Splunk

Overview

Two-thirds of all IT spending

is just to sustain the
business, not to grow or
transform the business
Source: Gartner, IT Metrics: IT Spending and Staffing Report,
2010
Copyright

2011, Splunk Inc.

Listen to your data.

Machine Data Is Pervasive

Additional Sources

Web
Services
Shippin
g

RFID

Desktops

Energy

Data
Warehouse
Developer
s

Security
GPS/Cellular

Customer-facing IT

Core IT

Server
s

Telecom
s

App
Support

Networking
Manufacturing

Storage
Messaging

Copyright

2011, Splunk Inc.

Clou
d

Shopping
Basket

Online
Services

Clickstream

Virtual

Physic
al

Listen to your data.

Machine Data Is Pervasive

Additional Sources

Customer-facing IT

Core IT

Machine data volumes, sources

and types exploding
Web
Services

80-95% of an organizations data

is unstructured
Data
Shipping

RFID

Desktops

Cloud

Warehouse

Shopping
If stored, in silos throughout the organization
Basket

GPS/Cellular

New technologies adding

explosion
Developers
Security to data
(mobile devices,
Serverssensors, GPS, virtualization, cloud)
Online
Energy

Market trends makes this

data
Telecoms
business
Networking

Contains
Manufacturing

App
valuable
Support

to the

Virtual

Services

Clickstream
a categorical recordStorage
of activity and
behavior

Physical

Messaging

Copyright

2011, Splunk Inc.

Listen to your data.

What Its Like In The Trenches

Service Desk
Log call. The
console says
everything is
green.

Escalat
e.
Copyright

Applicatio
n Support
Java
monitoring
tools dont
show
anything
either.
Call
Escalat
the
e.
developer.

2011, Splunk Inc.

Applicatio
n
Developer
Stop working
on new code
to
troubleshoot.
Need
production
Escalat
logs!
e.

Systems
Administrat
or
Stop what
theyre doing
to identify and
gather
production
logs for
Respon
developer.
d.
5

Applicatio
n
Developer
Manual
investigation
establishes
not
application
problem.
Escalat

e.

Database
Administrat
or
DBA analyzes
audit logs
which points
to bad query.

Now
what?

Listen to your data.

And When The Business Needs Intelligence...

I need a new
report

Well need to
change the
schema for that

Copyright

2011, Splunk Inc.

I need to see
it in real time

Our system is
batch. Well
need a new
system

Whats the
trend over the
last year?

Sorry. We only
keep 7 days of
data online

Listen to your data.

Collect, index and harness your

machine data
to identify problems, patterns, risks
and opportunities and drive better
decisions
for IT and the business.
Copyright

2011, Splunk Inc.

Listen to your data.

So What is Splunk, Exactly?

Splunk is the engine for machine

data

Provides visibility, reporting and

search across all your IT systems and
infrastructure

Copyright

2011, Splunk Inc.

Its software download and install it

in 5 minutes
Runs on all modern platforms

Listen to your data.

Splunk: The Engine for Machine Data

No predefined schema, no custom connectors, no RDBMS, no need to
filter/forward.
Customer
Facing Data
Click-stream data
Shopping cart
data
Online
transaction data

Outside the
Datacenter

Logfiles ConfigsMessages Traps Metrics Scripts Changes Tickets

Alerts

Windows

Linux/Unix

Registry
Event logs
File system
sysinternals

Configuratio
ns
syslog
File system
ps, iostat,
top

Copyright

Manufacturing,
logistics
CDRs & IPDRs
Power
consumption
RFID data
GPS data

2011, Splunk Inc.

Virtualization

Applications

& Cloud
Hypervisor
Guest OS,
Apps
Cloud

Web logs
Log4J, JMS, JMX
.NET events
Code and
scripts

Databases

Networking

Configuration
s
Audit/query
logs
Tables
Schemas

Configuratio
ns
syslog
SNMP
netflow

Listen to your data.

Delivering Operational Intelligence

Single Data Store

Single UI

Across Use Cases

Three Primary Capabilities

Search/Navigate

Data drilldown
Needle in a haystack
Root cause
analysis/troubleshooting
Incident investigations

Copyright

2011, Splunk Inc.

Real-time Visibility

Live dashboards
Event correlation
Monitoring and alerting
Performance issues
Transaction levels
SLA tracking

10

Historical Analytics
Baseline and thresholds
Trending
Operational insights
Historical patterns
Compliance reports

Listen to your data.

Splunk is a Powerful Search Engine for IT

Find and fix problems dramatically faster across your organization.

Copyright

2011, Splunk Inc.

11

Listen to your data.

In The Trenches With Splunk

Troubleshoot problems in minutes not hours or days.
192.168.169.100
Trouble
Ticket

192.168.169.100

>

Search on IP address
shows related Web
session and User ID

>

Search at same time

reveals database
error
and permission
failure

>

Search on permission

Last 60 minutes

Service
Desk

* AND failure OR error

failure OR error
Last 2 minutes

Search Your Entire IT Infrastructure

User ID=John AND permission_change

Last 1 minute

Copyright

2011, Splunk Inc.

12

changes shows
change
without ticket
Listen
to your data.
number

Splunk Proactively Monitors for

Incidents
Automatically monitor all your
infrastructure in real-time to identify issues,
problems
and attacks before they impact your customers and services.
RSS
Email
SNMP
Troubl
e
ticket

Copyright

2011, Splunk Inc.

13

Listen to your data.

Splunk Delivers Operational Visibility

Gain end-to-end visibility to track and deliver on IT KPIs
and make better-informed IT decisions.

Copyright

2011, Splunk Inc.

