10. 10
Splunk Company Overview
10
Company
• Global HQs:
San Francisco
London
Hong Kong
• 2,000+ employees
globally
• Annual Revenue:
$669M (YoY +48%)
• NASDAQ: SPLK
Products
• Free trial to massive scale
• Splunk products:
Splunk Enterprise
Splunk Cloud
Hunk
Splunk Light
Splunk MINT
Premium Solutions
Customers
• 11,000+ customers
• Across 110 countries
• Small to large
organizations
• More than 85 of the
Fortune 100
• Largest license:
1.2 Petabyte/day
11. Technology Telecommunications Travel and Leisure
Education
Healthcare
Energy and Utilities
Manufacturing
Financial Services and Insurance
Media
Proven at 11,000+ Customers in 110 Countries
85 of the Fortune 100
Retail
Cloud and Online Services
Government
12. YOUR DEDICATED TEAM IN 2016
Eric LECOQ Area Vice President, South EMEA
Curzio TREZZANI Partner Account Manager, South EMEA
Guillaume AYME Manager Sales Engineer, South EMEA
Guillemette MARY Senior Marketing Manager, South EMEA
Luca de GIORGI Account Manager, Italy
Roberto SERRA Account Manager, Italy
Chiara FUMAGALLI Account Manager, Italy
Cristian LOTTI Sales Engineer, Italy
Stefano RADAELLI Sales Engineer, Italy
Giovanni MORREALE Distribution Sales Engineer, EMEA
Marco CONTINI Inside Sales, Italy
13. SEPT 26-29, 2016
WALT DISNEY WORLD, ORLANDO
SWAN AND DOLPHIN RESORTS
• 5000+ IT & Business Professionals
• 3 days of technical content
• 165+ sessions
• 80+ Customer Speakers
• 35+ Apps in Splunk Apps Showcase
• 75+ Technology Partners
• 1:1 networking: Ask The Experts and Security
Experts, Birds of a Feather and Chalk Talks
• NEW hands-on labs!
• Expanded show floor, Dashboards Control
Room & Clinic, and MORE!
The 7th Annual Splunk Worldwide Users’ Conference
PLUS Splunk University
• Three days: Sept 24-26, 2016
• Get Splunk Certified for FREE!
• Get CPE credits for CISSP, CAP, SSCP
• Save thousands on Splunk education!
16. CLOUD AND HYBRID IT
SOFTWARE-DEFINED DATACENTERS
CONTINUOUS APP DELIVERY
ANALYTICS-DRIVEN SECURITY
INTERNET OF THINGS
17. IoT WORKLOADS
Blurring the Lines Between Digital & Physical
Security
Ops
Center
Business
Ops
Center
IT Ops
Center
CLOUD WORKLOADS ENTERPRISE IT
WORKLOADS
18. IoT WORKLOADS
Blurring the Lines Between Digital & Physical
Security
Ops
Center
Business
Ops
Center
IT Ops
Center
CLOUD WORKLOADS ENTERPRISE IT
WORKLOADS
ADVANCED ANALYTICS
FAST TIME TO VALUE
DATA INGEST AT SCALE
22. Why Splunk?
FAST TIME-TO-VALUE
CLOUD, ON-PREMISE & HYBRID DEPLOYMENT
VISIBILITY ACROSS STACK, NOT JUST SILOS
ONE PLATFORM, MULTIPLE USE CASES
ANY DATA, ANY SOURCE, ASK ANY QUESTION
23. Disruptive Approach to Unstructured Data
Structured
RDBMS
SQL Search
Schema at Write Schema at Read
Traditional Splunk
ETL Universal Indexing
23
Volume Velocity Variety
Unstructured
24. Turning Machine Data Into Business Value
Index Untapped Data: Any Source, Type, Volume
Online
Services Web
Services
Servers
Security GPS
Location
Storage
Desktops
Networks
Packaged
Applications
Custom
ApplicationsMessaging
Telecoms
Online
Shopping
Cart
Web
Clickstreams
Databases
Energy
Meters
Call Detail
Records
Smartphones
and Devices
RFID
On-
Premises
Private
Cloud
Public
Cloud
Ask Any Question
Application Delivery
Security, Compliance and
Fraud
IT Operations
Business Analytics
Industrial Data and
the Internet of Things
25. Proven Customer Value Across Use Cases & Industries
Increased
revenues from
higher uptime
Savings
from fraud
prevention
Revenues
from faster
product launch
Optimizing
fuel use with
sensor data
Reduction in
SLA payouts
Value from
preventing
APTs
$11.0 M $25.0 M $10.0 M $200+ M $1.8 M $1.0 + B
$11.0 M $25.0 M $10.0 M $200+ M $1.8 M $1.0+ B
Oil & Gas
Services
Telecom
Provider
TransportationFinancial
Services
High Tech
Manufacturing
Online
Services
25
26. Platform for Machine Data
Application
Delivery
Security,
Compliance
and Fraud
Business
Analytics
Internet
of Things and
Industrial
Data
IT
Operations
27. 27
Platform for Application Delivery
and IT Operations
ROOT CAUSE
AND ISSUE
RESOLUTION
PROACTIVE
MONITORING
AND REAL-TIME
ALERTING
DELIVER BETTER
QUALITY CODE
FASTER
CLOUD APP AND
INFRASTRUCTURE
MONITORING
MOBILE APP
TROUBLESHOOTING
USER & USAGE
ANALYTICS
28. Splunk a leader in IT Operations Analytics
Splunk Named Worldwide IT Operations Analytics
Software Market Share Leader in New Report
29. How Vodafone Deliver End-to-end
Insight Using Splunk ITSI
Glass table visualizations enable rapid
and proactive issue resolution
Custom KPIs empower teams across the
business, operations & security
Actionable service insights
in two days, not months
30. 30
Single Platform for Security Intelligence
SECURITY &
COMPLIANCE
REPORTING
REAL-TIME
MONITORING OF
KNOWN THREATS
DETECT
UNKNOWN
THREATS
INCIDENT
INVESTIGATIONS
& FORENSICS
FRAUD
DETECTION
INSIDER
THREAT
Splunk Complements, Replaces and Goes Beyond Existing SIEMs
31. 31
Rapid Ascent in the Gartner SIEM Magic Quadrant*
*Gartner, Inc., SIEM Magic Quadrant 2011-2015. Gartner does not endorse any vendor, product or
service depicted in its research publication and not advise technology users to select only those
vendors with the highest ratings or other designation. Gartner research publications consist of the
opinions of Gartner’s research organization and should not be construed as statements of fact.
Gartner disclaims all warranties, express or implied, with respect to this research, including any
warranties of merchantability or fitness for a particular purpose.
2015 Leader and the only vendor to
improve its visionary position
2014 Leader
2013 Leader
2012 Challenger
2011 Niche Player
2015
32. Protective monitoring of cyber security
attacks on customer accounts
Operational Intelligence across
security and DevOps
Security analytics and
data visualization
How BSkyB Uses Splunk To
Protect Its Customers
33. Platform for Operational Intelligence
The Splunk Portfolio
1000+ Apps
and Add-Ons
Splunk Premium
Solutions
Mainframe
Data
Relational
Databases
MobileForwarders Syslog/TCP
IoT
Devices
Network
Wire Data
Hadoop
34. Fully Integrated Enterprise Platform
HA / DR Admin Data Security Apps SDKs/APIScale
Collect
Data
Index
Data
Enrich
Data
Search &
Explore
Analyze
& Predict
Report &
Visualize
Alert &
Action
34
35. Cloud Is a Journey and Splunk Is Your Partner
Instant Secure Reliable
100%
Uptime SLA
Hybrid
37. With Splunk, Your Enterprise Data Platform
SAME DATAOf the
Asking Different QUESTIONS
Different PEOPLE
37
38. What We Hear From Our Customers!
“My CIO is demanding we look at IT from a business service perspective.”
“Splunk is great for break-fix, but I need to show we’re meeting SLAs.”
“I need everyone to be able to see the same thing at the same time.”
“I just want to throw data at Splunk and have it find problems for me.”
“Show me what my data can do for me!”
41. Let’s remind everyone what a Service is
Payroll
E-Commerce Site
CRM
Fulfillment
System
Service
Desk
Trading
Application
Middleware
Service
Authentication
42. Platform for Machine Data
Splunk IT Service Intelligence
Data-Driven Service Monitoring and Analytics
At-a-Glance
Problem Analysis
Early Warning
on Deviations
Dynamic
Service Models
Seamless Workflow
Integrations
43. 43
How Do You Get It?
