Copyright©2016Splunk Inc.

CoryFowlerMicrosoft

GainInsightsintoyourMicrosoftAzureDatausingSplunk

JasonCongerSplunk

Disclaimer

2

Duringthecourseofthispresentation,wemaymakeforwardlookingstatementsregardingfutureeventsortheexpectedperformanceofthecompany.Wecautionyouthatsuchstatementsreflectourcurrentexpectationsandestimatesbasedonfactorscurrentlyknowntousandthatactualeventsorresultscoulddiffermaterially.Forimportantfactorsthatmaycauseactualresultstodifferfromthose

containedinourforward-lookingstatements,pleasereviewourfilingswiththeSEC.Theforward-lookingstatementsmadeinthethispresentationarebeingmadeasofthetimeanddateofitslivepresentation.Ifreviewedafteritslivepresentation,thispresentationmaynotcontaincurrentoraccurateinformation.Wedonotassumeanyobligationtoupdateanyforwardlookingstatementswemaymake.Inaddition,anyinformationaboutourroadmapoutlinesourgeneralproductdirectionandissubjecttochangeatanytimewithoutnotice.Itisforinformationalpurposesonlyandshallnot,beincorporatedintoanycontractorothercommitment.Splunkundertakesnoobligationeithertodevelopthefeaturesor

functionalitydescribedortoincludeanysuchfeatureorfunctionalityinafuturerelease.

Agenda

DeployingSplunkonAzureCollectingMachineDatafromAzureSplunkAdd-onsUsecasesforAzureDatainSplunk

3

SplunkavailableinAzureMarketplace

4

SplunkinAzureMarketplace

WhatcanSplunksolutiontemplatedoforyou?

Accelerates deploymenttimedowntominutesAbstracts away detailsofconfiguringdistributedSplunkIncorporatesSplunkbestpracticesforoperationsandadministrationExtensible andcustomizable templatestofitcustomneeds

5

https://azure.microsoft.com/en-us/marketplace/partners/splunk/splunk-enterprisebyol/https://www.splunk.com/pdfs/technical-briefs/deploying-splunk-enterprise-on-microsoft-azure.pdf

AzureMarketplaceDemo

6

CollectingMachineDatafromAzure

7

HowwecollectAzureData

REST

BlobsTables Files

AzureStorageContainers

Queues

AzureSDKs

AzureStorageTableData

9

AzureStorageBlobData

10

MicrosoftAzurePythonSDKs

11

Demo

12

SplunkAdd-onsforMicrosoftAzureData

13

Demo

AzureFunctions

15

WhatisServerless?

Event-drivenscale Sub-secondbillingServerAbstraction

AzureFunctionsProcesseventswithServerlesscode.• MakecomposingCloudAppsinsanelyeasy• DevelopFunctionsinC#,Node.js,F#,Python,

PHP,Batchandmore• Easilyscheduleevent-driventasksacross

services• ExposeFunctionsasHTTPAPIendpoints• ScaleFunctionsbasedoncustomerdemand• EasilyintegratewithWorkflows

Demo

18

AzureFunctions+Splunk

•HTTP•AzureServices

•ThirdPartyServices

Trigger/Input

Bindings

•EventProcessing

•Logging

CodeExecution

•Splunk HEC•AzureServices

OutputBindings

Demo

UseCases(ITOps)

21

ServerandapplicationdiagnosticsContainerlogsCDNlogsIoT dataApplicationlogsWindowsEventlogsIISlogsStoragemetricsManagementdata(accesslogs,billing,ADlogs)Networksecuritygroupandloadbalancerlogs

UseCases(Security)

22

AuditComplianceUnauthorizedaccessattemptsResourcechangetrackingNetworkconfigurationchangesVulnerabilitiesinhostsorfirewalls

References

23

SplunkontheAzureMarketplaceSplunkAdd-onforMicrosoftCloudServiceshttp://blogs.splunk.com/2016/04/18/announcing-splunk-add-on-for-microsoft-cloud-services/http://blogs.splunk.com/2016/02/18/announcing-splunk-enterprise-in-microsoft-azure-marketplace/http://blogs.splunk.com/2016/03/15/splunking-microsoft-azure-data/http://blogs.splunk.com/2016/03/28/splunking-microsoft-azure-audit-data/

THANKYOU