theCUBE Live At Splunk.conf 2014

If you’re feeling overwhelmed by the mass of Big Data floating around inside your organization, you could do a whole lot worse than feeding it to Splunk Inc..

One of the biggest takeaways from this year’s Splunk.2014 Conf was just how vast the potential uses cases of the platform are. There’s so many uses in fact, that even Splunk is surprised by what its customers end up using it for. Indeed, Splunk’s president and CEO Godfrey Sullivan once admitted that between “30 percent to 40 percent of the company’s revenue comes from uses it did not envisage”.

So just how are people using Splunk today?

Detecting Hackers

At a time when cybercrime has become all the rage, some of the most benefical use cases for Splunk are in security. As such, British Sky Broadcasting (BSkyB) has turned to Splunk to help it detect when hackers are trying to access its customer’s accounts. Specifically, it uses Splunk to help monitor customer’s login behavior, tracking the times and locations they access their accounts to try and spot any discrepancies.

Security is becoming “a harder and harder battle to fight,” said Mark Debney, Principal Engineer, DevOps, at BSkyB. “So we’re looking at tools like Splunk to help us scale up our security efforts.”

“We’re looking at the attacks that are slow burn, they hide really well under the normal traffic and Splunk allows use to recognize these,” he added.

The main aim for BSkyB is to identify attacks that occur over extended periods of time, and Splunk is what enables them to do so. BSkyB’s security team uses the platform to automate real-time threat identification rules, so they can adapt to whatever new tactics the attackers employ.

As most regular readers will appreciate, cybersecurity is a never-ending battle. In BSkyB’s case, it finds itself constantly fending off new attacks from hackers. There’s no way to prevent it, but with the aid of tools like Splunk, BSkyB’s security team can and does make things extremely difficult for them.

“It’s a bit of a game, but it’s a game you never stop playing,” said Debney.

Delivering pizzas

Even fast food can benefit from a slice of Big Data. Take Dominos Pizza, which uses Splunk in various ways to monitor apps, security and eCommerce.

The franchise has seen its biggest rewards through sales, thanks to Splunk’s ability to compare online ordering data across multiple platforms. As well as just adding up the figures, Splunk also provides insights on how the various elements of those platforms drive sales, allowing the company to “see the fruits of data in real time,” according to Russ Turner, Engineering Manager for Site Reliability at Dominos.

“We could compare voice ordering vs mobile ordering,” explained Turner. “If more people abandon while voice ordering, we can break that down and find out why.”

Bashing bugs

A major flaw in Linux systems called the “Bash Bug” was discovered last month, causing panic among IT security bods. It’s claimed that the flaw could be exploited to take control of an entire system, and obviously that would be a major problem for an organization that controls as much money as NASDAQ, for example.

As it happens some of NASDAQ’s systems are indeed vulnerable to the Bash Bug, in spite of the flood of patches pushed out by vendors when the news broke. Thankfully – at least for the world’s rich and powerful whose money is tied up in NASDAQ – the stock exchange has been able to use Splunk to find and patch vulnerabilities within its systems, just as it did when the OpenSSL flaw was uncovered lat year.

In the case of OpenSSL, NASDAQ built a dashboard using Splunk that helped it to keep track of anyone coming after it. The dashboard charts which systems are vulnerable to the bug, allowing NASDAQ’s security team to move faster to patch them.

“We wanted to track if someone was coming after us and see which system they were trying to get into, and find out whether the system is vulnerable or not and whether it can be patched if it is,” said NASDAQ’s CISO Mark Graff in an interview with Computing.co.uk.

Having successfully fended off the OpenSSL flaw, NASDAQ is now using Splunk in the same fashion to protect against Bash.

Saving Lives

For those who rely on Australia’s Royal Flying Doctors, Splunk really is a life saver. In an interview on theCUBE at Splunk .conf2014, the Flying Doctor’s IT manager Adam Ind revealed a number of ways in which the airborne medical corps is using the software.

Not surprisingly for an organization that runs some 63 aircraft (it’s technically Australia’s 3rd biggest airline!), it creates an awful lot of flight data. Using Splunk, Ind and his team are able to track those aircraft, monitoring their altitude and location in real-time, and display this in dashboards for medical staff to see.

“It’s interesting to look at patterns of where we’ve flown, also the real-time visibility,” said Ind. “We can easily get this information out to all of our staff, using big screens mounted on walls showing Splunk dashboards. It makes a difference when there’s a nurse at our base who needs to meet an incoming aircrft with a patient on board.”

Medicines and vaccines also need monitoring, especially when they’re being flown out to somewhere in Australia’s vast, inhospitable outback. The Flying Doctors uses special insulated boxes to keep the drugs within a certain temperature range during flights, and monitors them using sensors.

“We store a lot of them in fridges, and we need to keep them at a certain temperature range during flight,” explains Ind. “Splunk can index that data so we can customize reports the way we want.”

“So with Splunk you can say, for this particular box of drugs, I just want to email this person, rather than giving everyone in the organization an alert. “