Connect
Operational Analytics at Credit Suisse from ThousandEyes Connect
 
Data Onboarding Breakout Session
Data Onboarding Breakout SessionData Onboarding Breakout Session
Data Onboarding Breakout Session
 
Taking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout SessionTaking Splunk to the Next Level - Management Breakout Session
Taking Splunk to the Next Level - Management Breakout Session
 
EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...EMA Presentation: Driving Business Value with Continuous Operational Intellig...
EMA Presentation: Driving Business Value with Continuous Operational Intellig...
 
ExtraHop Splunk datasheet
ExtraHop Splunk datasheetExtraHop Splunk datasheet
ExtraHop Splunk datasheet
 
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
 

Andere mochten auch

SplunkLive! Stockholm 2016 - Mr Green
SplunkLive! Stockholm 2016 - Mr GreenSplunkLive! Stockholm 2016 - Mr Green
SplunkLive! Stockholm 2016 - Mr GreenSplunk
 
SplunkLive! Stockholm 2015 - Statnett
SplunkLive! Stockholm 2015 - StatnettSplunkLive! Stockholm 2015 - Statnett
SplunkLive! Stockholm 2015 - StatnettSplunk
 
Splunklive! Stockholm 2015 - IKEA
Splunklive! Stockholm 2015 - IKEASplunklive! Stockholm 2015 - IKEA
Splunklive! Stockholm 2015 - IKEASplunk
 
SplunkLive! Stockholm 2015 - Klarna
SplunkLive! Stockholm 2015 - KlarnaSplunkLive! Stockholm 2015 - Klarna
SplunkLive! Stockholm 2015 - KlarnaSplunk
 
SplunkLive! Utrecht - KPN
SplunkLive! Utrecht - KPNSplunkLive! Utrecht - KPN
SplunkLive! Utrecht - KPNSplunk
 
Splunk Live! Utrecht 2016 - CERT EU
Splunk Live! Utrecht 2016 - CERT EUSplunk Live! Utrecht 2016 - CERT EU
Splunk Live! Utrecht 2016 - CERT EUSplunk
 
SplunkLive! Paris 2016 - Customer Presentation - Natixis
SplunkLive! Paris 2016 - Customer Presentation - NatixisSplunkLive! Paris 2016 - Customer Presentation - Natixis
SplunkLive! Paris 2016 - Customer Presentation - NatixisSplunk
 
Sl nashville major Hospital company
Sl nashville major Hospital companySl nashville major Hospital company
Sl nashville major Hospital companySplunk
 
SplunkLive! London 2016 - John Lewis
SplunkLive! London 2016 - John LewisSplunkLive! London 2016 - John Lewis
SplunkLive! London 2016 - John LewisSplunk
 
Splunk Discovery Day Düsseldorf 2016 - Use Case GDIS
Splunk Discovery Day Düsseldorf 2016 - Use Case GDISSplunk Discovery Day Düsseldorf 2016 - Use Case GDIS
Splunk Discovery Day Düsseldorf 2016 - Use Case GDISSplunk
 
SplunkLive! Frankfurt 2016 - Helvetia Use Case
SplunkLive! Frankfurt 2016 - Helvetia Use CaseSplunkLive! Frankfurt 2016 - Helvetia Use Case
SplunkLive! Frankfurt 2016 - Helvetia Use CaseSplunk
 
SplunkLive! Frankfurt 2016 - mail.de Use Case
SplunkLive! Frankfurt 2016 - mail.de Use CaseSplunkLive! Frankfurt 2016 - mail.de Use Case
SplunkLive! Frankfurt 2016 - mail.de Use CaseSplunk
 
SplunkLive Perth Enterprise Security & User Behaviour Analytics
SplunkLive Perth Enterprise Security & User Behaviour AnalyticsSplunkLive Perth Enterprise Security & User Behaviour Analytics
SplunkLive Perth Enterprise Security & User Behaviour AnalyticsSplunk
 
SplunkLive Perth Machine Learning & Analytics
SplunkLive Perth Machine Learning & AnalyticsSplunkLive Perth Machine Learning & Analytics
SplunkLive Perth Machine Learning & AnalyticsSplunk
 
SplunkLive Melbourne Scaling and best practice for Splunk on premise and in t...
SplunkLive Melbourne Scaling and best practice for Splunk on premise and in t...SplunkLive Melbourne Scaling and best practice for Splunk on premise and in t...
SplunkLive Melbourne Scaling and best practice for Splunk on premise and in t...Splunk
 
SplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXPSplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXPSplunk
 
SplunkLive Sydney Scaling and best practice for Splunk on premise and in the ...
SplunkLive Sydney Scaling and best practice for Splunk on premise and in the ...SplunkLive Sydney Scaling and best practice for Splunk on premise and in the ...
SplunkLive Sydney Scaling and best practice for Splunk on premise and in the ...Splunk
 
SplunkLive Canberra Enterprise Security and User Behaviour Analytics
SplunkLive Canberra Enterprise Security and User Behaviour AnalyticsSplunkLive Canberra Enterprise Security and User Behaviour Analytics
SplunkLive Canberra Enterprise Security and User Behaviour AnalyticsSplunk
 
Splunk at Scotiabank
Splunk at ScotiabankSplunk at Scotiabank
Splunk at ScotiabankSplunk
 
SplunkLive! Warsaw 2016 - ING Bank
SplunkLive! Warsaw 2016 - ING BankSplunkLive! Warsaw 2016 - ING Bank
SplunkLive! Warsaw 2016 - ING BankSplunk
 

Andere mochten auch (20)

SplunkLive! Stockholm 2016 - Mr Green
SplunkLive! Stockholm 2016 - Mr GreenSplunkLive! Stockholm 2016 - Mr Green
SplunkLive! Stockholm 2016 - Mr Green
 
SplunkLive! Stockholm 2015 - Statnett
SplunkLive! Stockholm 2015 - StatnettSplunkLive! Stockholm 2015 - Statnett
SplunkLive! Stockholm 2015 - Statnett
 
Splunklive! Stockholm 2015 - IKEA
Splunklive! Stockholm 2015 - IKEASplunklive! Stockholm 2015 - IKEA
Splunklive! Stockholm 2015 - IKEA
 
SplunkLive! Stockholm 2015 - Klarna
SplunkLive! Stockholm 2015 - KlarnaSplunkLive! Stockholm 2015 - Klarna
SplunkLive! Stockholm 2015 - Klarna
 
SplunkLive! Utrecht - KPN
SplunkLive! Utrecht - KPNSplunkLive! Utrecht - KPN
SplunkLive! Utrecht - KPN
 
Splunk Live! Utrecht 2016 - CERT EU
Splunk Live! Utrecht 2016 - CERT EUSplunk Live! Utrecht 2016 - CERT EU
Splunk Live! Utrecht 2016 - CERT EU
 
SplunkLive! Paris 2016 - Customer Presentation - Natixis
SplunkLive! Paris 2016 - Customer Presentation - NatixisSplunkLive! Paris 2016 - Customer Presentation - Natixis
SplunkLive! Paris 2016 - Customer Presentation - Natixis
 
Sl nashville major Hospital company
Sl nashville major Hospital companySl nashville major Hospital company
Sl nashville major Hospital company
 
SplunkLive! London 2016 - John Lewis
SplunkLive! London 2016 - John LewisSplunkLive! London 2016 - John Lewis
SplunkLive! London 2016 - John Lewis
 
Splunk Discovery Day Düsseldorf 2016 - Use Case GDIS
Splunk Discovery Day Düsseldorf 2016 - Use Case GDISSplunk Discovery Day Düsseldorf 2016 - Use Case GDIS
Splunk Discovery Day Düsseldorf 2016 - Use Case GDIS
 
SplunkLive! Frankfurt 2016 - Helvetia Use Case
SplunkLive! Frankfurt 2016 - Helvetia Use CaseSplunkLive! Frankfurt 2016 - Helvetia Use Case
SplunkLive! Frankfurt 2016 - Helvetia Use Case
 
SplunkLive! Frankfurt 2016 - mail.de Use Case
SplunkLive! Frankfurt 2016 - mail.de Use CaseSplunkLive! Frankfurt 2016 - mail.de Use Case
SplunkLive! Frankfurt 2016 - mail.de Use Case
 
SplunkLive Perth Enterprise Security & User Behaviour Analytics
SplunkLive Perth Enterprise Security & User Behaviour AnalyticsSplunkLive Perth Enterprise Security & User Behaviour Analytics
SplunkLive Perth Enterprise Security & User Behaviour Analytics
 
SplunkLive Perth Machine Learning & Analytics
SplunkLive Perth Machine Learning & AnalyticsSplunkLive Perth Machine Learning & Analytics
SplunkLive Perth Machine Learning & Analytics
 
SplunkLive Melbourne Scaling and best practice for Splunk on premise and in t...
SplunkLive Melbourne Scaling and best practice for Splunk on premise and in t...SplunkLive Melbourne Scaling and best practice for Splunk on premise and in t...
SplunkLive Melbourne Scaling and best practice for Splunk on premise and in t...
 
SplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXPSplunkLive! Utrecht 2016 - NXP
SplunkLive! Utrecht 2016 - NXP
 
SplunkLive Sydney Scaling and best practice for Splunk on premise and in the ...
SplunkLive Sydney Scaling and best practice for Splunk on premise and in the ...SplunkLive Sydney Scaling and best practice for Splunk on premise and in the ...
SplunkLive Sydney Scaling and best practice for Splunk on premise and in the ...
 
SplunkLive Canberra Enterprise Security and User Behaviour Analytics
SplunkLive Canberra Enterprise Security and User Behaviour AnalyticsSplunkLive Canberra Enterprise Security and User Behaviour Analytics
SplunkLive Canberra Enterprise Security and User Behaviour Analytics
 
Splunk at Scotiabank
Splunk at ScotiabankSplunk at Scotiabank
Splunk at Scotiabank
 
SplunkLive! Warsaw 2016 - ING Bank
SplunkLive! Warsaw 2016 - ING BankSplunkLive! Warsaw 2016 - ING Bank
SplunkLive! Warsaw 2016 - ING Bank
 

Ähnlich wie SplunkLive! Stockholm 2016 - iZettle

Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements Harry McLaren
 
SplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - UnicreditSplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - UnicreditSplunk
 
The Pennsylvania State University: Modernizing and Standardizing the Penn Sta...
The Pennsylvania State University: Modernizing and Standardizing the Penn Sta...The Pennsylvania State University: Modernizing and Standardizing the Penn Sta...
The Pennsylvania State University: Modernizing and Standardizing the Penn Sta...Software AG
 
Building TaxBrain: Numba-enabled Financial Computing on the Web
Building TaxBrain: Numba-enabled Financial Computing on the WebBuilding TaxBrain: Numba-enabled Financial Computing on the Web
Building TaxBrain: Numba-enabled Financial Computing on the Webtalumbau
 
ABC of Agile (Scrum & Extreme Programming)
ABC of Agile (Scrum & Extreme Programming)ABC of Agile (Scrum & Extreme Programming)
ABC of Agile (Scrum & Extreme Programming)Amardeep Vishwakarma
 
[EN] Building modern data pipeline with Snowflake + DBT + Airflow.pdf
[EN] Building modern data pipeline with Snowflake + DBT + Airflow.pdf[EN] Building modern data pipeline with Snowflake + DBT + Airflow.pdf
[EN] Building modern data pipeline with Snowflake + DBT + Airflow.pdfChris Hoyean Song
 
Elk for Sysadmins
Elk for SysadminsElk for Sysadmins
Elk for SysadminsTanner Lund
 
Taking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - ManagerTaking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - ManagerSplunk
 
Cracking web development
Cracking web developmentCracking web development
Cracking web developmentEyal Kenig
 
IBM Monitoring and Event Management Solutions
IBM Monitoring and Event Management SolutionsIBM Monitoring and Event Management Solutions
IBM Monitoring and Event Management SolutionsIBM Danmark
 
Webinar: Best Practices for Upgrading to MongoDB 3.2
Webinar: Best Practices for Upgrading to MongoDB 3.2Webinar: Best Practices for Upgrading to MongoDB 3.2
Webinar: Best Practices for Upgrading to MongoDB 3.2Dana Elisabeth Groce
 
Insight on MongoDB Change Stream - Abhishek.D, Mydbops Team
Insight on MongoDB Change Stream - Abhishek.D, Mydbops TeamInsight on MongoDB Change Stream - Abhishek.D, Mydbops Team
Insight on MongoDB Change Stream - Abhishek.D, Mydbops TeamMydbops
 
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk DevelopmentTSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk DevelopmentHarry McLaren
 
