Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (19)
Ähnlich wie Splunk live london_grs
Ähnlich wie Splunk live london_grs (20)
Mehr von jenny_splunk
Splunk live london_grs
- 1. Copyright © 2013 Splunk, Inc. Splunk Overview Godfrey Sullivan, CEO DJ Skillman, Sr. Director Tech Services 1
- 2. Company Update Company (NASDAQ: SPLK) Founded 2004, first software release in 2006 HQ: San Francisco Business Model / Products On-premise, in the cloud and SaaS 5,200+ Customers 63 of the Fortune 100 Largest license: 100 Terabytes per day #1 Big Data Innovator* #1 Big Data Vendor (pure play)** * Fast Company's Most Innovative Companies Issue (March 2013) ** Forbes/Wikibon (Feb 2013)
- 3. Increasing enterprise growth Expand use of information and analytics Delivering operational results Improving enterprise efficiency Improving, governance, compliance, risk and security Top CIO Business & Technology Priorities
- 4. Big Data Comes from Machines Volume | Velocity | Variety | Variability GPS, RFID, Hypervisor, Web Servers, Email, Messaging Clickstreams, Mobile, Telephony, IVR, Databases, Sensors, Telematics, Storage, Servers, Security Devices, Desktops Machine-generated data is one of the fastest growing, most complex and most valuable segments of big data
- 5. What Does Machine Data Look Like? Sources Twitter Care IVR Middleware Error Order Processing
- 6. Sources Twitter Care IVR Middleware Error Order Processing Machine Data Contains Critical Insights Order ID Customer’s Tweet Time Waiting On Hold Product ID Company’s Twitter ID Order ID Customer ID Twitter ID Customer ID Customer ID
- 7. Splunk: the Platform for Machine Data Real-time Business Insights Operational Visibility Proactive Monitoring Search and Investigation Machine Data Operational Intelligence Splunk Index
- 8. Splunk Delivers Value Across IT and the Business
- 9. Splunk Delivers Value Across IT and the Business
- 10. SDKs API UI XenApp XenDeskt op Server, Storage , Network Server Virtualization Operating Systems Infrastructure Applications Mobile Applications Cloud Services Other Monitoring Ticketing/Help Desk Custom Biz Applications Application and IT Ops Management Splunk: Enables Connected End-to-End IT SDKs
- 11. Splunk App for Amazon EC2 Billing in Real-time Cost at Amazon EC2 …by Project …Predictive
- 12. Business Analytics – Who is on our Website? Enterprise Eval Partners Community Web Site Visits by Geo By Customer Type Names Redacted Visits by Named Customer
- 13. Splunk for Developers: From Tool to Platform Integrate with Your IT Infrastructure Build Real-time Big Data Apps on Splunk Accelerate Dev & Test Application Intelligence
- 14. Enabling Exceptional Customer Service Custom CSR app built using JavaScript SDK enables CSRs to inspect customer DVR health in real-time Proactive maintenance leads to lower support costs for Comcast and higher customer satisfaction and reduced churn “Splunk lets us find and fix issues on a customer’s DVR before anyone makes a phone call.” Travis Parchman Operations
- 15. Powering Customer-facing Apps “The Splunk Python SDK gives our developers the familiar environment they need to build apps on Splunk to provides metrics and comparables for our entire customer base.” MSP providing network monitoring and security management Using the Python SDK to build custom dashboards for customers powered by data from Splunk BillMatthews CTO
- 16. Splunk Delivers Value Across IT and the Business
- 17. Threat Levels Growing Exponentially November 29, 2012 Cloud Big Data Mobile
- 18. Splunk App for Enterprise Security Security Operations Center Security Analysts Security Managers and Execs Security Auditors Pre-built security correlation rules, reports, and dashboards Incident investigation and management framework The first big data solution for both known and unknown threat management
- 19. Splunk App for PCI Compliance 2.0 Continuous real-time monitoring of PCI Compliance posture State of PCI Compliance over time Instant visibility on compliance status. Drilldown to detailed views Support for all PCI requirements Security prioritizatio n of in-scope assets
- 20. Splunk Delivers Value Across IT and the Business
- 21. Product-based Solution Performance at Scale Integrated and End-to-end Splunk Delivers Big Data Results in Days or Weeks…
- 22. Delivering Real-time Business Insights Measure customer attention to specific areas of content Analyze click trough's and how they navigate to CJ mall Track and analyze mobile shopping customers in real-time
- 23. Enrich Machine Data with Business Context Understanding customer usage Client Name, Country, Em ail Feed ID SQL SQL SQL Boardreader API used at scale by business customers to pull social media data In hours deployed Splunk for real-time analytics on API performance and usage Helped cut overall costs by eliminating need for a data warehouse
- 24. Service Cost Application Analytics Real-time Sales Analytics Customer Analytics Content & Search Analytics Online Monetization Analytics Business Insights with Splunk
- 25. Splunk Delivers Value Across IT and the Business
- 26. MACHINE DATA Industrial Data Explosion The NEXT WAVE INDUSTRIAL DATA & THE INTERNET OF THINGS STRUCTURED DATA
- 27. Supporting the next gen airliner
- 31. App Dev & App Mgmt. Security & Compliance Developer Platform (REST API, SDKs) IT Ops. 2. Expand
- 32. App Dev & App Mgmt. Security & Compliance Web Intelligence Business Analytics Industrial Data IT Ops. Developer Platform (REST API, SDKs) 3. Leverage Splunk across the Enterprise
- 33. Distributed Search Auto Load Balancing Search Heads Building 8 Operations Planning ITOC eCommerce Operations HQ Executive dashboards San Jose Developer 16 Syslog Relays San Jose CHEF UF Mirrored Indexers HF HF H F vpc tunn el U F Universal Forwarders SHP 1x DMZ Server Deployment Servers 20x JMX Clusters 14x BlueCoats Job ServersMonitor Servers 3x Central Servers 8x Central Servers snare NetscalerVPN Splunk Enterprise-wide Deployment Example • Serves multiple roles from IT to executives • Multi-terabyte per day highly available production deployment
- 34. Easy to Get Started Download and install in minutes 3. Start Splunking1. Download 2. Eat your Machine Data
- 35. Copyright © 2013 Splunk, Inc. 35 Make Machine Data Accessible, Usable and Valuable to IT and Business Users
- 36. Thank You
Hinweis der Redaktion
- Splunk $186 million Turns machine data into valuable insightsSplunk now has more than 600 employees worldwide, with headquarters in San Francisco and 14 offices around the world.Since first shipping its software in 2006, Splunk now has over 4,400 customers in 80+ countries. These organizations are using Splunk software to improve service levels, reduce operations costs, mitigate security risks, enable compliance, enhance DevOps collaboration and create new product and service offerings. Please always refer to latest company data found here: http://www.splunk.com/company.
- Let’s examine for a second, one of the fastest growing, most complex and most valuable segments of big data – machine data. All the webservers, applications, network devices – all of the technology infrastructure running your enterprise – generates massive streams of data, in an array of unpredictable formats that are difficult to process and analyze by traditional methods or in a timely manner. Why is this “machine data” valuable? Because it contains a trace - a categorical record - of user behavior, cyber-security risks, application behavior, service levels, fraudulent activity and customer experience.For Splunk the last two Vs are very important. Variety of data + Variability of data (change in format. For example, new fields are added to the log file)
- Why is this “machine data” valuable? Because it contains a trace - a categorical record - of user behavior, cyber-security risks, application behavior, service levels, fraudulent activity and customer experience.Order Processing = Order of a productMiddleware Error = WebLogic Application Server errorCare IVR = Telephone call to complain about the errorTwitter = Comments on the bad experienceThis information is very hard and time consuming effort to parse the data for a database consumption. The reason it is very hard to normalize this data is because of the last two Vs = Variety of data + Variability of data (change in format. For example, new fields are added to the log file)
- Example of a Customer ID that Splunk can correlate between the:Order Processing -> Application Server Error -> Customer calling to complain about the issue -> Twitter record that the customer gave up on waiting
