SlideShare ist ein Scribd-Unternehmen logo

Apresentação splunk completa

S
Sidnir Vieira

Imagine que você precisa de uma ferramenta para consolidar logs de várias máquinas servidoras em uma só e, através de uma interface prática, analisar os problemas que vêm acontecendo relacionados com a compra de um produto em sua plataforma de e-commerce. Ou mesmo, imagine ter vários servidores Linux/Unix/Windows remotos, sendo necessário consolidar todos os logs dos ativos de TI para investigação de erros ou até ameaças de segurança. A possibilidade de investigar problemas e responder a eventos que impactam o funcionamento do seu ambiente fazem do Splunk uma plataforma de Big Data ideal para análise de toda a sua infraestrutura de TI. O Splunk é uma plataforma para BIG DATA e tem ajudado muito no Monitoramento de TI, Aplicações, Segurança & Compliance, Web Intelligence e Business Analytics, Cloud, temos s clientes como o Terra, UOL, Tivit, ALOG, GVT, Bolsa de Valores, TELEPERFORMANCE, Ticket, etc

BusinessTechnologie
1 von 31
The IT Search Company Introduction
The IT Search Company 2 © Splunk Inc. 2009 Founded 2004: First software release in 2006 Headquarters: San Francisco, CA Employees: 400, based in 8 countries. 10 Offices Customers: 5600 licensed customers in 90 countries - Over 50 of the Fortune 100! Product Downloads: Over 1,500,000 and counting Doubled in Sales each year from ‘07: $66M in 2010 Last Year-over-year Growth: 98% Company Background 2
The IT Search Company 3 © Splunk Inc. 2009 O que é Splunk ? 3 Splunk é um motor sofisticado de busca e análise de TI. O software é instalado em apenas 5 minutos. É compativel com qualquer plataforma (moderna). Permite visibilidade de toda sua infraestructura para múltiplos objetivos.
The IT Search Company 4 © Splunk Inc. 2009 “Two-thirds of all IT spending is just to sustain the business, not to grow or transform the business” Source: Gartner, IT Metrics: IT Spending and Staffing Report, 2010 4
The IT Search Company 5 © Splunk Inc. 2009 Situação de uma área de TI atualmente 5 “The amount of digital information that exists in the world is growing at a 60% CAGR” - Economist 2010
The IT Search Company 6 © Splunk Inc. 2009 IT MddSSSAAanagement Is Broken Silosofaredatascatteredeverywhere.Coupledwithdiversetechnologyandprocesses- troubleshootingiscomplex,timeconsuming,andexpensive. Storage ServiceDesk Applications Servers Compliance Development Change Management Virtualization Security Networking Virtual Physical Cloud 70% of IT’s time and budget is devoted to maintaining IT - Gartner
© Splunk Inc. Confidential 2010 7 Additional Sources Core IT Customer-facing IT Energy Manufacturing Shipping RFID Web Services Developers App Support Telecoms Networking Desktops Servers Security Data Warehouse Storage Messaging Shopping Basket Clickstream GPS/Cellular Virtual Physical Cloud Online Services Isolated People, Systems, Tools and Data
© Splunk Inc. Confidential 2010 8  Splunkisasearchenginefor“machinegenerateddata”  SearchandanalyzeallthedatayourITinfrastructuregeneratesfroma singlelocationinrealtime  Monitorandtroubleshootallyourapplications,serversandnetwork devicesfromoneplace–inminutesnothours  Reportandalertonyoursecurityincidentsandcompliancecontrols Splunk is the Solution! 8  A godsend for troubleshooting!  Real-time visibility into and across ALL the Infrastructure!  Takes the “SH” out of “IT”
© Splunk Inc. Confidential 2010 9 > ssh 10.1.7.28 –l root > grep ^From log|sort -uk2,2|awk –F@'{print $2}'|sort|cut –f1-d" "
© Splunk Inc. Confidential 2010 10
© Splunk Inc. Confidential 2010 11
© Splunk Inc. Confidential 2010 12 It’sthe network It’sthe AppServer It’sthe database It’suser error and the blame on…
© Splunk Inc. Confidential 2010 13 A new way to troubleshoot ... + =
© Splunk Inc. Confidential 2010 14 Additional Sources Core IT Customer-facing IT Everything From One Place in Real Time
© Splunk Inc. Confidential 2010 15 Applications •Web logs •Log4J, JMS, JMX •.NET events •Code and scripts Networks • CDRs, IPDRs • syslog • SNMP • netflow Databases • Configurations • Audit/querylogs • Tables • Schemas Virtual Machines • Hypervisor • Guest OS • Guest Apps Linux/Unix • Configurations • syslog • Filesystem • ps,iostat,top Windows • Registry • Eventlogs • Filesystem • sysinternals Logfiles Configs Messages Traps Alerts Metrics Scripts TicketsChanges Start Indexing Any Data in Real-time No Parsers. No Schema. No RDBMS.
© Splunk Inc. Confidential 2010 16 Flexible freeform search and point-and-click navigation Search for any term or string Use simple Boolean operators Visualize results by time See original events Navigate relationships within results Quickly filter to remove noise Search and Navigate
© Splunk Inc. Confidential 2010 17 Proactively monitor with notifications and actions. Schedule any search as an alert Build powerful correlation with extended search language commands Set conditions for notification and action Get notifications via RSS, Email or SNMP Trigger scripts for automated actions Send events to ticketing systems and consoles Monitor and Alert
© Splunk Inc. Confidential 2010 18 Summarize, visualize and analyze real-time and historical data. Powerfulcommands extend search to analytics and correlation One click, ad-hoc reports across all your IT data to visualize results  Summaries, statistics, trends  Incorporate businessdata from RDBMSs and other sources Leveragesearch-timeknowledge to report on anything without being limited to a schema Schedule and distribute reports via RSS or Email Report and Analyze
© Splunk Inc. Confidential 2010 19 Create Dashboards and Views for Everyone Mash up Web Apps Support Multiple Use Cases Website Managers VPs of Infrastructure IT, Line of Business or Management
The IT Search Company 20 © Splunk Inc. 2009 How customers use Splunk 20 Compliance Security Application Management Infrastructure Management
The IT Search Company 21 © Splunk Inc. 2009 Education Healthcare Energy and Utilities Manufacturing Cloud and Online Services Government Financial Services Media 5600+LicensedCustomersin90Countries 21 Technology TelecommunicationsRetail Travel and Leisure
