Gov & Education Day 2015 - Overview
•
2 gostaram•311 visualizações
Splunk Overview Ravi Iyer, Sr. Director, Product Management, Security Markets, Splunk
Recomendados
Recomendados
Mais conteúdo relacionado
Destaque
Mais de Splunk
Mais de Splunk (20)
Último
Último (20)
Gov & Education Day 2015 - Overview
- 1. Copyright © 2015 Splunk Inc. Splunk Overview
- 2. Ravi Iyer Sr. Director, Product Management Security Markets, Splunk
- 3. 3 23 Exabytes* of information was recorded and replicated in 2002. We now record and transfer that much information every 7 days. *An Exabyte = 3000 times all content of the Library of Congress
- 4. 4
- 5. Mar 01 19:18:50:000 aaa2 radiusd[12548]:[ID 959576 local1.info] INFO RADOP(13) acct start for 2172618992@splunktel.com 10.164.232.181 from 12.130.60.5 recorded OK. 2013-03-01 19:18:50:150 10.2.1.34 GET /sync/addtolibrary/01011207201000005652000000000053 - 80 - 10.164.232.181 "Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3" 503 0 0 825 1680 Mar 01 19:18:50:163 aaa2 radiusd[12548]:[ID 959576 local1.info] INFO RADOP(13) acct stop for 2172618992@splunktel.com 10.164.232.181 from 12.130.60.5 recorded OK. EXAMPLE OF VALUE IN MACHINE DATA IP Address Phone Number Track ID Error Code Copyright © 2014 Splunk Inc.
- 6. Big Data from Machines Volume | Velocity | Variety | Variability GPS, RFID, Web Servers, Email, Messaging, Clickstreams, Mobile, Telephony, IVR, Databases, Sensors, Telematics, Storage, Servers, Security Devices, Desktops 6
- 7. Structured RDBMS SQL Search Schema at Write Schema at Read Traditional Splunk Asking Unstructured Questions Requires a Different Approach Copyright © 2014 Splunk Inc. ETL Universal Indexing Volume Velocity Variety Unstructured
- 8. COLLECT DATA FROM ANYWHERE SEARCH AND ANALYZE EVERYTHING GAIN REAL-TIME OPERATIONAL INTELLIGENCE The Power of Splunk 8
- 9. Turning Machine Data Into Business Value 9 Index Untapped Data: Any Source, Type, Volume Online Services Web Services Servers Security GPS Location Storage Desktops Networks Packaged Applications Custom ApplicationsMessaging Telecoms Online Shopping Cart Web Clickstreams Databases Energy Meters Call Detail Records Smartphones and Devices RFID On- Premises Private Cloud Public Cloud Ask Any Question Application Delivery Security, Compliance and Fraud IT Operations Business Analytics Industrial Data and the Internet of Things
- 10. Platform for Operational Intelligence The Splunk Portfolio Rich Ecosystem of Apps & Add-Ons Splunk Premium Solutions Mainframe Data Relational Databases MobileForwarders Syslog/TCP IoT Devices Network Wire Data Hadoop
- 11. Better Application Management and Business Analytics With Splunk Understand device and app usage trends for orders Real-time revenue insights from store data Visibility into online and mobile coupon redemption Refine campaigns for higher conversion 11
- 12. 12 Catching Thieves with Splunk – In Real Time
- 13. Building Smarter Transportation With Splunk Improving Safety Reducing Fuel Costs Improving On-Time Operations Over $1 Billion in Potential Savings 13
- 14. 14 Make machine data accessible, usable and valuable to everyone. 14
- 15. Thank You
Notas do Editor
- With that, I’d like to introduce our first presenter, Ravi Iyer, Sr. Director – Security Markets Group, Splunk KELCY – PASS THINGS OVER TO RAVI
- It is predicted that this type of data that is generated will double every year over the next 10 years. I am going to go out on a limb and predict that the value of this data will also double every year over the next 10 years. So what do we mean when we talk about value of data. This will double over every year over the next 10 years Prediction – The value of this data will also double What do we mean by value of this data. Let us understand this data
- So what do I mean when I say the value of this machine-generated data is going to double every 10 years? To answer that let us understand machine data. Where does this data come from? There are trillions of sensors that monitor and track, things – generating real-time data. When you download the latest Taylor Swift song on to your iPhone from the Appstore somewhere somehow there is data generated that you and an iPhone with some ID and an IP address downloaded a Taylor Swift song or (U2 Song). This data originates from multiple locations your iPhone, the iCloud, the Appstore moves around to a data center and gets stored in some location. Similarly when you walk into a store, your iPhone or Android’s MAC address is captured and stored away by the store. They may chose to use it for all kinds of things from predicting demand to sending you a coupon. This kind of unstructured streams of data coming in at high volume is critical for organizations to make sense of and offer you a better experience. Where does the data come from – e.g. Storing of MAC addresses Unstructured stream of data for Now we know where machine data comes from, why is it valuable
- Machine data is incredibly valuable, but lacks business context. For example, this excerpt from this hypothetical phone company contains none of the customer's identifying information is in the logs; we simply identified a phone that has had problems downloading music. Once we have this information, we can enrich this with data from the customer database. How can we do this? Splunk DB Connect, delivers reliable, scalable, real-time integration between Splunk Enterprise and relational databases. It enables organizations to combine powerful operational insights from machine data with valuable business context from relational databases.