- Splunk is the platform for machine data.Optimized for real-time, low latency and interactivitySplunk is the platform for machine data.It reliably collects and indexes all the streaming data from IT systems and technology devices in real-time - tens of thousands of sources in unpredictable formats and types.The Splunk platform indexes the data, making it available for searching, monitoring, analysis and visualizations.It enables you to interact with your data. Gain operational intelligence from your data.1. Find and fix problems dramatically faster2. Automatically monitor to identify issues, problems and attacks3. Gain end-to-end visibility to track and deliver on IT KPIs and make better-informed IT decisions4. Gain real-time insight from operational data to make better-informed business decisions
- Customers start by using Splunk Enterprise to address one specific solution area. Then they leverage it and their machine data to solve other pressing problems over time.Consequently, Splunk Enterprise has many critical uses across IT and the business: Application Management: provide end-to-end visibility across distributed infrastructures; troubleshoot across application environments; monitor for performance degradation; trace transactions across distributed systems and infrastructure.Development: accelerate development and test cycles; support advanced development methodologies like agile, continuous; integrate enterprise applications with SDKs and a robust API; build enterprise applications that leverage Splunk software.Infrastructure and Operations Management: proactively monitor across IT silos to ensure uptime; rapidly pinpoint and resolve problems; report on SLAs/track SLAs of service providers.Security and Compliance: provide rapid incident response, real-time correlation and in-depth monitoring across data sources; statistical analysis for advance pattern detection and threat defense.Web and Business Analytics: gain visibility and intelligence on customers, services and transactions; identify trends and patterns in real time; fully understand the impact of new product features on back-end services.
- Customers start by using Splunk Enterprise to address one specific solution area. Then they leverage it and their machine data to solve other pressing problems over time.Consequently, Splunk Enterprise has many critical uses across IT and the business: Application Management: provide end-to-end visibility across distributed infrastructures; troubleshoot across application environments; monitor for performance degradation; trace transactions across distributed systems and infrastructure.Development: accelerate development and test cycles; support advanced development methodologies like agile, continuous; integrate enterprise applications with SDKs and a robust API; build enterprise applications that leverage Splunk software.Infrastructure and Operations Management: proactively monitor across IT silos to ensure uptime; rapidly pinpoint and resolve problems; report on SLAs/track SLAs of service providers.Security and Compliance: provide rapid incident response, real-time correlation and in-depth monitoring across data sources; statistical analysis for advance pattern detection and threat defense.Web and Business Analytics: gain visibility and intelligence on customers, services and transactions; identify trends and patterns in real time; fully understand the impact of new product features on back-end services.
- What have developers been building using Splunk Enterprise? Examples include the following:Run searches and retrieve Splunk data from existing Customer Service/Call Center applications (Comcast use case) Integrate Splunk data into existing BI tools and dashboard (Tableau, MS Excel)Build mobile applications with KPI dashboards and alerts powered by Splunk (Otto Group use case)Log directly to Splunk from remote devices (Bosch use cases)Build customer-facing dashboards powered by user-specific data in Splunk (Socialize, Hurricane Labs use cases)Programmatically extract data from Splunk for long-term data warehousingWe hope this is just the beginning. We hope to open up a whole new world of enterprise apps.
