Splunk catches data in-flight | #splunkconf
“Driving a new generation of data and delivering value out of it,” is how Chairman and CEO Godfrey Sullivan describes Splunk, Inc.’s mission. Welcoming attendees to Splunk.conf 2015, the “Superbowl for Splunk customers” at the MGM Grand in Las Vegas, Sullivan marks Mile 8 on the Splunk marathon, saying that the company is “still early in the race but is making good progress.”
Through investment in four main areas — Enterprise, Partners, Solutions and Cloud — Splunk is enabling its customers to deliver Operational Intelligence to their companies faster, cheaper and more securely. “Splunk is streaming data,” said Sullivan. “We need to catch that data in flight and ask it questions.”
Splunk Enterprise 6.3
“Splunk Enterprise 6.3 is faster, requires less hardware and is easier to manage,” according to Nate McKervey, director of technical marketing for Splunk, in his announcement of Splunk Enterprise 6.3. New capabilities of this platform include:
- Faster and smarter Search and Reporting capabilities
- Faster index speed and added parallel indexing
- Reduced cost of ownership with 50% less hardware
Splunk client Cisco Systems, Inc. is quoted on the indexing capabilities, saying the Spunk Enterprise 6.3 “exceeded all expectations; indexes up to 6x faster.” The CME Group is: “Very excited about performance enhancements,” and is quoted as saying: “Having faster, more consistent speed and performance allows users to have a faster, more consistent experience.”
In a fun and effective demonstration of the HTTP event collector capabilities of Enterprise 6.3, McKervey orchestrated the audience to “shake their phones to make ponies fly.” As participants registered their phones to a geographic location and started physically shaking them, the screens showed real-time shaking stats, including the total shakers, top shakers, geographical info, a custom alert, and even comparison of the OS for the devices they were using. Other features not demonstrated but mentioned include anomaly detection and trending info.
“Your phones just sent data directly into Splunk without installing any forwarder,” said McKervey to a round of applause.
Splunk Cloud: ‘Three clicks and a beer!’
Introducing Splunk Cloud as the “only solution in the marketplace to offer a true seamless, hybrid experience,” Marc Olesen, senior VP and GM, Cloud Solutions for Splunk, raised a cold bottle of Molson and toasted the crowd as a demonstration to show how installing a trial version of Splunk Cloud is “so easy — zero to Splunking in a few minutes.”
“Literally three clicks and time for me to have a beer,” said Olesen.
Splunk Cloud is not only easy to try and purchase, but easy to set-up said Olesen. Creating a hybrid search involves completing just three fields: URL, port and security key. Results are shown on one pane of glass.
Several customer testimonials were shown that enforced the message of time to value and ease of use, with a representative for Orrstown Bank, which uses Splunk to manage its ATM network, saying that they “don’t want to run a data center, would rather have Splunk Cloud.”
Olesen wrapped up by assuring customers that “Cloud is a journey, and Splunk is your partner: Instant, secure, reliable and hybrid.”
Real-time reactions: Business analytics and IoT
During the keynote address, Snehal Antani, chief technology officer for Splunk, posed the hypothetical question: “Why am I making decisions on last month’s data when we should be running data in real time?” as an introduction to Splunk’s capabilities for providing real-time analytics that provide value to enterprise.
Videos of customers describing use-case scenarios include testimonials such as: “Splunk is the platform for our company,” from German online retailer OTTO and “(Splunk) ultimately helps us drive down costs in our supply chain,” from US-based retail giant Target Corp.
Splunk: A cyber-security center
Announcing Enterprise Security 4.0 and Splunk User Behavior Analytics, Monzy Merza, Splunk’s chief security evangelist and minister of defense said that the two “work hand in hand in your own security investigation center” and “increase ability to detect new threats faster.”
Enterprise Security 4.0 enables rapid investigations without losing focus. Key features are:
- Investigator timeline. This is a simplified way to perform an investigation, adding events without opening extra tabs or losing context.
- Investigator journal. This shows the investigation trail for HR or other investigator. It organizes all searches and views in a journal to make the entire action history easy to view and includes the ability to manually add notes for offline actions (e.g., a phone call).
- Extensible analytics and collaborations. This allows information from other sources to be integrated into an investigation and includes from all context with analytics.
The announcement of User Behavior Analytics (Splunk UBA) includes a welcome to new Splunk family member Caspida. A “technological leap” that brings both data science and machine learning to cyber security, UBA looks at the whole environment holistically and considers both real-time and long-term horizons.
Merza knows that attackers do not rest, and he made a commitment to Splunk customers: “I promise you we will work together, that Splunk will keep listening to you and your insights. I promise you that we will never give up.”
A personal war room
“Bringing sexy back to IT service monitoring“ is a promise made by Splunk IT Markets Field Leader/ITOA Global Practice Manager, Johnathon Cervelli.
“What if Splunk had not only data but context to make data relevant to real life? If it could speak language that even your bosses could understand?” he asked the audience as he announced the new Splunk for IT Service Intelligence (ITSI), telling the audience to “teach Splunk what you really do.”
“This is your personal war room,” Cervelli said, listing the features of ITSI, including ad-hoc searches, instant correlation between events, anomaly detection and tie back to raw data and comparisons with historical data — all powered by Splunk searches.
Client testimonials include AdvancedMD, whose representative calls Splunk a “killer solution” because “Splunk ITSI allows us to look at highly distributed claims perspective from the perspective of claims not a server, network or database.”
ITSI is available for free trial on Splunk Cloud.
Challenge for hackathons before Splunk.conf 2016
Sullivan returned to the stage to summarize the day’s announcements:
- Splunk Enterprise 6.3
- Hunk 6.3
- Splunk Enterprise Security 4.0
- Splunk User Behavior Analytics
- Splunk IT Service Intelligence
“Value is in the heads of your power users and your developers,” said Sullivan, who challenged customers to have their own Splunk hackathons, promising to showcase the best creations at Splunk .conf 2016.
Watch the full interview below, and be sure to check out more of SiliconANGLE and theCUBE’s coverage of Splunk .conf 2015.
Photos by SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU