Keine Notizen für die Folie
Splunk now has more than 600 employees worldwide, with headquarters in San Francisco and 14 offices around the world.Since first shipping its software in 2006, Splunk now has over 4,400 customers in 80+ countries. These organizations are using Splunk software to improve service levels, reduce operations costs, mitigate security risks, enable compliance, enhance DevOps collaboration and create new product and service offerings. Please always refer to latest company data found here: http://www.splunk.com/company.
Machine data complexity – getting to the data – is a real challenge.Let’s take an example of a customer call a service desk. We have a customer in Boston who used to have 36 people on the phone for up to 8 hours while they tried to figure out why the core website was downAnd it’s not just a problem for IT, it can harm the business.Customer calls service desk – service desk logs calls and escalates (red light/green light, everything looks green)Escalated to App support – looks at java monitoring tools and everything looks fine because rely on instrumentation; but no access to logs!Developer gets pulled in and has to stop working on new codeNeeds to ask sysadmin for logsDeveloper establishes not his problem, escalate to DB guyDB guy looks at audit logs and points to bad query We call this “human latency” and customers we talk to say it can consume hours or sometimes days of previous time when issues occur!
And that’s been our goal since inception—is to bring light to the data exhaust that’s driving all of these systems. To consolidate and correlate those murky log files into something valuable for you and the business.
According to IDC, unstructured data, much of it generated by machines, accounts for more than 90% of the data in today’s organizations. All websites, communications, networking and complex IT infrastructures generate massive streams of machine data every second of every day, in an array of unpredictable formats that are difficult to process and analyze by traditional methods or in a timely manner.
Machine data is one of the fastest growing and most pervasive segments of “big data”—generated by websites, applications, servers, networks, mobile devices and all the sensors and RFID assets that produce data every second of every day. It’s also one of the most valuable, containing a definitive record of user transactions, customer behavior, sensor activity, machine behavior, security threats, fraudulent activity and more. Traditional technologies predominantly built on relational databases cannot handle the complexity or massive scale of today’s machine data. Nor do they allow the flexibility to ask any question or get questions answered in real time—which is now an expectation of users.By monitoring and analyzing everything from customer clickstreams and transactions to network activity and call records —and more—Splunk software turns machine data into valuable insights no matter what business you’re in. It’s what we call operational intelligence.
Unlike traditional structured data or multi-dimensional data– for example data stored in a traditional relational database for batch reporting – machine data is non-standard, highly diverse, dynamic and high volume. You will notice that machine data events are also typically time-stamped – it is time-series data. Take the example of purchasing a product on your tablet or smartphone: the purchase transaction fails, you call the call center and then tweet about your experience. All these events are captured - as they occur - in the machine data generated by the different systems supporting these different interactions. Each of the underlying systems can generate millions of machine data events daily. Here we see small excerpts from just some of them.
When we look more closely at the data we see that it contains valuable information – customer id, order id, time waiting on hold, twitter id … what was tweeted. What’s important is first of all the ability to actually see across all these disparate data sources, but then to correlate related events across disparate sources, to deliver meaningful insight.
If you can correlate and visualize related events across these disparate sources, you can build a picture of activity, behavior and experience. And what if you can do all of this in real-time? You can respond more quickly to events that matter. You can extrapolate this example to a wide range of use cases – security and fraud, transaction monitoring and analysis, web analytics, IT operations and so on.
It’s fair to ask “what’s so different about this new generation of data?” After all, haven’t data volumes always been growing? The answer is yes, data is always growing. Some types of data are more mature. For example, business application data that comes from accounting systems, databases, and the like. This data is well understood, highly structured, and is usually managed by relational databases and OLAP systems. This data is growing more slowly – and the technologies to manage it are quite capable. There is also human-generated data, such as documents, text messages, and video. Technologies like Google are doing a great job of harvesting, indexing, and managing human-generated data. Document management systems handle some of this information, and those technologies are well known and mature. What’s new about machine data are the massive volumes of data that are being generated by devices, like servers, web streams, and mobile technologies. This data has highly diverse formats, and time is a critical dimension. It also contains human-generated data. This is the data that Splunk manages – this is the world of machine data. Splunk is as important to the world of machine data as the relational data base is to structured data, or as Google is to text data.
Using Splunk, organizations identify and resolve issues up to 70% faster and reduce costly escalations by up to 90%. Splunk is one place to find and fix problems, and investigate incidents across all your IT systems and infrastructure - your applications, websites, servers, networks, virtual machines, security devices, and more. This alone eliminates much of the "human latency" experienced in the trenches.
Splunk’s flagship product is Splunk Enterprise. Splunk Enterprise is a fully featured, powerful platform for collecting, searching, monitoring and analyzing machine data.Splunk collects machine data securely and reliably from wherever it’s generated. It stores and indexes the data in real time in a centralized location and protects it with role-based access controls. You can even leverage other data stores. Splunk lets you search, monitor, report and analyze your real-time and historical data. Now you have the ability to quickly visualize and share your data, no matter how unstructured, large or diverse it may be. Troubleshoot problems and investigate security incidents in minutes (not hours or days). Monitor your end-to-end infrastructure to avoid service degradation or outages. Gain real-time visibility and critical insights into customer experience, transactions and behavior. Use Splunk and make your data accessible, usable and valuable across the enterprise.
Splunk collects and indexes any machine data from virtually any source, format or location in real time. This includes data streaming from packaged and custom applications, app servers, web servers, databases, networks, virtual machines, telecoms equipment, OS’s, sensors, and much more. There’s no requirement to “understand” the data upfront. Just point Splunk at your data or deploy Splunk forwarders to reliably stream data from remote systems at scale. Splunk immediately starts collecting and indexing, so you can start searching and analyzing. No more armies of consultants, or a DBA to make it work.
Both IT and business professionals can analyze machine data to get real-time visibility and operational intelligence.With our data engine and our customers' machine data, organizations can meaningfully improve their performance in a wide range of areas e.g. meet service levels, reduce costs, mitigate security risks, maintain compliance and gain insights.
Here's how using Splunk and your machine data can drive significant benefits for your organization.Search and investigation. Using Splunk, organizations identify and resolve issues up to 70% faster and reduce costly escalations by up to 90%. Splunk is one place to find and fix problems, and investigate incidents across all your IT systems and infrastructure.Proactive monitoring.Monitor IT systems in real time to identify issues, problems and attacks before they impact your customers, services and revenue. Splunk keeps watch of specific patterns, trends and thresholds in your machine data so you don't have to. Trigger notifications in real-time via email or RSS, execute a script to take remedial actions, send an SNMP trap to your system management console or generate a service desk ticket.Operational visibility.See the whole picture, track performance and make better decisions. Visualize usage trends to better plan for capacity; spot SLA infractions, track how you are being measured by the business. Do all of this using your existing machine data without spending millions of dollars instrumenting your IT infrastructure.Real-time business insight. Make better-informed business decisions by understanding trends, patterns and gaining Operational Intelligence from your machine data. See the success of new online services by channel or demographic, reconcile 3rd-party service provider fees against actual use, find your heaviest users and heaviest abusers, and more. Because machine data captures every behavior, the possibilities are game changing. You'll find the lead times to get to this intelligence dramatically less than other solutions - measured in minutes/hours instead of months.
The Splunk Enterprise platform consists of 2 layers:A core engine and an interface layer.On top of the platform you can’t run a broad spectrum of content that supports use cases.Use cases range from application mgmt. and IT operations, to ES and PCI compliance, to web analytic, and more.The core engine provides the basic services for real time data input, indexing and search as well alerting, large scale distributed processing and role based access.The Interface layer consist of the basic UI for search, reporting and visualization – it contains developer interfaces, the REST API and SDKs.The SDKs provide a convenient access to core engine services in a variety of programing language environments. These programmatic interfaces allow you to either:Extend SplunkIntegrate Splunk with other applicationsBuild completely new applications from scratch that require OI or analytical services that Splunk provides
You have to do more with less and you need to do it faster. Splunk Enterprise lets you search billions of events in seconds on a single commodity server.Its parallel architecture means search and indexing performance scales linearly across commodity servers. And it's distributed architecture scales from a single server to datacenters to the cloud. Splunk Enterprise has its own highly efficient datastore and is not restricted by the throughput constraints or rigid schemas of traditional databases, making it the fastest, most flexible way to search, alert and report on your machine data.
Here are just some of the new Splunk Apps that have been delivered over the past year. Their goal is to make it easier to use Splunk for specific technologies and use cases – prepackaging inputs, field extractions, searches and visualizations.Highlight a few apps.These apps along with 100’s of others have beendeveloped not only by Splunk but by partners, customers and members of the Splunk community.
Splunk Enterprise is a fully featured, powerful platform for collecting, searching, monitoring and analyzing machine data. Splunk Enterprise is easy to deploy and use. Splunk Enterprise has been deployed on-premise, in virtualized environments, in private clouds, public clouds and in hybrid environments. It turns machine data into rapid visibility, insight and intelligence.For cloud developers, Splunk Storm delivers the power of Splunk as an elastic, scalable service. Sign up in seconds, then start analyzing data from any major cloud platform.
