With more announcements and customer stories at #AWSSummit than you could shake a stick at, picking up on one over any others is a difficult task. Splunk is a popular topic in the industry, and the announcement that Splunk Cloud is now available will probably mean there will be many new converts to the popular platform. Splunk is used for a lot of things, including security, and this announcement promises to be a full-featured Splunk Enterprise now delivered as a service. Today, the company has over 7,000 customers using the technology to search and analyze massive amounts of data, and among the numerous benefits, many are using it to deepen business and customer understanding, improve the performance of services, reduce costs and mitigate cybersecurity risks. That’s a lot of uses so this will probably prove to be popular, so we’ll delve a bit into the security side of things.
First off, Splunk has made it very clear that although this is a cloud product, it is the full Splunk Enterprise solution. This only adds the convenience of cloud architecture, meaning you don’t have to stand up a bunch to get it going, it integrates easily with added cloud infrastructure and can integrate to on-prem systems as before. All the support for alerts, applications, APIs and SDKs are part of the feature list, merely adding the software as a service benefit. If you haven’t become familiar with Splunk yet, if you’re in AWS, it’s going to be a whole lot easier to add.
The big selling point is the advantage of gaining visibility into security posture, customer analytics and operational status without much administrative effort and operational overhead. That’s what most people utilize the product for, ready-made analytics that produce easy graphs that deliver well up to the exec level. It’s pretty quick to learn and easy to use, which sells. That being said, Splunk Cloud will prove to leverage this extreme usability with this added benefit of extreme accessibility and they should have many more converts as a result. If you haven’t heard enough about Splunk, you will.
As far as pricing goes, that’s where Splunk has leveraged their position as a popular and well-marketed product into a veritably profitable business. Again, usability sells and that’s where they hang their hat. The security use cases for Splunk are growing and you can imagine with a steadily growing number of practitioners, the development of Splunk as a security product will continue to evolve. Knocks on Splunk within the security world have focused on specialized functionality, questions about scale and the proposition of cost.
Indeed, a handful tools that are built for security parallel what Splunk is doing here, carrying tremendously capable underlying technology that can scale and be tuned to specific needs at an advantageous price point. The issue for competitors is the amount of specialized training required, customization, and the fact that user interfaces haven’t quite gotten to the level of Splunk’s. The market has dictated that a tool like Splunk’s that features a nice user interface and is overwhelmingly useful in situation after situation is going to be preferred, if only to avoid extensive support and training. Speed to implementation, ease of use and turning out quick reports, that’s Splunk’s winning formula and a cloud-based service that has all the features is a bet on a winner.
Here’s Laz @ Splunk.conf 2013:
Splunk Cloud is available in the US/Canada from 5GB to terabytes per day.