Splunk Overview

Two-thirds of all IT spending is just

to sustain the business, not to grow
or transform the business
Source: Gartner, IT Metrics: IT Spending and Staffing Report, 2010
Copyright 2011, Splunk Inc.

Listen to your data.

Machine Data Is Pervasive

Additional Sources

Customer-facing IT

Core IT

Web
Services
Shipping

RFID

Data
Warehouse

Desktops

GPS/Cellular

Shopping
Basket

Developers

Security
Energy

Cloud

Servers
Telecoms

Online
Services

App
Support

Virtual

Networking
Manufacturing

Storage

Clickstream

Physical

Messaging

Copyright 2011, Splunk Inc.

Listen to your data.

Machine Data Is Pervasive

Additional Sources

Core IT

Customer-facing IT

Machine data volumes, sources and types exploding

80-95% of an organizations data is unstructured

If stored, in silos throughout the organization
New technologies adding to data explosion
(mobile devices, sensors, GPS, virtualization, cloud)
Market trends makes this data valuable to the business
Contains a categorical record of activity and behavior

Copyright 2011, Splunk Inc.

Listen to your data.

What Its Like In The Trenches

Application
Support

Application
Developer

Systems
Administrator

Application
Developer

Database
Administrator

Log call. The

console says
everything is
green.

Java monitoring
tools dont show
anything either.
Call the
developer.

Stop working on
new code to
troubleshoot.
Need production
logs!

Stop what theyre

doing to identify
and gather
production logs
for developer.

Manual
investigation
establishes not
application
problem.

DBA analyzes
audit logs which
points to bad
query.

Escalate.

Escalate.

Escalate.

Respond.

Escalate.

Now what?

Service Desk

Copyright 2011, Splunk Inc.

Listen to your data.

And When The Business Needs Intelligence...

I need a new
report

Well need to
change the
schema for that

Copyright 2011, Splunk Inc.

I need to see it in
real time

Our system is
batch. Well need a
new system

Whats the trend

over the last year?

Sorry. We only keep

7 days of
data online

Listen to your data.

Collect, index and harness your machine data

to identify problems, patterns, risks and
opportunities and drive better decisions
for IT and the business.
Copyright 2011, Splunk Inc.

Listen to your data.

So What is Splunk, Exactly?

Splunk is the engine for machine data

Provides visibility, reporting and search across

all your IT systems and infrastructure

Copyright 2011, Splunk Inc.

Its software download and install it in 5

minutes
Runs on all modern platforms

Listen to your data.

Splunk: The Engine for Machine Data

No predefined schema, no custom connectors, no RDBMS, no need to filter/forward.
Customer
Facing Data

Outside the
Datacenter

Click-stream data
Shopping cart data
Online transaction
data

Manufacturing,
logistics
CDRs & IPDRs
Power consumption
RFID data
GPS data

Logfiles

Windows
Registry
Event logs
File system
sysinternals

Linux/Unix
Configurations
syslog
File system
ps, iostat, top

Copyright 2011, Splunk Inc.

Configs Messages

Traps
Alerts

Metrics

Virtualization
& Cloud
Hypervisor
Guest OS, Apps
Cloud

Scripts

Changes

Tickets

Applications

Databases

Web logs
Log4J, JMS, JMX
.NET events
Code and scripts

Configurations
Audit/query logs
Tables
Schemas

Networking
Configurations
syslog
SNMP
netflow

Listen to your data.

Delivering Operational Intelligence

Single Data Store

Single UI

Across Use Cases

Three Primary Capabilities

Search/Navigate

Real-time Visibility

Data drilldown
Needle in a haystack
Root cause
analysis/troubleshooting
Incident investigations

Copyright 2011, Splunk Inc.

Live dashboards
Event correlation
Monitoring and alerting
Performance issues
Transaction levels
SLA tracking

10

Historical Analytics
Baseline and thresholds
Trending
Operational insights
Historical patterns
Compliance reports

Listen to your data.

Splunk is a Powerful Search Engine for IT

Find and fix problems dramatically faster across your organization.

Copyright 2011, Splunk Inc.

11

Listen to your data.

In The Trenches With Splunk

Troubleshoot problems in minutes not hours or days.
192.168.169.100
Trouble
Ticket

Search on IP address
shows related Web
session and User ID

192.168.169.100
Last 60 minutes

Service Desk
* AND failure OR error

Search at same time

reveals database error
and permission failure

failure OR error
Last 2 minutes

Search Your Entire IT Infrastructure

User ID=John AND permission_change

Last 1 minute

Copyright 2011, Splunk Inc.

12

Search on permission
changes shows change
without ticket number
Listen to your data.

Splunk Proactively Monitors for Incidents

Automatically monitor all your infrastructure in real-time to identify issues, problems
and attacks before they impact your customers and services.

RSS

Email
SNMP
Trouble
ticket

Copyright 2011, Splunk Inc.

13

Listen to your data.

Splunk Delivers Operational Visibility

Gain end-to-end visibility to track and deliver on IT KPIs
and make better-informed IT decisions.

Copyright 2011, Splunk Inc.

14

Listen to your data.

Splunk Provides New Insights for Business

Gain new insight from operational data to make better-informed business decisions.

Copyright 2011, Splunk Inc.

15

Listen to your data.

New Levels of Visibility for IT and the Business

Copyright 2011, Splunk Inc.

16

Listen to your data.

Scales Across the Datacenter

Offload search load to Splunk Search Heads

Auto load-balanced forwarding to as many Splunk Indexers as you need to index terabytes/day

Send data from 1000s of servers using combination of Splunk Forwarders, syslog, WMI, message queues, or other remote protocols
Copyright 2011, Splunk Inc.

17

Listen to your data.

Easy to Get Started

Download and install in minutes.

Copyright 2011, Splunk Inc.

18

Listen to your data.

What Makes Splunk Different?

Any Data
Any format of data, from any
source
Full access to 100% of data
for months/years
Cradle-to-grave data
management

Immediate Results

Completely Flexible
Supports any analysis, reporting
or monitoring across IT silos
Highly flexible dashboards
present any view for any user
Adapts to changeschema-onthe-fly design supports new or
unexpected data

Free download, installs in

minutes
Can get started small and grow
over timefrom laptop to
datacenters
Initial benefits realized in hours
or days

Splunk: The Engine for Machine Data

Copyright 2011, Splunk Inc.

19

Listen to your data.

macys.com
For the first time in six
years, macys.com
experienced no downtime
during peak holiday
shopping despite a 50%
increase in traffic.
Camille Bali
Senior Analyst,
Architecture Team

Copyright 2011, Splunk Inc.

Delivered the IT team end-to-end visibility across entire technology stack

Enabled 100% up-time for two straight seasons during a 50% increase
in transactions
Supplied role-specific, dashboards to 100+ users across IT

20

Listen to your data.

salesforce.com
We have taken application
performance troubleshooting
for 87,000 customers to the
next level.
The fact that we had a data
treasure chest was not obvious
till Splunk came in to the
picture.
Narayan Bharadwaj
Director, Product
Management

Copyright 2011, Splunk Inc.

Now offering new services: reporting on customer email

campaigns
Provided business analytics around usage of social platform
services and apps on Force.com
Provided higher service levels
21

Listen to your data.

Cricket Communications
Splunk lets us build
dashboards to compare and
correlate whatever we want
nothing else lets us do that.
I built a business analytics
dashboard for my manager in
5 minutes and he was sold.
Roberto Quezada
IT Operations Analyst

Copyright 2011, Splunk Inc.

Correlated F5, firewalls and malware for complete security posture

Informed capacity planning
Delivered executive dashboards look at activations by minute, by
channel, by market

22

Listen to your data.

Vodafone
Splunk reduced our
escalations by 90% and
our problem resolution
time by 67%.
Paulo Carvalho
Director Operation

Copyright 2011, Splunk Inc.

Delivered rapid application troubleshooting and quality management

of higher margin 3G services
Enabled rapid error search across Java & J2EE infrastructure
Provided service desk with required information quickly and improved
customer satisfaction level
23

Listen to your data.

Cisco
Splunk allows us to quickly

consolidate and correlate

disparate log sources,
enabling previously
impractical monitoring and
response scenarios.
Dave Schwartzburg
Computer Security Incident
Response Team

Copyright 2011, Splunk Inc.

Enabled proactive threat assessment, mitigation planning,

incident trending with analysis, security architecture, incident
detection and response
Delivered a centralized view into user activities and in-scope
systems
24

Listen to your data.

Edmunds.com
Our Splunk dashboards
provide both real-time and
historical trending data we
use to make the decisions
that impact revenue.

John Martin
Senior Director,
Application Operations

Copyright 2011, Splunk Inc.

Root cause analysis and troubleshooting

Long-term trending for IT and business
Identifying new customer behaviors
25

Listen to your data.

Splunk ROI Fast, Compelling, Diverse

Copyright 2011, Splunk Inc.

Increase revenue

Macys.com proactively monitor website, e-commerce and

application infrastructure. Eliminated downtime during peak
periods, avoiding revenue loss of $300,000/incident

Increase uptime

TransUnion decreased average downtime per incident by 90%,

saving millions of dollars per year in extra revenue.

Increase productivity

HealthTrans used to take 7-8 hours to trace a transaction.

Now it takes 5 minutes.

Reduce costs

Large mutual fund is using Splunk for compliance review.

Through greater efficiency, Splunk paid for itself in 60 days.

Reduce fraud/abuse

Large telecoms company eliminate service abusers. ROI

gained on fraud detection in the first month paid for Splunk

Protect the business

Top five US wireless carrier optimizes call routing, saving

hundreds of thousands of dollars per month
26

Listen to your data.

Splunking Across Industries

Solution Segments

App
Mgmt

IT
Ops

Security

Compliance

Customer Segments
Web &
Business
Analytics

Federal

Financial Services
Developer Framework

Telecoms

Education

Copyright 2011, Splunk Inc.

27

Listen to your data.

A Growing Family of Apps

Security

IronPort WSA

Copyright 2011, Splunk Inc.

28

Listen to your data.

2,600+ Licensed Customers in 78 Countries

Cloud and Online Services

Education

Energy and Utilities

Financial Services and Insurance

Government

Healthcare

Manufacturing

Media

Retail

Technology

Telecommunications

Travel and Leisure

Copyright 2011, Splunk Inc.

29

Listen to your data.

Splunk Overview

Thank you!