There are a whole host of ways Developerscan leverage Splunk to maximize enterprise technology investments.Accelerate Dev & Test: Use Splunk Enterprise out of the box. Splunk increases the speed and efficiency of application development, testing and provides proactive monitoring and analytics for applications in production.Integrate with IT Infrastructure: Integrate Splunk data with other enterprise applications, using SDKs on top of our REST API. Build real-time data applications: Build applications that take the value of Splunk beyond IT. IT early-warning systems, security and fraud protection, clickstream analysis & other revenue enhancing analytics.
Platforms need to provide better interoperability. And for Hadoop users, we are providing just that. To help address common challenges deploying and running Hadoop. SplunkHadoop Connect enables Hadoop users to leverage Splunk to reliably collect massive volumes of machine data. Analyze data in real-time, create visualizations, custom dashboards and protect data with secure role-based access. Then reliably deliver data to Hadoop for ongoing batch analytics. You can also index data stored in Hadoop because once in Splunk, your data’s available for rapid visualization, reporting, analysis and sharing.The Splunk App for HadoopOpsextends what Splunk already does well - troubleshoot and monitor your Hadoop infrastructure. And because it's Splunk it doesn't stop with the Hadoop components, it includes everything. End-to-end. So you get a more complete view of your environment.
Splunk is being used in almost every industry across the world.Since first shipping its software in 2006, Splunk now has over 4,400 customers in 80+ countries. These organizations are using Splunk software to improve service levels, reduce operations costs, mitigate security risks, enable compliance, enhance DevOps collaboration and create new product and service offerings. With Splunk they break down traditional data silos, achieve new levels of operational intelligence and gain insights that benefit IT and business users.Please always refer to latest company data found here: http://www.splunk.com/company.
Problem: With tens of thousands of users of its distributed multi-tenant application, enterprise cloud computing giant Salesforce.com had limited visibility and slow response to inbound customer calls. The support team relied on a legacy log mining system that took hours to run queries. The result was slow issue response and costly escalations to Tier 2 support. Rather than focusing on new features and innovating their industry-leading CRM solution, the Salesforce development team was forced spend time troubleshooting. Salesforce needed better visibility into their infrastructure to resolve issues and enhance the customer experience. Solution: Salesforce.com first brought Splunk in 2009 to improve their operational visibility. Splunk helped them quickly decrease troubleshooting times by 96%, freeing their developers to focus on delivering new functionality. Today, SFDC developers, operation staff and product managers (hundreds of users) all rely on data and dashboards to determine the effectiveness of new features, monitor application performance, enhance the user experience and improve capacity planning. Salesforce.com is also using Splunk to view analytics around usage of Chatter and apps on the Force.com platform. Leveraging the data in Splunk has allowed Salesforce to monitor key performance indicators that help them drive better business decisions. Benefits:A single pane of glass across their enterprise cloud computing environmentReal-time application visibility to understand the impact and usage of new features Increased visibility allows for long-term capacity planningOperational visibility into the key performance indicators that help them drive better business decisions
Problem: With over 5 million subscribers and annual growth rates of 10-20%, Cricket Communications has rapidly become a leading US-based provider of “no signed contracts, no limits” mobile cellular phone services (including voice, text, broadband and data). Cricket Communications regularly handles 3,000 new subscriber requests per hour – about 50 activations per minute. In order to keep up with this tremendous demand for its trademark services, Cricket Communications automated its order processing system and workflows, eliminating manually introduced errors. However, the carrier soon discovered that all its complex applications and systems needed to work without fail in order to keep the flow of orders going. If any part or subsystem experienced a failure or degradation, the whole system would quickly come to a grinding halt. Solution: Cricket Communications deployed Splunk to quickly detect and analyze system performance issues. Using proactive triggers to send alerts from Splunk, the carrier has been able to address problems before they escalate to their event management team. The Applications Operations team calculated that with Splunk in place, they have reduced outage frequency by about 15%, translating into an annual positive revenue protection impact of $1,200,000. The team also gained new operational efficiencies using Splunk and as a result was able to reassign one Full Time Employee (an approximate savings of $100,000) to other tasks. Lastly, by loading log data into Splunk and creating relevant executive dashboards, the company was also able to start looking at business trends on activations, cancellations and other critical business metrics. Benefits: In addition to tremendous cost-savings, Cricket saw the following benefits with Splunk: ROI – Cricket reported an annual ROI savings of $1,300,000 by using SplunkApplication Monitoring – Helps prevent downtime and ensure rapid account activationVendor Management – Rapid recognition and understanding of where problems lie – with Cricket Communications’ applications or those provided by third partiesOperational Intelligence – Direct visibility into business transactions and subscriber selections
iiiAbout– This European Financial Services firm is one of the world-leading financial services company, advising clients in all aspects of finance, around the world, around the clock. It’s core businesses include investment banking, asset management, and private banking.Use Case – The company uses Splunk to gain visibility across their trading infrastructure – which includes over 25 applications. Any application or service downtime in this infrastructure means lost revenues and poor customer experience. Splunk indexes data across all these applications and the mission critical java middle-tier trade service. The service processes thousands of transactions on a daily basis. Benefits - By using Splunk, the firm significantly improved the system uptime and accelerated trade processing times. They can now rapidly pinpoint problems and resolve them much faster than before. The company is now using threshold based alerts to pro-actively identify problems – before they happen and avoid system downtime. As the firm moves forward, it is incorporating Splunk as part of its core application development strategy. When new custom applications are developed, the company is including new metrics and data in the logs – by getting visibility into these logs from Splunk, the firm can gain even more insights into their applications.