Machine Data 101
Machine Data 101Machine Data 101
Machine Data 101Splunk
 
IBM Cognos Licensing Changes: What You Need to Know
IBM Cognos Licensing Changes: What You Need to KnowIBM Cognos Licensing Changes: What You Need to Know
IBM Cognos Licensing Changes: What You Need to KnowSenturus
 
Data Con LA 2022 - Supercharge your Snowflake Data Cloud from a Snowflake Dat...
Data Con LA 2022 - Supercharge your Snowflake Data Cloud from a Snowflake Dat...Data Con LA 2022 - Supercharge your Snowflake Data Cloud from a Snowflake Dat...
Data Con LA 2022 - Supercharge your Snowflake Data Cloud from a Snowflake Dat...Data Con LA
 
Resume_MCA_2016_Divya-3
Resume_MCA_2016_Divya-3Resume_MCA_2016_Divya-3
Resume_MCA_2016_Divya-3Divya S
 
Analysing and Troubleshooting Performance Issues in SAP BusinessObjects BI Re...
Analysing and Troubleshooting Performance Issues in SAP BusinessObjects BI Re...Analysing and Troubleshooting Performance Issues in SAP BusinessObjects BI Re...
Analysing and Troubleshooting Performance Issues in SAP BusinessObjects BI Re...BI Brainz
 
IT Risk Assessment Tool
IT Risk Assessment ToolIT Risk Assessment Tool
IT Risk Assessment ToolKevinM48
 

Ähnlich wie SplunkLive! Stockholm 2016 - iZettle (20)

Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements Latest Updates to Splunk from .conf 2017 Announcements
Latest Updates to Splunk from .conf 2017 Announcements
 
SplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - UnicreditSplunkLive! Milano 2016 - customer presentation - Unicredit
SplunkLive! Milano 2016 - customer presentation - Unicredit
 
The Pennsylvania State University: Modernizing and Standardizing the Penn Sta...
The Pennsylvania State University: Modernizing and Standardizing the Penn Sta...The Pennsylvania State University: Modernizing and Standardizing the Penn Sta...
The Pennsylvania State University: Modernizing and Standardizing the Penn Sta...
 
Building TaxBrain: Numba-enabled Financial Computing on the Web
Building TaxBrain: Numba-enabled Financial Computing on the WebBuilding TaxBrain: Numba-enabled Financial Computing on the Web
Building TaxBrain: Numba-enabled Financial Computing on the Web
 
ABC of Agile (Scrum & Extreme Programming)
ABC of Agile (Scrum & Extreme Programming)ABC of Agile (Scrum & Extreme Programming)
ABC of Agile (Scrum & Extreme Programming)
 
[EN] Building modern data pipeline with Snowflake + DBT + Airflow.pdf
[EN] Building modern data pipeline with Snowflake + DBT + Airflow.pdf[EN] Building modern data pipeline with Snowflake + DBT + Airflow.pdf
[EN] Building modern data pipeline with Snowflake + DBT + Airflow.pdf
 
Elk for Sysadmins
Elk for SysadminsElk for Sysadmins
Elk for Sysadmins
 
Taking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - ManagerTaking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - Manager
 
Cracking web development
Cracking web developmentCracking web development
Cracking web development
 
IBM Monitoring and Event Management Solutions
IBM Monitoring and Event Management SolutionsIBM Monitoring and Event Management Solutions
IBM Monitoring and Event Management Solutions
 
Webinar: Best Practices for Upgrading to MongoDB 3.2
Webinar: Best Practices for Upgrading to MongoDB 3.2Webinar: Best Practices for Upgrading to MongoDB 3.2
Webinar: Best Practices for Upgrading to MongoDB 3.2
 
Insight on MongoDB Change Stream - Abhishek.D, Mydbops Team
Insight on MongoDB Change Stream - Abhishek.D, Mydbops TeamInsight on MongoDB Change Stream - Abhishek.D, Mydbops Team
Insight on MongoDB Change Stream - Abhishek.D, Mydbops Team
 
Arghadeep_BWBI_Resume
Arghadeep_BWBI_ResumeArghadeep_BWBI_Resume
Arghadeep_BWBI_Resume
 
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk DevelopmentTSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
 
Machine Data 101
Machine Data 101Machine Data 101
Machine Data 101
 
IBM Cognos Licensing Changes: What You Need to Know
IBM Cognos Licensing Changes: What You Need to KnowIBM Cognos Licensing Changes: What You Need to Know
IBM Cognos Licensing Changes: What You Need to Know
 
Data Con LA 2022 - Supercharge your Snowflake Data Cloud from a Snowflake Dat...
Data Con LA 2022 - Supercharge your Snowflake Data Cloud from a Snowflake Dat...Data Con LA 2022 - Supercharge your Snowflake Data Cloud from a Snowflake Dat...
Data Con LA 2022 - Supercharge your Snowflake Data Cloud from a Snowflake Dat...
 