14

Listen to your data.

Splunk Provides New Insights for

Business
Gain new insight from operational
data to make better-informed business
decisions.

Copyright

2011, Splunk Inc.

15

Listen to your data.

New Levels of Visibility for IT and the

Business

Copyright

2011, Splunk Inc.

16

Listen to your data.

Scales Across the Datacenter

Offload search load to Splunk Search Heads

Auto load-balanced forwarding to as many Splunk Indexers as you need to index terabytes/day

Send data from 1000s of servers using combination of Splunk Forwarders, syslog, WMI, message queues, or
other remote protocols
Copyright

2011, Splunk Inc.

17

Listen to your data.

Easy to Get Started

Download and install in minutes.

1. Download

2. Eat your Machine Data3. Start Splunking

Datacenter
Copyright

2011, Splunk Inc.

18

Listen to your data.

What Makes Splunk Different?

Any Data

Any format of data,

from any source
Full access to 100% of
data for months/years
Cradle-to-grave data
management

Completely
Supports
any analysis,
Flexible

reporting or monitoring
across IT silos
Highly flexible dashboards
present any view for any user
Adapts to changeschemaon-the-fly design supports
new or unexpected data

Immediate
Free download,
installs in
Results

minutes
Can get started small and
grow over timefrom
laptop to datacenters
Initial benefits realized in
hours or days

Splunk: The Engine for Machine Data

Copyright

2011, Splunk Inc.

19

Listen to your data.

macys.com
For the first time in
six years, macys.com
experienced no
downtime during peak
holiday shopping
despite a 50%
increase in traffic.
Camille Bali
Senior Analyst,
Architecture
Team
Copyright

2011, Splunk Inc.

Delivered the IT team end-to-end visibility across entire

technology stack
Enabled 100% up-time for two straight seasons during a 50%
increase
in transactions
Supplied role-specific, dashboards to 100+ users across IT
Listen to your data.
20

salesforce.com
We have taken application
performance
troubleshooting
for 87,000 customers to
the
next level.
The fact that we had a
data
treasure chest
was Bharadwaj
not
Narayan
obvious
Director, Product
Management
till Splunk came
in to the
picture.
Copyright

2011, Splunk Inc.

Now offering new services: reporting on customer

email campaigns
Provided business analytics around usage of social
platform services and apps on Force.com
Provided higher service levels
21

Listen to your data.

Cricket Communications
Splunk lets us build
dashboards to compare
and correlate whatever
we wantnothing else
lets us do that.
I built a business
analytics dashboard for
my manager in
Roberto Quezada
5 minutes and
he wasAnalyst
IT Operations
sold.
Copyright

2011, Splunk Inc.

Correlated F5, firewalls and malware for complete

security posture
Informed capacity planning
Delivered executive dashboards look at activations by
minute, by channel, by market
22

Listen to your data.

Vodafone
Splunk reduced
our escalations by
90% and our
problem resolution
time by 67%.
Paulo Carvalho
Director Operation

Copyright

2011, Splunk Inc.

Delivered rapid application troubleshooting and quality

management of higher margin 3G services
Enabled rapid error search across Java & J2EE
infrastructure
Provided service desk with required information quickly
and improved customer satisfaction level
23

Listen to your data.

Cisco
Splunk allows us to

quickly consolidate
and correlate
disparate log sources,
enabling previously
impractical monitoring
and response
scenarios.Dave
Schwartzburg
Computer Security
Incident
Response Team
Copyright

2011, Splunk Inc.

Enabled proactive threat assessment, mitigation

planning, incident trending with analysis, security
architecture, incident detection and response
Delivered a centralized view into user activities and
in-scope systems
24

Listen to your data.

Edmunds.com
Our Splunk
dashboards provide
both real-time and
historical trending data
we use to make the
decisions that impact
revenue.
John Martin
Senior Director,
Application
Operations

Copyright

2011, Splunk Inc.

Root cause analysis and troubleshooting

Long-term trending for IT and business
Identifying new customer behaviors
25

Listen to your data.

Splunk ROI Fast, Compelling, Diverse

Increase revenue
Increase uptime
Increase
productivity

Macys.com proactively monitor website, ecommerce and application infrastructure. Eliminated

downtime during peak periods, avoiding revenue
loss of $300,000/incident
TransUnion decreased average downtime per
incident by 90%, saving millions of dollars per year
in extra revenue.
HealthTrans used to take 7-8 hours to trace a
transaction. Now it takes 5 minutes.

Reduce costs

Large mutual fund is using Splunk for

compliance review. Through greater efficiency,
Splunk paid for itself in 60 days.

Reduce
fraud/abuse

Large telecoms company eliminate service

abusers. ROI gained on fraud detection in the first
month paid for Splunk

five US wireless carrier optimizes call

Protect the business Top
routing, saving hundreds of thousands of dollars
per month

Copyright

2011, Splunk Inc.

26

Listen to your data.

Splunking Across Industries

Solution Segments

IT
Ops

App
Mgmt

Security

Customer Segments

Web &
Complianc Business
Analytics
e

Federal
Financial Services

Developer Framework

Telecoms
Education

Copyright

2011, Splunk Inc.

27

Listen to your data.

A Growing Family of Apps

Security

IronPort WSA

Copyright

2011, Splunk Inc.

28

Listen to your data.

2,600+ Licensed Customers in 78

Countries
Cloud and Online Services

Education

Energy and Utilities

Financial Services and

Insurance

Government

Healthcare

Manufacturing

Media

Retail

Technology

Telecommunications

Travel and Leisure

Copyright

2011, Splunk Inc.

29

Listen to your data.

Splunk
Overview
Thank you!