Problem: Cisco is the worldwide leader in networking that transforms how people connect, communicate and collaborate. Cisco’s internal CSIRT Security and Incident Response team found it too costly and time-consuming monitoring and tracking security incidents across 40K employee. They were struggling with dozens of consoles for disparate devices, tools and security systems with no easy way to correlate among the.Solution: They wanted a centralized view into user activities and in-scope systems.Benefit: Splunk helped by enabling proactive threat assessment, mitigation planning, incident trending with analysis, security architecture, incident detection and response.
With all this open source technology, one option facing customers is clearly to build. About: BrontoSoftware is the leading provider of email and cross-channel marketing solutions for commerce-focused companies. They help their customers to drive revenue through dynamic, targeted marketing. Bronto serves over 1000 organizations worldwide, including Party City, Armani Exchange, Timex, Samsonite and Trek Bikes.Problem: Their challenge was dealing with massive collection of disparate logs scattered throughout our infrastructure. They started rolling their own in-house tools but quickly realized that development effort was not long term sustainable and wouldn’t scale. They then looked at building their own data indexing platform using Hadoop, HBase and Flume to name a few. As well as 12 months+ time to deployment and cost, the eventual solution would not provide what we needed – ad hoc querying a secure environment, agile and iterative analytics on their data. They would be leaning heavily on engineering and development resources that were currently tasked with building new client facing features. Re-tasking them to create internal tools was not strategic to the business.Benefit: The adoption of splunk was easy – it meant a short learning curve and dropped right into their existing puppet deploy framework - not a very common event for Bronto, to find a 3rd party product that just drops right in. Splunk now used by email delivery teams, client services, software developers, production operations and system engineering. Splunk now used for tracking email metrics, email success trends, system level info and alerting. Dashboards deliver real-time visibility on email success and trends. And Splunk provides real-time infrastructure monitoring and rapid troubleshooting.
Problem: Major online travel company, operates in a highly competitive real-time web-based business environment. Through acquisition and organic growth, the IT landscape at the company had become widely dispersed (silo oriented) and highly complex. Serving travel customers in a targeted and on demand fashion was putting severe demands on their IT infrastructures, stretching their ability to serve the needs of their clients. In the logging space alone, the company was supporting 20 different solutions that ranged from recognized industry products to in-house developed tools and scripts. Most of these solutions were unable to communicate or share data between themselves, making it nearly impossible for the team to follow critical chain reactions from one environment to another – adding extra expense and negatively impacting customer service.Solution: The companyinitially deployed Splunk to streamline its e-commerce logging environment, reduce redundant and desperate tool sets and deliver a more highly optimized user experience for its online clientele. With Splunk, the company was able to create a common platform that its entire team could leverage to identify and diagnose system and process failures. The consolidation of all of this data using Splunk allowed the company to decommission nearly 200 servers, which added to the project ROI on many fronts, including infrastructure savings totaling 2.75 million dollars per quarter since the launch of the project. Splunk also enhanced the company’s ability to deliver targeted content and offers that promote customer service and help generate additional revenues for the company. Benefits: Multi-millions in Annual ROI – troubleshooting efficiencies: $100,000+; Tools consolidation and retirement: $11,000,000; Outage prevention: $3,000,000 per incidentTroubleshooting – gained the ability to quickly and accurately address incidents in real-timeCustomer service & satisfaction – reduced outages and service failuresOnline marketing and SEM optimization – Splunk dashboards are used by the company’s marketing team to determine the most efficient spend and ad placements.
And if you’re having a hard time getting funding for the Splunk purchase or for the conference—just share these case studies. Splunk has proven ROI. The conference is the place for you to learn how to get this type of ROI and growth for your business.
Splunk Enterprise is simple to deploy, scales from a single server deployment to global large-scale operations and delivers fast payback. Download Splunk Enterprise for free, install it in 5 minutes on your laptop or on any commodity server, point it at any machine data and start using it. Splunk software is often deployed for the first time while under fire. A serious service outage or security incident in progress is stressful, but with Splunk Enterprise, you can complete your investigation in a few minutes versus hours or days.