- DescriptionAWS EC2 Instances and Billing Data CollectorSplunk App for AWS allows you to collect reserved/un-reserved instances data and Billing data from which in-depth analysis of usage patterns and spending becomes available for Amazon EC2 environment. This analysis not only helps to optimized usage of Amazon EC2 environment but also gives baseline calculations and month-over-month comparison of spendingSpecifically with this app you customers of EC2 can compare the number and type of reserved (discounted) instances to their actual use. Machines that may have erroneously been set up without aligning to one of these reserved instances. Savings of up to 35% on each dollar spent without reservations are immediately accessible.Customer Testimonial:From: Nathanial Smalley [Nathanial.Smalley@apollogrp.edu]Sent: Wednesday, March 20, 2013 7:09 AMTo: David Wray; Doug HarrCc: Pete Ehlke; Scott Cochran; Steve Pilon; Aaron AdamsSubject: FW: Splunk for AWS appreciation EMAIL Gentlemen, I wanted to take a moment of your time to express appreciation for the recent work NileshKhetia has helped our team with. Apollo Group was looking to find a way to better understand our AWS environment and we happened to find the “Splunk for AWS App”, which Nilesh built and supports. During our testing and installation we had several questions and engaged with Nilesh. Throughout the installation, testing, and production implementation of the Splunk for AWS app, Nilesh was available and always responsive to the questions we had had. Nilesh even went so far as to customize a number of the scripted inputs for our specific requirements. Due to the implementation of this Splunk App, we have been able to do a comprehensive reconciliation of unused AWS instances, understand our costs (helping us recognize where cost savings are available) and provide all of this in very usable formats which speak both to our operational teams as well as our executives. Once again we appreciate all of the work and dedication from Nilesh to ensure our implementation of the Splunk for AWS app was successful here at Apollo Group. Thanks so much for your time! Very Respectfully, Nate Nathanial Smalley, CISSPPrincipal Systems Engineer, ITS ToolsApollo Group Inc.4325 S. 30th St. |Suite 200 |Phoenix, AZ 85040Office: (602) 557-6202| Cell : (719)466-0991| Email: nathanial.smalley@apollogrp.edu
- Thismanagement view shows a Google Maps visualization of realtime web traffic from the webserver logs enriched with GeoIP dataThese graphs are generated by enriching the webserver logs with SalesForce.com data. Note the pie chart to the right is showing of those customers and prospects on our web site during the window shown, which of those individuals are enterprise customers? Community members? Partners? The final view below shows visitors by name – this is done by taking the visitors login information and doing a database lookup to determine the name of that customer. We also have telephone logs which show who is on the phone with Splunk displaying named contact.
- There are a whole host of ways Developerscan leverage Splunk to maximize enterprise technology investments.Accelerate Dev & Test: Use Splunk Enterprise out of the box. Splunk increases the speed and efficiency of application development, testing and provides proactive monitoring and analytics for applications in production.Integrate with IT Infrastructure: Integrate Splunk data with other enterprise applications, using SDKs on top of our REST API. Build real-time data applications: Build applications that take the value of Splunk beyond IT. IT early-warning systems, security and fraud protection, clickstream analysis & other revenue enhancing analytics.
- Splunk Use Case: Comcast has many different Splunk use cases. Comcast’s X1 Platform Device Manager CSR app uses the Java SDK to issue (one-shot) queries (complex, with multiple sub-queries) to find errors of the last 60 minutes (needs to be realtime – submits the query syntax live). Looking for DVR attempts/failures, Baud attempts/failures, etc. Proactive investigation of customer DVRs - reps need to see if customers are actually using their DVR (I.e. Don't want to reboot a box if customers are watching TV). The goal is to fix the error before anyone makes a phone call (saving on support operations costs and increasing customer satisfaction).Before Splunk, DVR box daemon's were batch polled once a day, which was much less effective identifying errors, leading to higher call volume and lower sat. Business Value: Lower support costs& increased customer satisfactionAbout Comcast:Comcast Corporation (Nasdaq: CMCSA, CMCSK) (www.comcast.com) is one of the world’s leading media, entertainment and communications companies. Comcast is principally involved in the operation of cable systems through Comcast Cable and in the development, production and distribution of entertainment, news, sports and other content for global audiences through NBCUniversal. Comcast Cable is one of the nation’s largest video, high-speed Internet and phone providers to residential and business customers. Comcast is the majority owner and manager of NBCUniversal, which owns and operates entertainment and news cable networks, the NBC and Telemundo broadcast networks, local television station groups, television production operations, a major motion picture company and theme parks.
- Ohio-based Security MSP Hurricane Labs delivers real-time security intelligence to customers using the Splunk SDK for Python. Hurricane Labs deliver’s relevant security-related data from Splunk to their customers via custom dashboards embedded in their website.
- Customers start by using Splunk Enterprise to address one specific solution area. Then they leverage it and their machine data to solve other pressing problems over time.Consequently, Splunk Enterprise has many critical uses across IT and the business: Application Management: provide end-to-end visibility across distributed infrastructures; troubleshoot across application environments; monitor for performance degradation; trace transactions across distributed systems and infrastructure.Development: accelerate development and test cycles; support advanced development methodologies like agile, continuous; integrate enterprise applications with SDKs and a robust API; build enterprise applications that leverage Splunk software.Infrastructure and Operations Management: proactively monitor across IT silos to ensure uptime; rapidly pinpoint and resolve problems; report on SLAs/track SLAs of service providers.Security and Compliance: provide rapid incident response, real-time correlation and in-depth monitoring across data sources; statistical analysis for advance pattern detection and threat defense.Web and Business Analytics: gain visibility and intelligence on customers, services and transactions; identify trends and patterns in real time; fully understand the impact of new product features on back-end services.