Resume_MCA_2016_Divya-3
Resume_MCA_2016_Divya-3Resume_MCA_2016_Divya-3
Resume_MCA_2016_Divya-3
 
Analysing and Troubleshooting Performance Issues in SAP BusinessObjects BI Re...
Analysing and Troubleshooting Performance Issues in SAP BusinessObjects BI Re...Analysing and Troubleshooting Performance Issues in SAP BusinessObjects BI Re...
Analysing and Troubleshooting Performance Issues in SAP BusinessObjects BI Re...
 
IT Risk Assessment Tool
IT Risk Assessment ToolIT Risk Assessment Tool
IT Risk Assessment Tool
 

Mehr von Splunk

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routineSplunk
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTVSplunk
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)Splunk
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank InternationalSplunk
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett Splunk
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)Splunk
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...Splunk
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)Splunk
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)Splunk
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College LondonSplunk
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSplunk
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability SessionSplunk
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - KeynoteSplunk
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform SessionSplunk
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security SessionSplunk
 

Mehr von Splunk (20)

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
 

Kürzlich hochgeladen

The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 

Kürzlich hochgeladen (20)

The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 

SplunkLive! Stockholm 2016 - iZettle

  • 1. Copyright © 2015 Splunk Inc. Splunk at iZettle Johannes Lofgren, Head of DevOps j
  • 2. ‹#› Johannes Löfgren - Head of Devops and Infrastructure
  • 3. ‹#› The challenge…. Show me a PCI-DSS compliant centralised logging solution in 5 weeks!
  • 4. ‹#› Why Splunk? • PCI-DSS - Payment Card Industry Data Security Standard • iZettle’s first PCI-DSS audit was in Q2 2012 • Starting point: local logs on around 10 backend servers • Before audit deadline: Prove our control of operations and security using our centralised log solution
  • 5. ‹#› Starting out Daily report email Scheduled alerts (email and sms) File integrity monitoring Learn basic search skills
  • 6. ‹#› Starting out < 1s, Expected result of automated deploy 90 minutes, Further investigation needed File integrity monitoring Daily report email
  • 7. ‹#› iZettle expansion All backend systems logging to Splunk 2011 One market Monolithic backend Single location traditional hosting 2013 Multiple markets in three continents Distributed backend Hybrid cloud infrastructure
  • 8. ‹#› Splunk at iZettle Today Usage 50% of total implemented alerts 80+ users All backend services log to splunk Support Security Development QAOperations Benefits Easy to scale Easy to move Search across multiple services Adapt alert triggers to trends FIM
  • 9. ‹#› Follow the trend - example Weekly and daily trend below
  • 10. ‹#› Follow the trend - example The _internal index tracks logged bytes per source: earliest = -1h@h latest = @h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as last
  • 11. ‹#› Follow the trend - example Run a subsearch for the same, 7 days ago. Column output: earliest = -1h@h latest = @h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as last | appendcols [ search earliest = -169h@h latest = -168h@h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as comparator ]
  • 12. ‹#› Follow the trend - example Calculate the percentage diff. Add explanatory labels: earliest = -1h@h latest = @h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as last | appendcols [ search earliest = -169h@h latest = -168h@h index=_internal source=*license_usage.log type=Usage s=merchant-reports | eval MB=b/1024/1024 | stats sum(MB) as comparator ] | eval percent_change=100*(last/comparator)-100 | rename last as "MB Latest hour", comparator as "MB same hour, 7 days ago"
  • 13. ‹#› Follow the trend - example The _internal index is lightweight to search: What to do with this? Create an alert triggering on a positive and negative threshold of the variable “percent_change” Generic enough to suit any system
  • 14. ‹#› Key lessons Insert all your logging services to cross search systems Take a generic anomaly approach on alerts Make use of what’s already summarised for light weight searching Use dynamic alert thresholds