The IT Search Company 22 © Splunk Inc. 2009 150+EducationalInstitutionsUseSplunk
The IT Search Company 23 © Splunk Inc. 2009 23 Banca y Finanzas Telecomunicaciones Servicios OnLine Retail Manufactura Farmaceuticas Servicios Gobierno Educacion Seguros Salud Tecnologia +35 Clientes en LATAM Brazil México Argentina
The IT Search Company 24 © Splunk Inc. 2009 Large Ivy League University Splunk helps “predict the infrastructure we’ll need to support apps and compliance mandates”  Gathering data from 400+ servers and 2000+ Cisco devices  Provides an end-to-end view of operations from switches through business critical apps  Engineers logged in, immediately identified network and email issues without any Splunk training “All new application rollouts require Splunk”
The IT Search Company 25 © Splunk Inc. 2009 Rutgers Class registration is a land rush  1000 hits per second peak load  Registration System involves Mainframe/Oracle Databases, J2EE/Web Servers, Load Balancers/Firewalls  Splunk grabs performance data—makes HTTP calls into JVMs  The data is graphed and correlated to load and error data. “We get paid by course credit—downtime could mean loss of revenue”
The IT Search Company 26 © Splunk Inc. 2009 WashingtonState Needed centralized logging to give access across multiple IT silos (Network, Security, Developers, Infrastructure) Examples:  Tracing email across Barracuda, Sendmail, MSFT infrastructure  Tracking web-based sessions for single sign-on between various servers  Analyzing response times for services as seen on the network  Troubleshooting home grown applications that use custom log formats  Knowing where a stolen laptop is physically when it shows up on the network “Now multiple people can jump on issues. We’re no longer stovepipes but a much more effective team.”
The IT Search Company 27 © Splunk Inc. 2009 TheChicagoMercantileExchangeistheworld'slargestandmostdiversederivativesexchange.They useSplunktodiagnosenetworkissuessearchinglogsfromCiscoroutersandotherdevices. Applications:NetworkManagement FidelityusesSplunktomanageserversandmaintaintheitsonlineinvestmentapplications. Applications:ServerManagement,ApplicationManagement FiserveusesSplunktoperformsecurityinvestigationsanddrivedashboardsshowingsecurity-relevant activityintheirfirewallandaccesscontrollogs. Applications:NetworkSecurity GEusesSplunkacrosstheirheterogeneousenvironmentincludingmultipleUnixflavors,Linux mainframes,Windowsdatabases,andapplicationstomeetcompliancemandatesforrealtimecentral loggingandroutinelog reviewandinvestigation. Applications:Compliance TrueCreditusesSplunktoidentifyandinvestigateanomaliesinthebehaviorofitscustomer-facingJ2EE applicationsandOracledatabasebackend. Applications:ApplicationManagement,DatabaseManagement VisausesSplunkfornetworksecuritymonitoringandincidentresponse. Applications:NetworkSecurity,NetworkManagement Financial Services
The IT Search Company 28 © Splunk Inc. 2009 Theoldway:Limitedviewdrivesservermanagementcosts CentralservermanagementislimitedtofilteredSNMPtrapsandperformancemetrics Manydifferentagentsarerequiredonthesamephysicalserver Identifyinganddiagnosingserverproblemsinvolvesdirectlyaccessingproductionsystems Thenewway:Splunkintegrates logs, metrics &configurations ✓Searchacrossthousandsofservers ✓Indexlogs,configurations,metrics,outputofstatuscommandswithonetechnology ✓Troubleshootproblems,outagesandchronicfailuresquickly ✓Complimentexistingservermonitoringwithscheduledsearchesandreports Operations Uses “Splunkcutsdownonthetime toidentifyandinvestigateour serverproblemsandoutages byprovidingcentralaccesstoall ourITdata.” AndreKocher,Sr.SystemsEngineer Applications ChangeManagement Networking Servers VirtualizationMessaging
The IT Search Company 29 © Splunk Inc. 2009 Compliance Uses “FailuretocomplywiththePCI mandateequatestofailurefor ourbusiness.Splunkenablesus todemonstratecompliance acrossallPCIrequirements whilemitigatingtheoperational impact.” Theoldway:Complex, deficientPCI logmanagement Creditcardmerchantsarefindingcollectingandretainingaudittrailsforatleastoneyearis themostdauntingPCIcompliancerequirement It’sdifficulttoaccess,analyzeandmanageallthedatafromcardprocessingsystems ExistingPCIsolutionsareexpensive,clumsyanddifficulttomaintain Thenewway:Easy,comprehensivePCIlogmanagement ✓SplunkforPCIisapre-packedapplicationthatprovidesrapidcompliancewithPCI requirementsforaudittrailcollection,retentionandreview ✓Search,alertandreportonthecompleterangeofPCIrelatedissuesandrequirementsfor logs,passwordfilesandotherITdata ✓Morethan120reportsorganizedbyrequirementsallowyoutoprovecompliancewithany PCIcontrolfrompasswordpolicytofirewallconfiguration PeterBassill,CISSP,GalaCoralGroup E-Discovery HIPAA PCI SOXFISMA
The IT Search Company 30 © Splunk Inc. 2009 “MyteamusesSplunk primarilyforcomplianceina financialtransaction environment.It’sworking greattoday.Wecandoadhoc queriesforanythingauditors wanttosee.” DennisScales,DirectorofInfoServices Theoldway:TradinghourslosttotheITbottleneck Criticalinformationneededbybrokers,tradersandcustomersabouttradesand settlementisburiedinscatteredlogsincrypticFIXandproprietarytransactionformats Onlydeveloperscanaccessandanalyzetradeeventsanddata Precioustimeislostforeveryinformationrequestresultinginlostopportunityand dissatisfiedcustomers Thenewway:Splunkputstradedatawithineasyreach ✓SearchallFIXandproprietaryordermanagementandsettlementdatainanyformat ✓Instantaneousretrievalofanyinformationrequests ✓Powerfultransactionsearchcorrelateseventdataontheflyacrossmultiplesystems ✓Nontechnicaltradesupportstaffcananswerquestionsabouttradeexecutionfreeing developerandITresources Business Intelligence Uses Customer Service Financial Services Supply Chain TelecommunicationsE-Commerce
Live Product Demonstration sidnir@openware.com.br tel. 11-98551-4128

Empfohlen

Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk
 
dlux - Splunk Technical Overview
dlux - Splunk Technical Overviewdlux - Splunk Technical Overview
dlux - Splunk Technical Overview
David Lutz
 
SplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk OverviewSplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk Overview
Splunk
 