- Saudi – Attack happened on a holy day when all engineers and security folks were off. Erased all data off of all affected systems and replaced with video of burning American flagInternet of things – the author points out that cars talk to smartphones that talk to refrigerators that connect to corporate networks and that designers are not thinking about security holesPower grid attack -- Terrorists who gained access to any one of a number of key facilities, either through Internet-delivered malware designed to destroy control systems or through a saboteur on the inside, could black out large regions of the nation for weeks or months, the report from the National Research Council said.South Carolina -- exposure of the personal data of nearly 4 million individual filers and 700,000 businesses in the SC Department of Revenue. They had zero visibility into the attack. Led to the resignation of the head of the department of revenue.
- Our new Splunk App for PCI Compliance is now generally available. Compliance is a growing concern for the business and PCI is the most interesting because it’s not a law. Accepting credit card data is a key service to customers and the businesses typically prioritize PCI compliance. The app supports continuous monitoring of PCI posture – this means no end-of-quarter fire drills before an audit.
- Customers start by using Splunk Enterprise to address one specific solution area. Then they leverage it and their machine data to solve other pressing problems over time.Consequently, Splunk Enterprise has many critical uses across IT and the business: Application Management: provide end-to-end visibility across distributed infrastructures; troubleshoot across application environments; monitor for performance degradation; trace transactions across distributed systems and infrastructure.Development: accelerate development and test cycles; support advanced development methodologies like agile, continuous; integrate enterprise applications with SDKs and a robust API; build enterprise applications that leverage Splunk software.Infrastructure and Operations Management: proactively monitor across IT silos to ensure uptime; rapidly pinpoint and resolve problems; report on SLAs/track SLAs of service providers.Security and Compliance: provide rapid incident response, real-time correlation and in-depth monitoring across data sources; statistical analysis for advance pattern detection and threat defense.Web and Business Analytics: gain visibility and intelligence on customers, services and transactions; identify trends and patterns in real time; fully understand the impact of new product features on back-end services.
- CJ O is the no. 1 home shopping channel in South Korea.TV shoppingInternet shopping – CJmallMobile shopping – Mobile CJmallCatalog shoppingSocial market – O’Clock
- Community search engine Boardreader uses Splunk software to monitor its web crawlers and other essential business systems. In addition to generating large amounts of machine data on a daily basis, Boardreader maintains SQL databases to store business data and lookup tables such as country names, languages, production metrics and status, event and error codes. With Splunk DB Connect, Boardreader can run internal reports on usage trends and enhance the queries and reports with data from their SQL databases. Boardreader says Splunk DB Connect enabled it to replace its data warehouse.Boardreader offer two main services:Website – can be used anonymously or using a login for access and use certain features or functions, such as receiving email alerts, or certain services, usersneed to register and create an account.APIs – used by business customers to to run queries and load their analytical systems with critical social media data. 100s of requests per second.Before Splunk:Their existing reporting was broken. Too much data (and growing).Visibility was at best “a day behind”.“Online services, require real-time analytics”.Finding Splunk:In minutes: Downloaded Splunk and blasted it with packets. And it didn’t even break a sweat.In hours: Showed our CEO a dashboard – when he saw the graphics building in real-time and knew the data volumes behind it, he wanted it.In days: Entire Splunk deployment up and running and generating reports and dashboards.Now have processed and analyzed billions of events in Splunk.In terms of their environment:As well as data from 1000s of servers, they are bringing together business and IT data from 3 Microsoft SQL Server & MySQL databases (15-20 eventually possible) for real-time monitoring and some real-time business analytics.Standout factor of Splunk: Real-time. They are basically replacing a data warehouse.