ONLINE SANDBOX
7 days of access to a free, personal
environment in the Cloud, with pre-
populated data
44. Platform for Machine Data
Application
Delivery
IT
Operations
Security,
Compliance
and Fraud
Business
Analytics
Internet
of Things and
Industrial
Data
Application
Delivery
IT
Operations
45. Splunk Security Intelligence
Security and
Compliance
Reporting
Monitor and
Detect Known/
Unknown Threats
Fraud
Detection
Insider
Threat
Incident
Investigations
and Forensics
Security
Analytics
46. 2015
46
Splunk Enterprise Security
*Gartner, Inc., SIEM Magic Quadrant 2011-2015. Gartner does not endorse any vendor, product or service depicted in
its research publication and not advise technology users to select only those vendors with the highest ratings or other
designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not
be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research,
including any warranties of merchantability or fitness for a particular purpose.
The only vendor in
2015 to improve its
visionary position
2015: LEADER
2014: Leader
2013: Leader
2012: Challenger
2011: Niche Player
Ascending the Gartner SIEM Magic Quadrant*
54. 54
Big data and analytics go hand in hand
Security analytics
IT operational analytics
Customer analytics
IoT analytics
Product analytics
55. Platform for Machine Data
Application
Delivery
IT
Operations
Security,
Compliance
and Fraud
Business
Analytics
Internet
of Things and
Industrial
Data
Security,
Compliance
and FraudApplication
Delivery
IT
Operations
Business
Analytics
Internet
of Things and
Industrial
Data
56. 56
Extending Splunk for Business Analytics
Splunk Software Complements Existing BI Solutions
CUSTOMER
EXPERIENCE
PRODUCT
ANALYTICS
BUSINESS
PROCESS
ANALYTICS
DIGITAL
MARKETING
57. 57
How Gatwick Airport Ensures Better
Passenger Experience With Splunk Cloud
On-time efficiency & dramatic queue reduction
with 925 flights per day
Real-time, predictive airfield analytics
deliver on mobile app & Apple watch
Data from airport gates, board pass scans,
x-ray, travel, passenger flow
58.
59.
60. Real-time insight enables
speed of innovation
Providing trend analysis for
campaigns & advertising services
Simple analytics for
everyone in real-time
Deeper understanding of
user behavior
How Shazam Listens To
Its Customers With Splunk
61. 61
Splunk for Industrial Data & the
Internet of Things
REMOTE
TROUBLESHOOTING
& PREVENTIVE
MAINTENANCE
SECURITY &
COMPLIANCE
DEVICE USAGE &
CUSTOMER
ANALYTICS
OPERATIONAL
EFFICIENCY
62. How VW Visualizes Connected Car Data
VW Data Labs
Connected Car program
Post-sales big data
visualization
Customer loyalty &
retention
IoT analysis & prediction of
customer needs
63. 24 Hour DB Hackathon
Highlight defect impact &
rail construction issues
Predictive maintenance
& reduced disruption
Transport, infrastructure,
environment & journey data
How Deutsche Bahn Analyzed
Tracks in 24 Hours
64.
65. Top ten types of notifications about issues
that have occurred in the transportation infrastructure
66. What kinds of defects occur and quantify how big the deviations are
Correlated with materials of the track sleepers: concrete (“Beton”) vs. wood (“Holz”)
Track deviations with indication notifications. Blue bars denote “no known issues”
67. Width of Sankey bar shows amount of track deviations between different destinations
Fulda and Frankfurt has high track deviations (it is the widest bar)
Indicates the need for upcoming repair, maintenance and possible renewal
Curzio welcomes Eric
Good morning Ladies and Gentleman
My name is Kevin Davis, AVP for US Federal Sales at Splunk. First of all, I want to welcome all of you to SplunkLive. It’s great to see some of our old time customers, but also new customers that are joining us today.
I would like to begin by asking for a show of hands to a few questions:
How many of you have been to a SplunkLive event before?
How many of you are already Splunk customers?
Of the customers, how many use Splunk for:
Security & Compliance?
Big Data?
IT Operations & Application Management
How about customers using Splunk for multiple use cases?
It’s fascinating to see how customers adopt Splunk to solve a specific problem; get comfortable with the platform, then unleash their creativity to tackle even more business challenges within their enterprise.
Our agenda is designed to appeal to all of you with a focus on three goals:
Highlight how customers get value from Splunk and help you identify new ways to leverage your Splunk investment
Provide a forum for you to meet and network with peers
Provide you more training on Splunk
Curzio
So let’s take a look at the agenda and see who is here to help us:
First, Matt Davies, will open the day with the Splunk Overview. He is teamed up with SE’s to deliver several product demos
Then, we will have 3 customer presentations this morning.
Our Customer Speakers are:
After lunch at 13:00 we will have our first set of breakouts, with 2 tracks and then at 16:30 our 2nd set of break-outs with 2 more tracks, then happy hour at 17:30.
Curzio & introducing Eric
Also without our sponsors we couldn’t be here today. So please stop by across the foyer. Thanks to all of you for being here and most of all sponsoring our happy hour!
Curzio welcomes Eric
Eric
Eric
Eric
Eric presents global overview & Curzio for Italian part
ERIC
More than 10,500 customers in 100 countries have purchased the enterprise license of Splunk. This includes a majority of the Fortune 100. Enterprises, service providers and government agencies in 100 countries use Splunk to improve service levels, reduce IT operations costs, mitigate security risks and drive new levels of operational visibility.
As they gain new visibility into their real-time and historical machine data, Splunk’s customers are finding answers and solving the most challenging issues facing IT and the business.
Eric
ERIC
We’re headed to the East Coast!
2 inspired Keynotes – General Session and Security Keynote + Super Sessions with Splunk Leadership in Cloud, IT Ops, Security and Business Analytics!
165+ Breakout sessions addressing all areas and levels of Operational Intelligence – IT, Business Analytics, Mobile, Cloud, IoT, Security…and MORE!
30+ hours of invaluable networking time with industry thought leaders, technologists, and other Splunk Ninjas and Champions waiting to share their business wins with you!
Join the 50%+ of Fortune 100 companies who attended .conf2015 to get hands on with Splunk. You’ll be surrounded by thousands of other like-minded individuals who are ready to share exciting and cutting edge use cases and best practices. You can also deep dive on all things Splunk products together with your favorite Splunkers.
Head back to your company with both practical and inspired new uses for Splunk, ready to unlock the unimaginable power of your data! Arrive in Orlando a Splunk user, leave Orlando a Splunk Ninja!
REGISTRATION OPENS IN MARCH 2016 – STAY TUNED FOR NEWS ON OUR BEST REGISTRATION RATES – COMING SOON!
Matt
Good morning everyone and welcome to SplunkLive!
I couldn’t be more excited to be here with all of you today.
Matt
These are exciting times. We are living in a world that is:
- Mobile and connected – with traditional boundaries expanding into the cloud
- With new software-defined data centers – creates significant advantages while also creating new challenges in identifying and solving bottlenecks
- And applications that are being delivered continuously, with some organizations releasing new code multiple times per day.
- We also see a new analytics-driven approach – because simply monitoring of traditional security events just doesn’t cut it anymore
- And an explosion of the Internet of Things – which could change entire industries
- As a result of these mega-trends, machine data has become one of the fastest growing and most complex areas of big data.
- if harnessed properly, it can drive innovation,
- help to deliver, manage, and secure mission-critical services,
- and enable companies and government agencies to better understand their customers.
We just have to listen to the data.
Matt
That’s where we come in. Spunk’s mission is to make machine data accessible, usable, and valuable to everyone.
Matt
Where Science meets Data
Powers everything!
If organizations don’t analyze data available to them, their competition will and they will separate themselves! Think about it, 20 years ago, you may have thought a website was optional.
Organizations use Splunk products to gain fast visibility and insights from their machine data to:
1. Find and fix problems dramatically faster, investigate incidents and attacks
2. Automatically monitor to identify issues, problems and attacks
3. Gain end-to-end visibility to track and deliver on IT KPIs and make better-informed IT decisions
4. Gain real-time insight from operational data to make better-informed business decisions
Matt
Fast Time-To-Value – Splunk can be downloaded and installed in minutes. If that’s not fast enough you can get a cloud instance in seconds.
Any Data – Splunk can ingest data from any machine data source. It’s not application, vendor, or hardware specific.
Ask any question – It’s impossible to know all the questions you will ask of your data. Often answering one question leads to another. The schema-on-the-fly approach allows you to ask any question of your data.
Visibility across stack – Because you can ingest this data from any source you can quickly gain visibility across all of them.
One Platform – This is more than log aggregation and search software. Let me show you.