Splunk - Verwandeln Sie Datensilos in Operational Intelligence
Splunk - Verwandeln Sie Datensilos in Operational IntelligenceSplunk - Verwandeln Sie Datensilos in Operational Intelligence
Splunk - Verwandeln Sie Datensilos in Operational Intelligence
Splunk
 
Splunk for ITOps
Splunk for ITOpsSplunk for ITOps
Splunk for ITOps
Splunk
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Enterprise Security Guided Tour
Enterprise Security Guided TourEnterprise Security Guided Tour
Enterprise Security Guided Tour
Splunk
 
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk Artificial Intelligence & Machine Learning WebinarSplunk Artificial Intelligence & Machine Learning Webinar
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk
 

Empfohlen

Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk
 
dlux - Splunk Technical Overview
dlux - Splunk Technical Overviewdlux - Splunk Technical Overview
dlux - Splunk Technical Overview
David Lutz
 
SplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk OverviewSplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk Overview
Splunk
 
Splunk - Verwandeln Sie Datensilos in Operational Intelligence
Splunk - Verwandeln Sie Datensilos in Operational IntelligenceSplunk - Verwandeln Sie Datensilos in Operational Intelligence
Splunk - Verwandeln Sie Datensilos in Operational Intelligence
Splunk
 
Splunk for ITOps
Splunk for ITOpsSplunk for ITOps
Splunk for ITOps
Splunk
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Enterprise Security Guided Tour
Enterprise Security Guided TourEnterprise Security Guided Tour
Enterprise Security Guided Tour
Splunk
 
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk Artificial Intelligence & Machine Learning WebinarSplunk Artificial Intelligence & Machine Learning Webinar
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk
 
SplunkLive! Splunk App for VMware
SplunkLive! Splunk App for VMwareSplunkLive! Splunk App for VMware
SplunkLive! Splunk App for VMware
Splunk
 
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Splunk
 
Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per... Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per...
Splunk
 
Security Automation & Orchestration
Security Automation & OrchestrationSecurity Automation & Orchestration
Security Automation & Orchestration
Splunk
 
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
Splunk
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT Operations
Splunk
 
Machine Data 101: Turning Data Into Insight
Machine Data 101: Turning Data Into InsightMachine Data 101: Turning Data Into Insight
Machine Data 101: Turning Data Into Insight
Splunk
 
SplunkLive! Zürich - Splunk für Security
SplunkLive! Zürich - Splunk für SecuritySplunkLive! Zürich - Splunk für Security
SplunkLive! Zürich - Splunk für Security
Splunk
 
SplunkLive! Wien 2016 - Use Case TTTech Computertechnik
SplunkLive! Wien 2016 - Use Case TTTech ComputertechnikSplunkLive! Wien 2016 - Use Case TTTech Computertechnik
SplunkLive! Wien 2016 - Use Case TTTech Computertechnik
Splunk
 
SplunkLive! München 2016 - Splunk für IT Operations
SplunkLive! München 2016 - Splunk für IT OperationsSplunkLive! München 2016 - Splunk für IT Operations
SplunkLive! München 2016 - Splunk für IT Operations
Splunk
 
The Risks and Rewards of AI
The Risks and Rewards of AIThe Risks and Rewards of AI
The Risks and Rewards of AI
Splunk
 
Splunk Enterprise for IT Troubleshooting Hands-On
Splunk Enterprise for IT Troubleshooting Hands-OnSplunk Enterprise for IT Troubleshooting Hands-On
Splunk Enterprise for IT Troubleshooting Hands-On
Splunk
 
Introduction into Security Analytics Methods
Introduction into Security Analytics Methods Introduction into Security Analytics Methods
Introduction into Security Analytics Methods
Splunk
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2 Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
Splunk
 
SplunkLive! Stockholm 2015 - Klarna
SplunkLive! Stockholm 2015 - KlarnaSplunkLive! Stockholm 2015 - Klarna
SplunkLive! Stockholm 2015 - Klarna
Splunk
 
SplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für SecuritySplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für Security
Splunk
 
Make Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not HarderMake Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not Harder
Splunk
 
Splunk for vmware virtualization customer presentation
Splunk for vmware virtualization customer presentationSplunk for vmware virtualization customer presentation
Splunk for vmware virtualization customer presentation
Greg Hanchin
 
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Splunk
 
What is computer registry
What is computer registryWhat is computer registry
What is computer registry
Peter Gwaiwer
 
Intro To Hacking
Intro To HackingIntro To Hacking
Intro To Hacking
nayakslideshare
 

Weitere ähnliche Inhalte

Was ist angesagt?

SplunkLive! Splunk App for VMware
SplunkLive! Splunk App for VMwareSplunkLive! Splunk App for VMware
SplunkLive! Splunk App for VMware
Splunk
 
Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per... Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per...
Splunk
 
Machine Data 101: Turning Data Into Insight
Machine Data 101: Turning Data Into InsightMachine Data 101: Turning Data Into Insight
Machine Data 101: Turning Data Into Insight
Splunk
 
Make Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not HarderMake Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not Harder
Splunk
 

Was ist angesagt? (20)

SplunkLive! Splunk App for VMware
SplunkLive! Splunk App for VMwareSplunkLive! Splunk App for VMware
SplunkLive! Splunk App for VMware
 
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
Travis Perkins: Building a 'Lean SOC' over 'Legacy SOC'
 
Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per... Building a Security Information and Event Management platform at Travis Per...
Building a Security Information and Event Management platform at Travis Per...
 
Security Automation & Orchestration
Security Automation & OrchestrationSecurity Automation & Orchestration
Security Automation & Orchestration
 
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT Operations
 
Machine Data 101: Turning Data Into Insight
Machine Data 101: Turning Data Into InsightMachine Data 101: Turning Data Into Insight
Machine Data 101: Turning Data Into Insight
 
SplunkLive! Zürich - Splunk für Security
SplunkLive! Zürich - Splunk für SecuritySplunkLive! Zürich - Splunk für Security
SplunkLive! Zürich - Splunk für Security
 
SplunkLive! Wien 2016 - Use Case TTTech Computertechnik
SplunkLive! Wien 2016 - Use Case TTTech ComputertechnikSplunkLive! Wien 2016 - Use Case TTTech Computertechnik
SplunkLive! Wien 2016 - Use Case TTTech Computertechnik
 
SplunkLive! München 2016 - Splunk für IT Operations
SplunkLive! München 2016 - Splunk für IT OperationsSplunkLive! München 2016 - Splunk für IT Operations
SplunkLive! München 2016 - Splunk für IT Operations
 
The Risks and Rewards of AI
The Risks and Rewards of AIThe Risks and Rewards of AI
The Risks and Rewards of AI
 