- All the webservers, applications, network devices, mobile devices, sensors – all of the technology infrastructure running your organization– generates massive streams of data, in an array of unpredictable formats that are difficult to process and analyze by traditional methods or in a timely manner. Why is this “machine data” valuable? Because it contains a trace - a categorical record - of user behavior, cyber-security risks, application behavior, service levels, fraudulent activity and customer experience. This data is actually data in flight and there are too many types of data, in too many different formats, and there is a large volume of it coming at really high velocity. This is big data and the value in this data comes from our ability to ask it a series of unstructured questions. Characteristics of machine data – the four V’s - the last two are the most interesting / challenging.
- The rise of big data has forced IT organizations to transition from a focus on structured, relational data, to accommodate unstructured data, driven by the volume, velocity and variety of today’s applications and systems. As the data has changed from structured data to unstructured data, the technology approach needs to change as well. When you don’t know what data types you’ll need to analyze tomorrow or what questions you need to ask in a week, flexibility becomes a key component of your technology decisions. The ability to index any data type, search across silos and avoid being locked into a rigid schema opens a new world of analytics and business insights to your organization. Schema at Read – Enables you ask any question of the deal Search – Enables rapid, iterative exploration of the data along with advanced analytics Universal Indexing – Enables you to ingest any type of machine data Horizontal scaling over commodity hardware enables big data analytics
- At it’s core, the Splunk platform enables you to: Collect data from anywhere – with universal forwarding and indexing technology. Search and analyze across all your data – with powerful search and schema-on-the-fly technology. Rapidly deliver real-time insights from machine data to IT and business people – through a powerful UI and dashboards. This is what we call Operational Intelligence.
- Splunk products are being used for data volumes ranging from gigabytes to hundreds of terabytes per day. Splunk software and cloud services reliably collects and indexes machine data, from a single source to tens of thousands of sources. All in real time. Once data is in Splunk Enterprise, you can search, analyze, report on and share insights form your data. The Splunk Enterprise platform is optimized for real-time, low-latency and interactivity, making it easy to explore, analyze and visualize your data. This is described as Operational Intelligence. The insights gained from machine data support a number of use cases and can drive value across your organization. [In North America] Splunk Cloud is available in North America and offers Splunk Enterprise as a cloud-based service – essentially empowering you with Operational Intelligence without any operational effort.
- The Splunk platform consists of multiple products and deployment models to fit your needs. Splunk Enterprise – for on-premise deployment Splunk Cloud – Fully managed service with 100% SLA and all the capabilities of Splunk Enterprise…in the Cloud Splunk Light – allows smaller IT organizations to get started with Splunk – on premise or in the cloud Hunk – for analytics on data in Hadoop Apps and add-pns from Splunk and our community extend and simplify deployments by providing pre-packaged content designed for specific use cases and data types. And premium solutions from Splunk apply real-time intelligence and rich, domain-specific functions to manage your security posture, IT operations and more.
- Domino’s Pizza is the world’s largest pizza delivery chain, serving over 1 million customers per day. Domino’s is consistently in the top 5 for online transactions, behind Amazon and Apple. As a result, web and app sales are a huge component of their business – 40% of US sales come through digital channels and need to be routed to the nearest Domino’s (source: http://www.dominosbiz.com/Biz-Public EN/Site+Content/Secondary/About+Dominos/Fun+Facts/). Splunk software is being used by the Domino’s Site Reliability team, which is responsible for ensuring online customers have the best experience possible. Before Splunk: Downtime impacts customer experience and sales, ability to resolve issues quickly is critical Addressing downtime was often reactive – they would see a dip in sales, and then manually search the log files to determine what happened It would take 2 – 3 hours to search and tie the logs back to the customers impacted When the executive team requested reports on promotion performance, it would involve someone late at night pulling the data and crunching the numbers daily. After Splunk: Proactive alerts: Domino’s created alerts to proactively notify the team before a dip in sales occurred, and enabled them to easily search and resolve issues within 5–15 minutes. Business Analytics: Domino’s uses Splunk to track sales, orders per minute, and coupons – down to the county level. Real-time promotion tracking & Exec Reports: Dashboard to track promotions in real-time for the marketing department – for instance, for 50% off online coupon promotions. Splunk software is now being used to generate automated reports that are emailed to the executive team.
- NYAB is a supplier of innovative train control systems for the railroad industry. New York Air Brake’s Train Dynamic Systems Division is using Splunk to manage inter-train forces, the “slinky factor” inherent in large freight trains with 6 inches of flex between cars. With Splunk, they are able to: Produce insight and reports allowing the owners of the locomotives they manage to better train the engineers, and better manage the acceleration and braking of the trains throughout thousand mile journeys Managing this data with Splunk, they can produce 1% fuel savings for customers For their largest customers this can mean a billion dollars in savings a year
- At Splunk, our mission is to make machine data accessible, usable and valuable to everyone. And this overarching mission is what drives our company and product priorities.