SplunkLive! Warsaw 2016 - Splunk IT Service Intellience

Copyright©2016SplunkInc.

SplunkITServiceIntelligenceHans-HenningGehrts

WhatWeHearFromOurCustomers!

“MyCIOisdemandingwelookatITfromabusinessserviceperspective.”

“Splunkisgreatforbreak-fix,butIneedtoshowwe’remeetingSLAs.”

“Ineedeveryonetobeabletoseethesamethingatthesametime.”

“IjustwanttothrowdataatSplunkandhaveitfindproblemsforme.”

“Showmewhatmydatacandoforme!”

RethinkingandImprovingHowITOperates

3

TraditionalIT Data-DrivenIT

• Structureddata• Brittletoolsandintegrations• Obsessionwith“faults”and“traps”• Focusoncomponentsparts• Searchoriented

• Structuredandunstructureddata• Robustdataintegrations• Real-timeinsightsfrombigdata• Focusonthewholeservice• Machinelearning-drivenanalytics

4

WhatIsServiceIntelligence?

Enablingabusiness-awareITMeasuringandreportingonindicatorsthatmatter

UnlockingoperationalefficienciesCollaboratingacrosssilostoimproveserviceoperations

Data-baseddecisionmakingSolvingproblemsandanticipatingpitfallswithsophisticatedanalyticsandpowerfulinsights

Machinelearning-poweredanalyticsforreal-timeserviceinsights,simplifiedoperationsandroot-causeisolation

WhyAnotherSplunkSolution?

6

Adata-centricapproachisneeded

ServicecontextmaximizesSplunkvalue

Anintegratedsolutionacceleratescustomersuccess

Splunk ITServiceIntelligenceMachineLearning-Powered,Analytics-DrivenITOperations

Simplifyserviceoperations

Prioritizeincidentswithcontext RedefinetheroleofIT

Combineevents&metricsacrosssiloswithease,flexibility&scaleindays

Unifysiloed monitoringLeveragemachinelearningtodetectanomalies&highlight

eventsthatmatter

Deliverbusiness&servicecontexttoprioritizeincidentinvestigation&action

Supportdecisions&communicateresultswithpowerfulservice-levelinsights

KeyConcepts

TerminologyMatters

9

Logicalgroupingofoperations

Onlinebanking,authentication,virtualization

EXAMPLES

SERVICES

Setofactionsperformedwith

specificbusinessgoals

Sellproducts,fulfillorders,processpayroll

EXAMPLES

BUSINESSPROCESSES

Componentrequiredtodeliveraservice

Hosts,users,

OSprocesses

EXAMPLES

ENTITIES

Metricsusedtoevaluatesuccess

Servicehealth,orderrevenue,

latency

EXAMPLES

KEYPERFORMANCEINDICATORS

SplunkITServiceIntelligence– CoreConcepts

Service RequestsResponses

Web

TechnicalServices Services

RequestsResponses

MobileAPI/Middleware

RequestsResponses

DNSSupportDesk Requests

Responses

CustomerTransactions

RequestsResponses

BusinessServices

PacketNetwork

HypervisorandHosts

RDBMSs

StorageTier

APIServices

WebServices InSplunkITSI,aservice isalogicalgroupoftechnologycomponentsthatauser

deemsneedtobemonitoredtogether

ITServiceIntelligence– CoreConcepts


Web

TechnicalServices Services


Web


RequestsResponses

BusinessServices

Mobile

API/Middlew

are

SupportDesk

DNS

ITServiceIntelligence– CoreConcepts


Web

TechnicalServices

PacketNetwork

HypervisorandHosts

RDBMSs

StorageTier

APIServices

WebServices

Web

NumberofrequestsErrorrateAverageresponsetimeServicerCPUloadServernetworkI/Ferrors

KPIs

KPIsandhealthscoresconstitutethemeansbywhichservicesare

monitored

HealthScore

DefininganEntity

13

Anentity isanoptionalsub-elementofaKPI.

AKPIcanbefilteredbyentitiesandviewedonaper-entitybasisorasanaggregate.

TheKPIWebRequestsmightusewebserversasentities;UserLogins coulduseaccounts.

SplunkITSIcanimportentitiesfromCMDBs&othersources.

ServiceHealthScores

14

Ahealthscoreisrankedfrom0-100(0=criticaland100=normal)thathelpsdeterminethehealthofaservice.

Itiscalculatedbasedonimportanceandstatus(e.g.,green,orange,red)ofallKPIs,onceeveryminute.