Splunk Enterprise for IT Troubleshooting Hands-On
Splunk Enterprise for IT Troubleshooting Hands-OnSplunk Enterprise for IT Troubleshooting Hands-On
Splunk Enterprise for IT Troubleshooting Hands-On
 
Introduction into Security Analytics Methods
Introduction into Security Analytics Methods Introduction into Security Analytics Methods
Introduction into Security Analytics Methods
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
 
Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2 Splunk Cloud and Splunk Enterprise 7.2
Splunk Cloud and Splunk Enterprise 7.2
 
SplunkLive! Stockholm 2015 - Klarna
SplunkLive! Stockholm 2015 - KlarnaSplunkLive! Stockholm 2015 - Klarna
SplunkLive! Stockholm 2015 - Klarna
 
SplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für SecuritySplunkLive! München 2016 - Splunk für Security
SplunkLive! München 2016 - Splunk für Security
 
Make Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not HarderMake Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not Harder
 
Splunk for vmware virtualization customer presentation
Splunk for vmware virtualization customer presentationSplunk for vmware virtualization customer presentation
Splunk for vmware virtualization customer presentation
 
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
 

Andere mochten auch

What is computer registry
What is computer registryWhat is computer registry
What is computer registry
Peter Gwaiwer
 
Ukgovld registry-intro
Ukgovld registry-introUkgovld registry-intro
Ukgovld registry-intro
Dave Reynolds
 

Andere mochten auch (6)

What is computer registry
What is computer registryWhat is computer registry
What is computer registry
 
Intro To Hacking
Intro To HackingIntro To Hacking
Intro To Hacking
 
Ukgovld registry-intro
Ukgovld registry-introUkgovld registry-intro
Ukgovld registry-intro
 
Registry Technical Training
Registry Technical TrainingRegistry Technical Training
Registry Technical Training
 
Registry tips
Registry tipsRegistry tips
Registry tips
 
Introduction to linked data and the semantic web
Introduction to linked data and the semantic webIntroduction to linked data and the semantic web
Introduction to linked data and the semantic web
 

Ähnlich wie Apresentação splunk completa

Virtual SplunkLive! for Higher Education Overview/Customers
Virtual SplunkLive! for Higher Education Overview/CustomersVirtual SplunkLive! for Higher Education Overview/Customers
Virtual SplunkLive! for Higher Education Overview/Customers
Splunk
 
Splunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of ThingsSplunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of Things
aliciasyc
 
Splunk Enterprise 6.1 Solutions Brief
Splunk Enterprise 6.1 Solutions BriefSplunk Enterprise 6.1 Solutions Brief
Splunk Enterprise 6.1 Solutions Brief
Manish Kalra
 
Splunk live london_grs
Splunk live london_grsSplunk live london_grs
Splunk live london_grs
jenny_splunk
 
2019 Performance Monitoring and Management Trends and Insights
2019 Performance Monitoring and Management Trends and Insights2019 Performance Monitoring and Management Trends and Insights
2019 Performance Monitoring and Management Trends and Insights
OpsRamp
 
SplunkLive! What's New in Splunk 6 Session
SplunkLive! What's New in Splunk 6 SessionSplunkLive! What's New in Splunk 6 Session
SplunkLive! What's New in Splunk 6 Session
Splunk
 
SplunkLive! São Paulo 2014 - Overview by markus zirn
SplunkLive! São Paulo 2014 - Overview by markus zirnSplunkLive! São Paulo 2014 - Overview by markus zirn
SplunkLive! São Paulo 2014 - Overview by markus zirn
Splunk
 

Ähnlich wie Apresentação splunk completa (20)

Splunk for IT Operations Breakout Session
Splunk for IT Operations Breakout SessionSplunk for IT Operations Breakout Session
Splunk for IT Operations Breakout Session
 
Virtual SplunkLive! for Higher Education Overview/Customers
Virtual SplunkLive! for Higher Education Overview/CustomersVirtual SplunkLive! for Higher Education Overview/Customers
Virtual SplunkLive! for Higher Education Overview/Customers
 
Splunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of ThingsSplunk for Industrial Data and the Internet of Things
Splunk for Industrial Data and the Internet of Things
 
Splunk - Splunk for Industrial Data and the Internet of Things
Splunk - Splunk for Industrial Data and the Internet of ThingsSplunk - Splunk for Industrial Data and the Internet of Things
Splunk - Splunk for Industrial Data and the Internet of Things
 
Delivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT OperationsDelivering New Visibility and Analytics for IT Operations
Delivering New Visibility and Analytics for IT Operations
 
SplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational IntelligenceSplunkLive Wellington 2015 - Operational Intelligence
SplunkLive Wellington 2015 - Operational Intelligence
 
SplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational IntelligenceSplunkLive Auckland - Operational Intelligence
SplunkLive Auckland - Operational Intelligence
 
SplunkLive! Milano 2016 - Splunk Plenary Session
SplunkLive! Milano 2016 - Splunk Plenary SessionSplunkLive! Milano 2016 - Splunk Plenary Session
SplunkLive! Milano 2016 - Splunk Plenary Session
 
SplunkLive! Paris 2016 - Plenary session
SplunkLive! Paris 2016 - Plenary sessionSplunkLive! Paris 2016 - Plenary session
SplunkLive! Paris 2016 - Plenary session
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
 
Splunk Enterprise 6.1 Solutions Brief
Splunk Enterprise 6.1 Solutions BriefSplunk Enterprise 6.1 Solutions Brief
Splunk Enterprise 6.1 Solutions Brief
 
Splunk live london_grs
Splunk live london_grsSplunk live london_grs
Splunk live london_grs
 
Virtual Gov Day - Application Delivery Breakout - Overview
Virtual Gov Day - Application Delivery Breakout - OverviewVirtual Gov Day - Application Delivery Breakout - Overview
Virtual Gov Day - Application Delivery Breakout - Overview
 
2019 Performance Monitoring and Management Trends and Insights
2019 Performance Monitoring and Management Trends and Insights2019 Performance Monitoring and Management Trends and Insights
2019 Performance Monitoring and Management Trends and Insights
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingSplunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
 
IoT Analytics @ splunk
IoT Analytics @ splunkIoT Analytics @ splunk
IoT Analytics @ splunk
 
SplunkLive! What's New in Splunk 6 Session
SplunkLive! What's New in Splunk 6 SessionSplunkLive! What's New in Splunk 6 Session
SplunkLive! What's New in Splunk 6 Session
 
