Splunk_4.2_Overview_V1.7

Splunk 4.2

Date

NameTitle

Copyright © 2011, Splunk Inc. Listen to your data.

Recent Company Highlights

Company revenue: $66M in 2010Year-over-year Growth: 96%Cash flow positive since Q3 2009

2300 CustomersCustomers in 74 countries48 in the Fortune 100

New Seattle officeNew R&D facility led by former Microsoft Technical FellowGoal to accelerate development of Splunk as a platform for Operational Intelligence

2

Copyright © 2011, Splunk Inc. Listen to your data.3

The Engine for Machine Data


Splunk: Providing Operational Intelligence

4

Web Analytics

Developer Framework

App Mgmt

ComplianceSecurityIT Ops

Business Analytics


Splunk 4.2 – The Adventure Continues2009 2010 2011

Real-time AlertingUniversal ForwarderPerformance and ScalabilityManagement, Flexibility, Ease of Use

> Splunk 4.2

Real-time search and monitoring231,657 downloads

> Splunk 4.1

Massive scalability & performanceCustom views and dashboardsEnterprise manageability178,618 downloads

> Splunk 4.0

5


Real-time business requires real-time IT

Any machine data

Massive data streams and stores

Global deployments

Splunk 4.2: Addressing Evolving User Needs

6

Real-time alerting

Universal Forwarder

Performance and scalability

Manageability FlexibilityEase of Use


Real-time Alerts on Live Streaming Data

Script

RSS

Email

SNMP

Live streaming dataBuilds on Splunk real-time capabilities and powerful searchWorks across all uses of Splunk: especially securitySophisticated capabilities– Thresholds– Throttling– Automatic execution of script– Alert management

Trigger execution of corrective actions or notifications

Alert in real-time on individual and correlated events, based on keywords, values, patterns,

statistical outliers

Respond immediately to patterns, incidents and attacks as they occur.

7


Setting and Managing Real-time Alerts

Alert on individual and correlated events, based onkeywords, values, patterns, statistical outliers

Throttle notifications in event of an alert storm

Set threshold before notification

Notify designated personnel or execute script

Manage and track alerts

8

1 2 3


Universal Forwarder

Delivers secure, distributed, real-time universal data collection for tens of thousands of endpoints

Extends Splunk data fabric to large scale private cloud and desktop environments

Uses minimal system resources, easy to install and deploy– < half memory and footprint of Splunk

4.1; <1% of single core CPU

Scripts

Universal Forwarder Deployment

Logs ConfigurationsMessages Metrics

Central Deployment Management

9

Forward data without negatively impacting production performance.

Monitor files, changes and the system registry; capture metrics and status.


Performance and Scalability

10

Continuing to deliver faster results.

Single-server search experience 2-5x faster– Improved raw data format – less data

decompression per search

Distributed search experience 2-10x faster – MapReduce of field discovery sidebar and events

histogram– Disabling auto-field discovery increases search

performance even further

UI page render speed up to 2.5x faster– Reduced CSS & Javascript overhead


Scaling Splunk Via Search Head Pooling

Users

Load Balancer

Search Heads

Indexers

11

Automated reload and schedule coordination keeps Splunk knowledge in sync.

Shared Storage

Improved throughput, scalability and availability.

Deploy Splunk using load balancer + multiple search heads with shared context.


Monitor distributed deployments of Splunk from one place. Management and Flexibility

At a glance monitoring of all Splunk forwarders and indexers

See throughput, number of connections, sourcetypes, and license usage

Warnings for aberrant indexer and forwarder behavior

Drill down into individual forwarder and indexer details

12 12


Provide customers complete flexibility to self-manage distributed licenses. Management and Flexibility

New central license manager makes it easy to combine and distribute Enterprise licenses across multi-index deployments

Stack multiple licenses together

Group licenses into pools with specific entitlements

Flexibility to re-allocate as needed

13


Ease of Use: Simplified User Interface

Quickstart recipe for adding new data sources. Rapid search, alert and dashboard creation directly from search interface.

14

New and less technical users become successful with Splunk more quickly.


Ease of Use: VisualizationsQuickly visualize real-time data and thresholds.

Website Transactions Per Minute

Current Service Uptime (in days)

Tier 2 Escalated Issues(last 24 hours)

15

New linear and radial gauges.


Enhancements for Microsoft Environments

Universal Forwarder makes it easy to deploy onto Windows machines

Bypasses WMI and can gather Perfmon data efficiently

Getting Started Experience provides clear steps from installation to custom dashboards

Runs on Windows Embedded POS devices

ScriptsLogs ConfigurationsMessages Metrics


16

Easier collection of data from Windows machines and applications.

Monitor files, changes and the system registry; capture metrics and status.

ADMon

WMI

Security Event Logs

SharePoint

Perfmon

FSChange

Universal Forwarder Deployment



Extensive Beta Program

Most extensive Splunk Beta program to date196 customers participating with over 862 unique downloads

17

What Our Customers Are Saying


AT&T Interactive

“Our CIO is driving a real-time dashboarding initiative across the organization. Splunk’s ability to correlate and alert on events and rapidly build dashboards give us real-time insight into our infrastructure we need to deliver quickly on our CIO’s decree.”

Noah Gift, Title, AT&T Interactive

19


“Splunk’s universal forwarder makes it easy to push updates across our distributed retail infrastructure—saving us days per update. The minimal footprint ensures other processes continue to run smoothly.”

Chris Haas, Title, PCC Natural Markets

“Real-time Windows monitoring from Splunk exposes issues before they knock out point-of-sale devices, preventing revenue loss and dissatisfied customers.”

Chris Haas, Title, PCC Natural Markets

PCC Natural Markets

20


Prominent New England University

“Splunk’s new real-time gauges will help our IT team to proactively address security and infrastructure challenges. With just a glance we can see when we’re approaching a threshold and take appropriate action to minimize downtime and keep customers happy.”

Network Management Systems Engineer,Prominent New England University

21

New EnglandUniversity


Swisscom

“Splunk real-time alerts help us to see abuse and fraud activities as they happen. The more quickly we can see these attacks the more quickly we can address them—ensuring the security and availability of critical services for our largest and most prestigious customers.”

Mika Borner, System Administrator, Swisscom

22

Splunk 4.2 Demonstration

Splunk 4.2

Thank you

Date post:	14-Dec-2014
Category:	Documents
Upload:	chieu-le
View:	102 times
Download:	0 times

Splunk_4.2_Overview_V1.7

Documents