Choose Splunk as a SaaS offering, on-premise or hybrid. You get one universal view of your data.
Matt
Traditionally, machine data was generated and part of the data would be stored in a specific, pre-defined way. This creates limits in the questions that can be asked of the data.
Splunk takes a disruptive approach by storing the data in it’s raw, original format, and creates a schema at the last possible moment; when the question is asked. Because of this, there are no limits to the questions that can be asked of the data. Speaking of no limits…
No limits on where you can collect it from
No limits on the formats of data
And no limits on scale
Some customers are indexing 100’s of TB per day, searching across thousands of types of data all in different formats.
Matt
Splunk products are being used for data volumes ranging from gigabytes to hundreds of terabytes per day. Splunk software and cloud services reliably collects and indexes machine data, from a single source to tens of thousands of sources. All in real time. Once data is in Splunk Enterprise, you can search, analyze, report on and share insights form your data. The Splunk Enterprise platform is optimized for real-time, low-latency and interactivity, making it easy to explore, analyze and visualize your data. This is described as Operational Intelligence.
The insights gained from machine data support a number of use cases and can drive value across your organization.
[In North America]
Splunk Cloud is available in North America and offers Splunk Enterprise as a cloud-based service – essentially empowering you with Operational Intelligence without any operational effort.
Splunk customers are realizing tremendous value across multiple industries and use cases. From Fortune 100 to small shops, enterprises, service providers and government agencies are improving service levels, reduce IT operations costs, mitigate security risks and drive new levels of operational visibility.
As they gain new visibility into their real-time and historical machine data, Splunk’s customers are finding answers and solving the most challenging issues facing IT and the business.
Matt
We continue to invest to make Splunk the leading platform for machine data.
We’re continuing to invest in both Splunk Enterprise as software, as well as our SaaS offering, Splunk Cloud.
Splunk uniquely supports organizations that are running operations on premises, in the cloud or in a hybrid environment.
We’re also investing heavily in solutions that make it easy for you to meet your goals across IT Operations, App delivery, Security, Fraud, Compliance; business analytics and industrial data.
With Splunk software and cloud services, you can quickly identify and pinpoint code-level issues at any stage of the development and release process. You can find and fix bugs quickly so you can ship product faster, gain insights into application usage and user behavior and get real time, mission-critical visibility into every step, system and process involved in building, testing and shipping new products to your customers.
Splunk’s universal machine data platform empowers you to consolidate all information within a unified console to find the root-cause of issues, proactively manage events and incidents and reduce resolution times. You can quickly create alerts to proactively monitor your distributed infrastructure and complex applications/services.
With Splunk MINT, our Mobile Intelligence solution, we’re now extending Operational Intelligence to Mobile Applications. With Splunk MINT, you are enabled to deliver reliable, better performing mobile apps with end-to-end visibility across mobile applications and their supporting application infrastructure. You can combine and correlate mobile app data with data from other channels such as web or desktop to gain cross-channel user and usage analytics with the Splunk platform.
We have many apps that monitor cloud applications. The Splunk App for Stream enables the capture of real-time streaming wire data, across distributed infrastructures including private, public and hybrid Clouds. This enables visibility into application, business and user activity without the need for instrumentation, enhancing various operational use cases across IT, security and the business.
Industry: Telco
Use case: IT Ops, ITSI
More can be found at: http://www.splunk.com/view/splunk-at-vodafone/SP-CAAAPA3
Splunk is a Security Intelligence Platform and we can address a number of security use cases. We’re more flexible than a SIEM and can be used for non-security use cases. Splunk software can complement or replace existing SIEM deployments, while also addressing more complex security use cases, such as supporting fraud detection and finding insider threats.
Our rapid ascent reflects the customer traction we have and value we deliver to customers – with thousands of security customers and 40% year-over-year growth, we are the fastest growing SIEM vendor in the market. 2011 was our first time in the MQ; In 2 short years we raced up to the top quadrant in the MQ.
Industry: Media
Use case: Security, DevOps
More can be found at: http://diginomica.com/2014/10/09/bskyb-bolsters-customer-id-login-security-splunk/#.Vh-14xCrRTY
Matt
Data from any source
Available to visualize, analyze report
Specialized content to deliver on specific use cases
The Splunk platform consists of multiple products and deployment models to fit your needs.