SplunkLive! São Paulo 2014 - Overview by markus zirn
SplunkLive! São Paulo 2014 - Overview by markus zirnSplunkLive! São Paulo 2014 - Overview by markus zirn
SplunkLive! São Paulo 2014 - Overview by markus zirn
 
SplunkLive! Zurich 2018: Integrating Metrics and Logs
SplunkLive! Zurich 2018: Integrating Metrics and LogsSplunkLive! Zurich 2018: Integrating Metrics and Logs
SplunkLive! Zurich 2018: Integrating Metrics and Logs
 

Mehr von Sidnir Vieira

Financial services overview and customer (2014)
Financial services overview and customer (2014)Financial services overview and customer (2014)
Financial services overview and customer (2014)
Sidnir Vieira
 

Mehr von Sidnir Vieira (8)

Resumo logistica
Resumo logisticaResumo logistica
Resumo logistica
 
Apresentação hospital
Apresentação hospitalApresentação hospital
Apresentação hospital
 
5 maneiras de mudar os resultados com visual cue
5 maneiras de mudar os resultados com visual cue5 maneiras de mudar os resultados com visual cue
5 maneiras de mudar os resultados com visual cue
 
Visual cue call center
Visual cue call centerVisual cue call center
Visual cue call center
 
Visual cue educacional
Visual cue educacionalVisual cue educacional
Visual cue educacional
 
Financial services overview and customer (2014)
Financial services overview and customer (2014)Financial services overview and customer (2014)
Financial services overview and customer (2014)
 
Open Ware Ramsan Dram Ssd
Open Ware Ramsan Dram SsdOpen Ware Ramsan Dram Ssd
Open Ware Ramsan Dram Ssd
 
Apresentacao Solid Access Corp Presentation Openware 5 20 10
Apresentacao Solid Access Corp Presentation Openware 5 20 10Apresentacao Solid Access Corp Presentation Openware 5 20 10
Apresentacao Solid Access Corp Presentation Openware 5 20 10
 

Kürzlich hochgeladen

Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
amitlee9823
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
lizamodels9
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Workforce Group
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
dollysharma2066
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Dipal Arora
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
ritikaroy0888
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
Renandantas16
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Dipal Arora
 

Kürzlich hochgeladen (20)

Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture concept
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperity
 
Phases of negotiation .pptx
Phases of negotiation .pptx Phases of negotiation .pptx
Phases of negotiation .pptx
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 

Apresentação splunk completa

  • 1. The IT Search Company Introduction
  • 2. The IT Search Company 2 © Splunk Inc. 2009 Founded 2004: First software release in 2006 Headquarters: San Francisco, CA Employees: 400, based in 8 countries. 10 Offices Customers: 5600 licensed customers in 90 countries - Over 50 of the Fortune 100! Product Downloads: Over 1,500,000 and counting Doubled in Sales each year from ‘07: $66M in 2010 Last Year-over-year Growth: 98% Company Background 2
  • 3. The IT Search Company 3 © Splunk Inc. 2009 O que é Splunk ? 3 Splunk é um motor sofisticado de busca e análise de TI. O software é instalado em apenas 5 minutos. É compativel com qualquer plataforma (moderna). Permite visibilidade de toda sua infraestructura para múltiplos objetivos.
  • 4. The IT Search Company 4 © Splunk Inc. 2009 “Two-thirds of all IT spending is just to sustain the business, not to grow or transform the business” Source: Gartner, IT Metrics: IT Spending and Staffing Report, 2010 4
  • 5. The IT Search Company 5 © Splunk Inc. 2009 Situação de uma área de TI atualmente 5 “The amount of digital information that exists in the world is growing at a 60% CAGR” - Economist 2010
  • 6. The IT Search Company 6 © Splunk Inc. 2009 IT MddSSSAAanagement Is Broken Silosofaredatascatteredeverywhere.Coupledwithdiversetechnologyandprocesses- troubleshootingiscomplex,timeconsuming,andexpensive. Storage ServiceDesk Applications Servers Compliance Development Change Management Virtualization Security Networking Virtual Physical Cloud 70% of IT’s time and budget is devoted to maintaining IT - Gartner
  • 7. © Splunk Inc. Confidential 2010 7 Additional Sources Core IT Customer-facing IT Energy Manufacturing Shipping RFID Web Services Developers App Support Telecoms Networking Desktops Servers Security Data Warehouse Storage Messaging Shopping Basket Clickstream GPS/Cellular Virtual Physical Cloud Online Services Isolated People, Systems, Tools and Data
  • 8. © Splunk Inc. Confidential 2010 8  Splunkisasearchenginefor“machinegenerateddata”  SearchandanalyzeallthedatayourITinfrastructuregeneratesfroma singlelocationinrealtime  Monitorandtroubleshootallyourapplications,serversandnetwork devicesfromoneplace–inminutesnothours  Reportandalertonyoursecurityincidentsandcompliancecontrols Splunk is the Solution! 8  A godsend for troubleshooting!  Real-time visibility into and across ALL the Infrastructure!  Takes the “SH” out of “IT”
  • 9. © Splunk Inc. Confidential 2010 9 > ssh 10.1.7.28 –l root > grep ^From log|sort -uk2,2|awk –F@'{print $2}'|sort|cut –f1-d" "
  • 10. © Splunk Inc. Confidential 2010 10
  • 11. © Splunk Inc. Confidential 2010 11
  • 12. © Splunk Inc. Confidential 2010 12 It’sthe network It’sthe AppServer It’sthe database It’suser error and the blame on…
  • 13. © Splunk Inc. Confidential 2010 13 A new way to troubleshoot ... + =
  • 14. © Splunk Inc. Confidential 2010 14 Additional Sources Core IT Customer-facing IT Everything From One Place in Real Time
  • 15. © Splunk Inc. Confidential 2010 15 Applications •Web logs •Log4J, JMS, JMX •.NET events •Code and scripts Networks • CDRs, IPDRs • syslog • SNMP • netflow Databases • Configurations • Audit/querylogs • Tables • Schemas Virtual Machines • Hypervisor • Guest OS • Guest Apps Linux/Unix • Configurations • syslog • Filesystem • ps,iostat,top Windows • Registry • Eventlogs • Filesystem • sysinternals Logfiles Configs Messages Traps Alerts Metrics Scripts TicketsChanges Start Indexing Any Data in Real-time No Parsers. No Schema. No RDBMS.
  • 16. © Splunk Inc. Confidential 2010 16 Flexible freeform search and point-and-click navigation Search for any term or string Use simple Boolean operators Visualize results by time See original events Navigate relationships within results Quickly filter to remove noise Search and Navigate
  • 17. © Splunk Inc. Confidential 2010 17 Proactively monitor with notifications and actions. Schedule any search as an alert Build powerful correlation with extended search language commands Set conditions for notification and action Get notifications via RSS, Email or SNMP Trigger scripts for automated actions Send events to ticketing systems and consoles Monitor and Alert
  • 18. © Splunk Inc. Confidential 2010 18 Summarize, visualize and analyze real-time and historical data. Powerfulcommands extend search to analytics and correlation One click, ad-hoc reports across all your IT data to visualize results  Summaries, statistics, trends  Incorporate businessdata from RDBMSs and other sources Leveragesearch-timeknowledge to report on anything without being limited to a schema Schedule and distribute reports via RSS or Email Report and Analyze
  • 19. © Splunk Inc. Confidential 2010 19 Create Dashboards and Views for Everyone Mash up Web Apps Support Multiple Use Cases Website Managers VPs of Infrastructure IT, Line of Business or Management
  • 20. The IT Search Company 20 © Splunk Inc. 2009 How customers use Splunk 20 Compliance Security Application Management Infrastructure Management
  • 21. The IT Search Company 21 © Splunk Inc. 2009 Education Healthcare Energy and Utilities Manufacturing Cloud and Online Services Government Financial Services Media 5600+LicensedCustomersin90Countries 21 Technology TelecommunicationsRetail Travel and Leisure
  • 22. The IT Search Company 22 © Splunk Inc. 2009 150+EducationalInstitutionsUseSplunk
  • 23. The IT Search Company 23 © Splunk Inc. 2009 23 Banca y Finanzas Telecomunicaciones Servicios OnLine Retail Manufactura Farmaceuticas Servicios Gobierno Educacion Seguros Salud Tecnologia +35 Clientes en LATAM Brazil México Argentina