SplunkITSIDemo

PersonalizedVisualizationsofYourServices

• Visualizecontextualinter-relationshipsacrossservicedeliverycomponents

• Illustratebusinessandserviceactivityusingindicatorsalignedwithstrategicgoals

• Drivedecisionsbymonitoringservicehealthagainstperformanceindicators

• Createsophisticateddashboardsinminutes

16

OrganizedViewofPerformanceIndicators

17

• OrganizeandcorrelateKPIstospeedupinvestigationsanddiagnosis

• Compareperformanceovertimeandinrealtimetounderstandtrendsandidentifysystemicissues

• Enablebroadanddeepinvestigationwithcontextualdrill-downs

Real-TimeViewofServiceandKPIHealthScores

• GetearlywarningofemergingincidentswithaheatmapofservicehealthandKPIscores,metrics,sparklines andalerts

• Drilldownintoserviceandentitydetailsforin-depthtriage

18

InsightsIntotheOriginofServiceDisruptions

19

Profileanentitytotroubleshootoutagesandservicedegradations

IdentifycontributingservicesandentitiesoftheworstperformingKPIs

CorrelationRulesGenerateMeaningfulEvents

20

Runpredefinedcorrelationsearchesagainstlearnedindicatorstogeneratenotableeventsbasedonstatusandcompositescores

SophisticatedEventAnalytics

21

• Reduceeventclutterandfalsepositiveswithmultivariateanomalydetection

• Automaticallyconcealduplicateeventstofocusonrelevantevents

• Easilysiftthroughvastamountsofeventsbyfiltering,taggingandsorting

• Enrichandaddcontexttoeventstomakeitinformativeandactionable

IntegrateWithExistingIncidentWorkflows

22

Automaticallyinitiatedefinedincidentandremediationresponses

IntegratewithServiceNowtocreateticketsandacceleratetriage

DeepService-OrientedInsightsIntoTechnologyDomains

● Extendout-of-the-boxfunctionalitybyeasilyintegratingwithopensourceand3rd-partytechnologiesandtools

23

• Fast-trackdatacollectionwithoutcostlyadd-ons,customizationsandmanualconfigurations

• Gaindeepservice-orientedinsightswithbuilt-indashboards

• Simplifycreationanddeploymentofthird-partyandcustommodules

LearnWhat’sNormalandAbnormal

24

Baselinenormaloperationsandalertonanomalousconditions

IdentifyabnormaltrendsandpatternsinKPIdata

BaselineTrendstoAdaptThresholds

25

UsestatisticstodynamicallyadaptKPIthresholdsbytime

MaintainandpreservelearnedthresholdstomonitorKPIandservicebehavior

ReducetheAdministrativeHurdle

26

Enablemasschangestothresholdsandsearcheswithtemplates,reducingthenumberofsearchesandimprovingperformance

Setservicesandentitiesinto“maintenance”tosuppressalertsandaccuratelyreflecthealthscores

CreatehighlyavailableSplunkITSIenvironments,revertconfigurationstopreviousversionsandensurecontinuousdelivery

ManagepermissionsandauthorizeaccesstovariousviewswithinSplunkITSI

FASTSEARCHPERFORMANCE

MAINTENANCEWINDOWS

BACKUPANDRESTORE

ROLE-BASEDACCESSCONTROLS

WhatMakesSplunkITSIDifferent

27

Search-BasedKPIs• Easytowrite,manageandchangebothservicesandKPIs

• Reflects businessandtechnologypriorities

• Benefit:RapidlygenerateandchangeKPIstoalignservicehealthwithbusiness

• Fiserv – 1000sinjustweeks

FullFidelityServiceHealth

• Adaptableandflexibledefinitionsofservicehealth

• Onesolutiontogoseamlesslyfromservicereportstorootcause, includingrawdata

• Remainsadaptableandyetstillmaintainscompletehistoricalcontext

UniversalDataPlatform

• Datadriven:AllITdataincludingevents,metricsandlogs

• Schemaon-the-Fly• Askanyquestionofthedata

• Fasttime-to-value

• Datafidelity

CaseStudies

Real-TimeCarAuctionsDeliveredWithIntelligence

29

Reducedtime-to-investigateandresolutionwithreal-timeinsights

Reducedincidentsacrossglobal

auctionsby90%

Improvedend-userexperienceandservicereliability

“WithSplunkITSI,wehaveproactiveinfrastructuremonitoringtoensureaconsistentlevelofcustomerserviceforinterestedbuyerstobidoncars.”