Splunk Enterprise – for on-premise deployment
Splunk Cloud – Fully managed service with 100% SLA and all the capabilities of Splunk Enterprise…in the Cloud
Splunk Light – allows smaller IT organizations to get started with Splunk – on premise or in the cloud
Hunk – for analytics on data in Hadoop
Apps and add-pns from Splunk and our community extend and simplify deployments by providing pre-packaged content designed for specific use cases and data types.
And premium solutions from Splunk apply real-time intelligence and rich, domain-specific functions to manage your security posture, IT operations and more.
Matt
Splunk provides an open, fully integrated platform. That means you can collect, index, analyze, report and predict on machine-generated data from a single product. It’s enterprise-ready with high availability and disaster recovery features, role-based access control and scales to index hundreds of terabytes per day. It’s an open platform with over 500 Splunk Apps available and allows for custom development.
Matt
And, we give you access to that data, anywhere you want it. Your Choice: Splunk Cloud, On Prem or Hybrid
We know one of your primary initiatives is Cloud First. Ours is too, so that we can offer you a flexible delivery model that gives you a choice. On premise, in the cloud or both. And you truly can have both because Splunk offers hybrid search, so you still have one view across all of your data whether it resides on prem or in the cloud.
Matt
By giving different people the ability to ask different questions of the Same data, when they need to, we’re helping customers across all of our core use cases move from reactive to proactive.
Matt
By giving different people the ability to ask different questions of the Same data, when they need to, we’re helping customers across all of our core use cases move from reactive to proactive.
Per anni, Splunk è stato d'aiuto per l'ottimizzazione e la sicurezza dell'IT.
Ma ultimamente, stavamo ricevendo richieste da parte dei clienti per poter sfruttare le grandi funzionalità e l'esperienza di Splunk in un'ottica di fornitura di servizi per il Business. In poche parole fornire una nuova prospettiva Business-Oriented.
Ci è stato chiesto, per esempio, come possiamo fornire visibilità della qualità di un servizio, come possiamo misurare uno SLA per garantire un livello di servizio ai nostri clienti, ecc.
Molti di loro hanno anche detto che sono stanchi delle loro soluzioni di Business Service Management (BSM). Sono delusi dello sforzo necessario e del tempo impiegato necessari per mettere in piedi queste soluzioni al fine di fornire un valore.
Quello che ci chiedono è cosa fare per sfruttare ulteriormente i dati che hanno all'interno di Splunk, così da aumentarne il valore. Questo in un'ottica Business-Oriented.
Bene... abbiamo ascoltato i nostri clienti. Quello che abbiamo prodotto è la Splunk IT Service Intelligence.
La nuova soluzione di analisi dei servizi basata sui dati. Suo scopo è la ricerca, individuazione e isolamento delle cause dei problemi, e il costante miglioramento dei dei servizi.
Cosa offre Splunk ITSI?
Con ITSI stiamo offrendo una soluzione per fornire un valore che si implementa in giorni e non in mesi come le altre soluzioni Legacy.
Cambiare l'approccio del classico monitoraggio IT con l'analisi basata sui dati. Cioè non basandosi più sul lavoro di congettura e di ipotesi.
Ridefinire il ruolo dell'IT all'interno dell'azienda, facendolo diventare un partner strategico e non solo un centro di costo.
Arriviamo alla definizione di cos'è un Servizio.
Fornire servizi è il cuore di qualsiasi IT Business. I servizi possono essere interni come ad esempio l'applicazione degli stipendi (Payroll) e il Service Desk aziendale, oppure esterno, come ad esempio il sito di e-commerce critico per il business dell'azienda o servizi tecnici quali i servizi di autenticazione che permettono ai dipendenti di accedere a tutte le applicazioni aziendali.
Cristian
Another key highlight at .conf2015 was introducing another brand new solution: Splunk IT Service Intelligence or ITSI.
Splunk IT Service Intelligence provides visibility into the health and key performance indicators for IT services. This new solution delivers a central, unified view of critical IT services and leverages advanced analytics driven by machine learning to highlight anomalies, detect root cause and pinpoint areas of impact.
SANDBOX: (detailed faq available online)
What is the Splunk IT Service Intelligence Online Sandbox?
The Splunk IT Service Intelligence (ITSI) Online Sandbox is a personal online environment provisioned in the cloud where you can immediately try and experience the power of Splunk ITSI – with the ability to search, visualize, and analyze the pre-populated data.