  • 24. The IT Search Company 24 © Splunk Inc. 2009 Large Ivy League University Splunk helps “predict the infrastructure we’ll need to support apps and compliance mandates”  Gathering data from 400+ servers and 2000+ Cisco devices  Provides an end-to-end view of operations from switches through business critical apps  Engineers logged in, immediately identified network and email issues without any Splunk training “All new application rollouts require Splunk”
  • 25. The IT Search Company 25 © Splunk Inc. 2009 Rutgers Class registration is a land rush  1000 hits per second peak load  Registration System involves Mainframe/Oracle Databases, J2EE/Web Servers, Load Balancers/Firewalls  Splunk grabs performance data—makes HTTP calls into JVMs  The data is graphed and correlated to load and error data. “We get paid by course credit—downtime could mean loss of revenue”
  • 26. The IT Search Company 26 © Splunk Inc. 2009 WashingtonState Needed centralized logging to give access across multiple IT silos (Network, Security, Developers, Infrastructure) Examples:  Tracing email across Barracuda, Sendmail, MSFT infrastructure  Tracking web-based sessions for single sign-on between various servers  Analyzing response times for services as seen on the network  Troubleshooting home grown applications that use custom log formats  Knowing where a stolen laptop is physically when it shows up on the network “Now multiple people can jump on issues. We’re no longer stovepipes but a much more effective team.”
  • 27. The IT Search Company 27 © Splunk Inc. 2009 TheChicagoMercantileExchangeistheworld'slargestandmostdiversederivativesexchange.They useSplunktodiagnosenetworkissuessearchinglogsfromCiscoroutersandotherdevices. Applications:NetworkManagement FidelityusesSplunktomanageserversandmaintaintheitsonlineinvestmentapplications. Applications:ServerManagement,ApplicationManagement FiserveusesSplunktoperformsecurityinvestigationsanddrivedashboardsshowingsecurity-relevant activityintheirfirewallandaccesscontrollogs. Applications:NetworkSecurity GEusesSplunkacrosstheirheterogeneousenvironmentincludingmultipleUnixflavors,Linux mainframes,Windowsdatabases,andapplicationstomeetcompliancemandatesforrealtimecentral loggingandroutinelog reviewandinvestigation. Applications:Compliance TrueCreditusesSplunktoidentifyandinvestigateanomaliesinthebehaviorofitscustomer-facingJ2EE applicationsandOracledatabasebackend. Applications:ApplicationManagement,DatabaseManagement VisausesSplunkfornetworksecuritymonitoringandincidentresponse. Applications:NetworkSecurity,NetworkManagement Financial Services
  • 28. The IT Search Company 28 © Splunk Inc. 2009 Theoldway:Limitedviewdrivesservermanagementcosts CentralservermanagementislimitedtofilteredSNMPtrapsandperformancemetrics Manydifferentagentsarerequiredonthesamephysicalserver Identifyinganddiagnosingserverproblemsinvolvesdirectlyaccessingproductionsystems Thenewway:Splunkintegrates logs, metrics &configurations ✓Searchacrossthousandsofservers ✓Indexlogs,configurations,metrics,outputofstatuscommandswithonetechnology ✓Troubleshootproblems,outagesandchronicfailuresquickly ✓Complimentexistingservermonitoringwithscheduledsearchesandreports Operations Uses “Splunkcutsdownonthetime toidentifyandinvestigateour serverproblemsandoutages byprovidingcentralaccesstoall ourITdata.” AndreKocher,Sr.SystemsEngineer Applications ChangeManagement Networking Servers VirtualizationMessaging
  • 29. The IT Search Company 29 © Splunk Inc. 2009 Compliance Uses “FailuretocomplywiththePCI mandateequatestofailurefor ourbusiness.Splunkenablesus todemonstratecompliance acrossallPCIrequirements whilemitigatingtheoperational impact.” Theoldway:Complex, deficientPCI logmanagement Creditcardmerchantsarefindingcollectingandretainingaudittrailsforatleastoneyearis themostdauntingPCIcompliancerequirement It’sdifficulttoaccess,analyzeandmanageallthedatafromcardprocessingsystems ExistingPCIsolutionsareexpensive,clumsyanddifficulttomaintain Thenewway:Easy,comprehensivePCIlogmanagement ✓SplunkforPCIisapre-packedapplicationthatprovidesrapidcompliancewithPCI requirementsforaudittrailcollection,retentionandreview ✓Search,alertandreportonthecompleterangeofPCIrelatedissuesandrequirementsfor logs,passwordfilesandotherITdata ✓Morethan120reportsorganizedbyrequirementsallowyoutoprovecompliancewithany PCIcontrolfrompasswordpolicytofirewallconfiguration PeterBassill,CISSP,GalaCoralGroup E-Discovery HIPAA PCI SOXFISMA
  • 30. The IT Search Company 30 © Splunk Inc. 2009 “MyteamusesSplunk primarilyforcomplianceina financialtransaction environment.It’sworking greattoday.Wecandoadhoc queriesforanythingauditors wanttosee.” DennisScales,DirectorofInfoServices Theoldway:TradinghourslosttotheITbottleneck Criticalinformationneededbybrokers,tradersandcustomersabouttradesand settlementisburiedinscatteredlogsincrypticFIXandproprietarytransactionformats Onlydeveloperscanaccessandanalyzetradeeventsanddata Precioustimeislostforeveryinformationrequestresultinginlostopportunityand dissatisfiedcustomers Thenewway:Splunkputstradedatawithineasyreach ✓SearchallFIXandproprietaryordermanagementandsettlementdatainanyformat ✓Instantaneousretrievalofanyinformationrequests ✓Powerfultransactionsearchcorrelateseventdataontheflyacrossmultiplesystems ✓Nontechnicaltradesupportstaffcananswerquestionsabouttradeexecutionfreeing developerandITresources Business Intelligence Uses Customer Service Financial Services Supply Chain TelecommunicationsE-Commerce