– KenGavranovic,VPTechnologyApplicationDevelopment&Operations,CoxAutomotive

Scalingtheimplementationwith

SplunkCloud

SplunkITServiceIntelligenceat

30

Replacedhome-growntools

Providedreal-timeserviceinsights toLOBs

Reducedtime-to-resolution

ImprovedSatelliteOperationsWithReal-TimeInfrastructureVisibility

31

“UsingSplunkITSIhashelpedustounderstandourITnetworkinawayweweren’tabletopreviously.Thishasdirectlyledtoimprovementsinareassuchastroubleshootingandsecurityawareness.”

– DanielNye,CTO,SurreySatellite

Improvedserviceaccessibility,reliabilityandsecurity

Enhancedabilitytotroubleshootpersistentserviceproblems

Gainedend-to-endvisibilityintooverallITperformance

ModernizingEnterpriseMonitoringattheInternationalWorldDevelopmentBank

● Enhancedservicereliabilityandincidentresponse

● Easeandflexibilityincreatingbusinessleveldashboardsadhocandon-the-fly

● IntegrationswithBMCRemedytosimplifyincidentresponseandaction

● Tracingbusinesstransactionsendtoend

32

Supporting,MonitoringandSecuringServices24/7

33

REDUCETIME-TO-RESOLUTION

ConsolidatedservicesviewacrossentireITinfrastructure

IDENTIFYANOMALOUSACTIVITYANDENSURE

GOVERNANCE

Adaptivethresholdsandalertsimprovesecurityposture

PROACTIVELYIMPROVECUSTOMEREXPERIENCE

Comprehensiveanalyticstoreduceservicedisruption

34

Unifiedinsights:dataintegrationsfromothertools

11,000to100s

Reducedincidenttickets

AlertingonserviceKPI’sinsteadof

serverperformance

Usagebaselinestoidentifyanomalies

SplunkITServiceIntelligenceat

35

Server-basedtoservices-basedmonitoring

Top-downanddeep-diveservice

insights

200+servicesand1,500+KPIsmonitored

FlexiblecreationandmodificationofservicesandKPIs

AlertingonserviceKPIsinsteadof

serverperformance

Real-time,holisticandproactive“client”view

Splunk ITServiceIntelligenceat

SplunkITServiceIntelligenceData-drivenservicemonitoringandanalytics

36

SPLUNKITSERVICEINTELLIGENCE

Time-SeriesIndex

PlatformforMachineData

DynamicServiceModels

Schema-on-Read DataModel CommonInformationModel

At-a-GlanceProblemAnalysis

EarlyWarningonDeviations EventAnalytics SimplifiedIncident

Workflows

Strategic,business-centric

viewofIT

AcceleratedvalueforIT

Data-centricapproachto

servicemapping

SplunkITServiceIntelligence

HowDoYouGetSplunkITSI?

38

ONLINESANDBOX TRIAL

7daysofaccesstoafree,personalenvironmentinthecloud,with

prepopulateddata

Engageinaproof-of-concepttoindexyourdataandexperience

Splunk ITSI

Splunk-SponsoredGuidedWorkshop

39

Definemethodsfor:

• Proactiveservicemonitoring

• Reducedriskandfailures

• Fasterissueresolution

• Increasedbusiness

performance

Whatisit?

• 1-dayon-siteworkshop

• Tightlylinkedwithvalue

• Collaborativeapproach

• BuildyourownSplunkITSI

GlassTable

ThankYou

Backup

AugmentConventionalMonitoring


APM NPM Operations&InfraMgmt. DomainTools

DeliverInsightsBasedonIntegratedData,NotIntegratedProducts

43


Getdata Defineservices,entitiesandKPIs

Monitorandtroubleshoot

Analyzeanddetect

Data-Defined,Data-DrivenServiceInsights

Pricing

Splunk Enterpriseor Splunk Cloud

SplunkITSI

Splunk ITSI

45

VolumeDiscountsBuiltIn

46

DailyPeakIndexingVolume (GB)


$/GB Built-inVolumeDiscount

1 $5,000 $5000

2 $7,500 $3750 25%

5 $12,500 $2500 50%

10 $18,000 $1800 64%

20 $27,000 $1350 73%

50 $47,500 $950 81%

100 $60,000 $600 88%

200 $90,000 $450 91%

500 $162,500 $325 93.5%

1000 $300,000 $300 94%

Date post:	06-Jan-2017
Category:	Technology
Upload:	splunk
View:	115 times
Download:	2 times