- Customers start by using Splunk Enterprise to address one specific solution area. Then they leverage it and their machine data to solve other pressing problems over time.Consequently, Splunk Enterprise has many critical uses across IT and the business: Application Management: provide end-to-end visibility across distributed infrastructures; troubleshoot across application environments; monitor for performance degradation; trace transactions across distributed systems and infrastructure.Development: accelerate development and test cycles; support advanced development methodologies like agile, continuous; integrate enterprise applications with SDKs and a robust API; build enterprise applications that leverage Splunk software.Infrastructure and Operations Management: proactively monitor across IT silos to ensure uptime; rapidly pinpoint and resolve problems; report on SLAs/track SLAs of service providers.Security and Compliance: provide rapid incident response, real-time correlation and in-depth monitoring across data sources; statistical analysis for advance pattern detection and threat defense.Web and Business Analytics: gain visibility and intelligence on customers, services and transactions; identify trends and patterns in real time; fully understand the impact of new product features on back-end services.
- Customers start by using Splunk Enterprise to address one specific solution area. Then they leverage it and their machine data to solve other pressing problems over time.Consequently, Splunk Enterprise has many critical uses across IT and the business: Application Management: provide end-to-end visibility across distributed infrastructures; troubleshoot across application environments; monitor for performance degradation; trace transactions across distributed systems and infrastructure.Development: accelerate development and test cycles; support advanced development methodologies like agile, continuous; integrate enterprise applications with SDKs and a robust API; build enterprise applications that leverage Splunk software.Infrastructure and Operations Management: proactively monitor across IT silos to ensure uptime; rapidly pinpoint and resolve problems; report on SLAs/track SLAs of service providers.Security and Compliance: provide rapid incident response, real-time correlation and in-depth monitoring across data sources; statistical analysis for advance pattern detection and threat defense.Web and Business Analytics: gain visibility and intelligence on customers, services and transactions; identify trends and patterns in real time; fully understand the impact of new product features on back-end services.
- Customers start by using Splunk Enterprise to address one specific solution area. Then they leverage it and their machine data to solve other pressing problems over time.Consequently, Splunk Enterprise has many critical uses across IT and the business: Application Management: provide end-to-end visibility across distributed infrastructures; troubleshoot across application environments; monitor for performance degradation; trace transactions across distributed systems and infrastructure.Development: accelerate development and test cycles; support advanced development methodologies like agile, continuous; integrate enterprise applications with SDKs and a robust API; build enterprise applications that leverage Splunk software.Infrastructure and Operations Management: proactively monitor across IT silos to ensure uptime; rapidly pinpoint and resolve problems; report on SLAs/track SLAs of service providers.Security and Compliance: provide rapid incident response, real-time correlation and in-depth monitoring across data sources; statistical analysis for advance pattern detection and threat defense.Web and Business Analytics: gain visibility and intelligence on customers, services and transactions; identify trends and patterns in real time; fully understand the impact of new product features on back-end services.
- Customers start by using Splunk Enterprise to address one specific solution area. Then they leverage it and their machine data to solve other pressing problems over time.Consequently, Splunk Enterprise has many critical uses across IT and the business: Application Management: provide end-to-end visibility across distributed infrastructures; troubleshoot across application environments; monitor for performance degradation; trace transactions across distributed systems and infrastructure.Development: accelerate development and test cycles; support advanced development methodologies like agile, continuous; integrate enterprise applications with SDKs and a robust API; build enterprise applications that leverage Splunk software.Infrastructure and Operations Management: proactively monitor across IT silos to ensure uptime; rapidly pinpoint and resolve problems; report on SLAs/track SLAs of service providers.Security and Compliance: provide rapid incident response, real-time correlation and in-depth monitoring across data sources; statistical analysis for advance pattern detection and threat defense.Web and Business Analytics: gain visibility and intelligence on customers, services and transactions; identify trends and patterns in real time; fully understand the impact of new product features on back-end services.
- Splunk Enterprise is simple to deploy, scales from a single server deployment to global large-scale operations and delivers fast payback. Download Splunk Enterprise for free, install it in 5 minutes on your laptop or on any commodity server, point it at any machine data and start using it. Splunk software is often deployed for the first time while under fire. A serious service outage or security incident in progress is stressful, but with Splunk Enterprise, you can complete your investigation in a few minutes versus hours or days.