Hinweis der Redaktion

  1.  Relatório do Gartner 2010, sobre gastos com TI e a equipe de TI, destaca que 7 dos 10 dólares são gastos apenas manter as luzes acesas.O que significa que apenas 3 em cada 10 dólares são gastos em inovação!Mais informações:O portifolio da Gartner sobre as categorias de despesas (como e dividido o gasto):Regras do negócio: Este é um indicador de quanto o recurso de TI é consumido e focada na continuação do funcionamento do negócio. Despesas não-discricionários estão incluídos no custo da execução do negócio.Crescer o negócio: Este é um indicador de quanto o recurso de TI é consumido e focada no desenvolvimento e reforço de sistemas de TI em apoio do crescimento do negócio (crescimento tipicamente orgânica). Investimentos discricionários são incluídos no custo crescer do negócio.Transforme o negócio: Este é um indicador de quanto o recurso de TI é consumido e focada na implementação de sistemas de tecnologia que permitem a empresa a aprovar novos modelos de negócios. Este é muito mais um "risco" da categoria, e que seria representado por atividades como um varejista da construção cívil mudar para compras on-line; um banco tradicional oferece serviços bancários on-line (ou mover-se para oferecer serviços de seguro), ou para um serviço de transporte para uma linha aérea comercial.Estes 2 quadros é sobre a capacitação que o Splunk fornece:Primeira parte é transformar o enorme esforço que demora para auditar, proteger e gerenciar TI.Segunda parte é como aproveitar o poder dos seus dados de máquinas para a sua organização.
  2. 3 Macro forces shaping IT now… Our vision, our mission is to make sure you can gain significant and compelling value from these secular trends.Cloud - no longer for “other people”. Mainstream; growth is outpacing prem; agility and costPrivate – Public - Dev – SaaSOn AWS, customers using Splunk to manage/monitor their appsSaaS – enterprise Apps in the cloud; and as of last week, Splunk is thereConsumerization… 5 years ago crazy if anything but standardization and consolidation – middleware, storage, Apps The BB came along, then the iphone, other smarts; mobile mail, mobile Apps; the the IPAD takes over the boardroom. Consumer technology overwhelms IT; Causes problems for IT – security for instance. But also opportunities to harvest the data these produce for business value Consolidation and virtualization are still happening in the DC and Splunk helps there, to manage your vmware and citrix servers and virtual desktopsBig Data: Some define it as: Confluence of Big Transaction Data (online transactions and online analytics (OLAP), Big interaction Data (social media, click stream, RFID, etc) resulting a whole log of Big Data Center Processing.
  3. Dentro de seu silo, os benefícios de todas estas tecnologias individuais são indiscutíveis.Infelizmente, as ferramentas que temos para gerir as infra-estruturas não acompanharam. Nós estamos vendo a mesma coisa hoje em virtualização e cloud computing: grande inovação falho por ferramentas de gestão ineficazes.O que foi criado é uma série de silos. Soluções pontuais implantados para fins específicos, e criando seu próprio silo de TI de dados, e conseguiu com seu próprio console e ferramentas. Empresas acabar com um conjunto de pessoas: uma pessoa de segurança, uma pessoa de rede, desenvolvimento, cada um com uma perspectiva de silo e uma visão estreita de uma ferramenta para a "sua" IT Data.O que nós descobrimos é que temos muitos dados que estão sendo gerados nesses ambientes. Os seres humanos precisam buscar esses dados através dos muitos silos para fazer seus trabalhos. Mas os dados estão em muitos lugares e tudo gerenciado separadamente. Sistemas de gerenciamento de alto nível tentar dar uma visão através de alguns dos silos, filtrando a maior parte dos dados essenciais de TI, e deixando os funcionários com a tarefa de ter que voltar para as muitas fontes de silos de dados para realizar suas tarefas.executivos e funcionários permanecem frustrados o que pode ser expressa como sem resposta a essas perguntas:* Por que não consigo ver o que realmente está acontecendo com o meu negócio agora?* Por que demora tanto tempo para responder a perguntas sobre as métricas-chave de negócios e questões?* Por que é tão difícil lidar com exceções quando as coisas dão errado?* Por que não podemos capturar e preservar o conhecimento sobre como ser mais eficaz?A causa fundamental dessa frustração resulta de uma desconexão entre as aplicações e sistemas utilizados
  4.  Sistemas de TI têm, naturalmente, desenvolvido em silos, organizado em torno de funções específicas, tecnologias, departamentos ou pessoas. "TI de dados 'necessários para gerenciar, fazer segurança e auditoria desses ambientes e em muitos lugares e todos gerenciados separadamente.Virtualização e cloud também foram adicionados a essa complexidade.Vimos a oportunidade de uma nova abordagem em TI e criamos o Splunk.
  5. Ask the audience how many of them found us during our 2005 beta….
  6. O conceito é simples, se o Google pode deixa você pesquisar bilhões de páginas na Web a partir de um lugar, por que não podemos fazer o mesmo para o seu datacenter?Isso é exatamente o que fizemos. Tudo a partir de um lugar em tempo real.Tivemos muito sucesso como uma ferramenta de pesquisa em TI, e a maioria do nosso negócio com o uso desse tipo
  7. A NECESSIDADE:Máquina de dados gerados = TI "matérial escuro"O problema esta em como chegar a ele. Splunk resolveutudo isso.Usando a internet como um motor de busca é impensável.transações do usuáriocomportamento do clientecomportamento da máquinaameaças de segurançaatividade fraudulentaProblema tem sido a forma de acessar os dados e também a mentalidade convencional de pensar sobre esses dados como apenas parte de um aplicativo de servidor, etcCom o Splunk abordagem é totalmente diferente:Splunk qualquer índice de dados de qualquer fonte de TI pode ser acessado em tempo real. Ponto de seus servidores ou dispositivos de rede syslog no Splunk, pode ser monitorado on-line, permitindo a mudança de monitoramento em seu sistema de arquivos ou o Registro do Windows, agendar um script para pegar as métricas do sistema, e muito mais. Não importa como você vai obter os dados, ou em que formato, no Splunk o acesso ao índice será sempre da mesma forma - sem qualquer analisadores específicos ou adaptadores para escrever ou manter. Ele armazena tanto os dados brutos e os índices principais em um armazenamento de dados, eficiente comprimido, filesystem-baseddatastore- com assinatura de dados e de auditoria opcional, se você precisa provar a integridade dos dados.
  8.  Necessidade: Acesso universal em todos os dados - precisa de logon para vários servidores, navegação em diretórios, de alguma forma seqüêncial, etc Nós estamos vendo esses dados como uma chave fundamental, e como aproveitar isso?FÁCILIDADE - todos os seus silos a partir de um único lugar - basta perguntar ao Splunk qualquer pergunta!Intuitivo - boolean, aninhados, citado e wildcard / PODEROSO - estatísticas, contadores, resumos, relatóriosITERATIVO - encontrar rapidamente a causa raiz, navegar através de seus dados, tracear as transações através de múltiplas fontes de dadosSIMPLES - tira a complexidade dos dados subjacentes que podem estar situados em qualquer lugar da sua arquiteturaSplunk torna mais fácil para pesquisar rapidamente e navegar por todos os seus dados através de silos de tecnologias e as camadas de sua infra-estruturaSplunk suporta intuitivo Boolean, quota de string, e pesquisas familiares a qualquer um à vontade na Internet. Isso permite aos usuários rapidamente iterar e refinar suas buscas sem saber nada sobre os formatos de dados específicos. CAPTURE AND EXPRESSTHE INTENT OF WHAT YOU’RE LOOKING FOR ACCURATELY. CAPTURAR E EXPRESSAR A INTENÇÃO DO QUE VOCÊ ESTÁ PROCURANDO COM PRECISÃO.Você pode investigar um problema iterativamente pesquisando sobre erros, palavras-chave, prazos e outros campos para encontrar anomalias e padrões. Mesmo pesquisa sobre eventos relacionados e transações.E, ao contrário dos sistemas tradicionais e soluções de gestão de segurança baseada em tecnologias de banco de dados relacional, Splunk pode correlacionar informações através de múltiplos servidores Splunk em diferentes centros de dados e geografias.Splunk tira a complexidade dos dados, porque você pode DISTRIBUIR pesquisa em qualquer número de servidores Splunk subjacente que podem estar SITUADA EM QUALQUER LUGAR
  9. Necessidade: A pesquisa é baseada em INTENÇÃO! Automatica.Com Splunk você pode transformar qualquer busca em um alerta para se tornar mais proativa e automaticamente detectar problemas antes que eles afetem os seus clientes.Pegue qualquer pesquisa, salve-a e execute em um horário - a cada segundo, minuto, hora ou dia.Os alertas podem desencadear notificações e ações com base no conteúdo dos resultados de busca.As notificações podem ser via email, RSS feed ou enviada para outro sistema e consoles de gerenciamento de segurança com SNMP.Os alertas podem também desencadear ações através de scripts que pode automatizar as atividades de rotina, tais como reiniciar um aplicativo ou servidor ou postar um bilhete para um sistema ou serviço de help desk .
  10.  Necessidade: Às vezes você precisa de uma visão panorâmica fornecida por relatórios resumidos, tabelas e gráficos!Com Splunk você pode casar com capacidades poderosa de comunicação, com velocidade, flexibilidade e escala de pesquisa do Splunk.A simplicidade de analisar enormes quantidades de dados vai surpreender você (e seu chefe).Exemplo cliente: dos EUA Eles tinham um problema que exigia o 'Splunk "seus dados estavam no Google para diagnosticar um problema de servidor. Com o Splunk esta visibilidade permitiu-lhes optimizar o ambiente para as buscas mais popular e crítico. "Em apenas 2 cliques, nós criamos um relatório para fornecer feedback imediato sobre o que eles estavam precisando para sintonizar e melhorar a velocidade das buscas desse crítico website".Por exemplo, um relatório pode mostrar o total de bytes enviados por endereço IP a partir de eventos firewall atividade, uma tabela mostrando bytes por protocolo por endereço IP, ou um gráfico ilustrando o tráfego de firewall por hora para o laptop de um funcionário específico.Qualquer campo pode ser usado como critérios de relatórios. E lembre-se, porque os campos são identificados como você procura, você pode especificar novos campos, sem re-indexação de dados.Os relatórios também podem ser programados como alertas e executar em uma base periódica. Envie os resultados para os membros da equipe por email ou RSS feed
  11.  Splunk amplia o poder da TI de pesquisa para cada desktop.Os usuários podem criar dashboards personalizados em minutos com editor dashboards Splunk e fazer mais sentido os volumes enormes de dados à sua disposição.Combina pesquisas pré-definidos, gráficos, alertas e relatórios em um painel poderoso. Ou criar mashups com outros Web-based Apps, como o Tivoli, SAP, consoles de segurança e muito mais.Agora gerentes, analistas de segurança, auditores, desenvolvedores e administradores de sistemas estão todos habilitados a obter mais e mais informações do seu departamento de TI
  12. Como nossos usuários usam Splunk? Eles geralmente começam com a busca para solucionar problemas ou investigar incidentes. em seguida, eles 'add conhecimento " significa fazer seus dados tornar-se mais útil. Então eles começam a ver o poder do Splunk e automatizam o monitoramento em condições específicas, ameaças, etc Então, eles começam a usar relatórios poderosos e ferramentas de gráficos para analisar seus dados para todos os tipos de coisas.Dados da máquina são um registro categórico de todo o comportamento máquinas, servidores, redes, usuários, clientes! Splunk pode ser usado para melhorar o significado e a inteligência a partir destes dados operacionais.
  13. Talking PointsThis slide of logos represents a subset of all of our customers in education.Today (as of May 2010), we have over 150 educational institutions using Splunk, including universities, colleges, research institutions and other academic institutions.