What data is available in the sandbox?
The data in the sandbox is what you might expect to see from a small three-tier web store. There are web and mobile tiers that end users interact with, a middleware tier and a database tier. The web and mobile tiers are generating web logs, while the middleware and database tiers are generating logs from Splunk App for Stream. There are also OS metrics for all tiers: CPU, memory, disk space and IO Latency.
These pre-populated data sets were selected to provide you with meaningful visual indications and enable a thorough walkthrough of the solution.
Do I need to set up a Splunk.com account to use the Sandbox?
Yes. You can create a Splunk.com account on the Splunk Cloud Free Trial page.
How many Splunk IT Service Intelligence Online Sandboxes can I try?
You may try up to three 15-day sandboxes per account.
TRIAL:
Standard POC engagement
Curzio thanks the customer & introduces Stefano to talk about Security
We're focusing on security.
Stefano
I want to draw your attention to 3 key areas that you said, are top of mind for you! You said…
You want Splunk to do more to: Enable Rapid Investigation and Incident Response
You’ve asked us to develop new analytics for emerging challenges like user behavior analysis
And you want us to help you address Insider Threats
Stefano
Enterprise Security - Our rapid ascent reflects the customer traction we have and value we deliver to customers – with thousands of security customers and 40% year-over-year growth, we are the fastest growing SIEM vendor in the market. 2011 was our first time in the MQ; In 2 short years we raced up to the top quadrant in the MQ.
Splunk can ingest any type of machine data, from any source in real time. These are listed here on the left and are flowing into Splunk for indexing. Once indexed, users can perform the use cases on the top right on the data. They can search through the data, monitor the data and be alerted in real-time if scheduled search parameters are met. The raw data can be aggregated in seconds for custom reports and dashboards. Also Splunk is a platform that developers can build on. It uses a well documented Rest API and several SDKs so developers and external; applications can directly access and act on the data within Splunk. Also, besides indexing raw data into its flat file data store, Splunk can also retrieve and index data that resides in other data stores such as a SQL database or Hadoop.
Splunk can easily ingest external data to enrich existing data Splunk has indexed to increase accuracy and reduce false positives. This external could come from a wide range of sources outlined on this slide. It includes employee information from AD, asset information from a CMDB, blacklists of bad external IPs from 3rd-party threat intelligence feeds, IP ranges of critical internal networks (like a PCI-related credit cardholder environment). Correlation searches can include this external content. So for example Splunk can alert you if a low-level employee accesses a file share with critical data, but not if the file share has harmless data. Or Splunk can alert you if a user name is used specifically for an employee who no longer works for your organization. These are especially high-risk events.
Find RATs. ….
Splunk for Enterprise Security provides the capabilities to run your security operations, combat Fraud and much more!
Customers use Enterprise Security to power their Next Generation Cyber Threat Fusion center to fend off today’s advance threats.
<next slide>…
Matt
Good morning everyone and welcome to SplunkLive!
I couldn’t be more excited to be here with all of you today.
Curzio introduce Matt for Business Analytics
We're focusing on Business Analytics.
Splunk products analyze and visualize machine-generated data—a data type fundamentally different from the structured data analyzed by BI tools.
Real-time insights from this new class of data provides critical insights in a timely fashion. Splunk software and cloud services can provide access to machine data and also enrich machine data with structured data from relational databases. For data at rest, Hunk provides an easy way to access the data without the need of specialized skills and MapReduce code.
There are 4 key areas where Splunk helps accelerate business analytics:
Digital Marketing – Real-time insights into marketing campaigns, user engagement and shopping cart conversion across multiple channels. Digital marketers, web/digital analyst looking to complement free tools and moving beyond single source of data (clickstream) benefit from using Splunk software.
Customer Experience Analytics – Measure and analyze customer behavior and identifying opportunities to increase customer engagement, conversion. Web/Digital Analyst or WebOps teams responsible for providing a better user experience on the site require going deeper into the data and combining/correlating data across various sources.
Product Analytics – Analyze product feature adoption, usage and effectiveness resulting in better conversion or user engagement. Product managers/analysts that monitor and optimize the website or mobile apps also benefit from Splunk, as they get usage/adoption of the features in real-time and can pinpoint areas of opportunities for improvement.
Business Process Analytics - Business process analytics provides end-to-end real-time insights across the complete business process. Taking data from middleware and from various applications or touch points within websites or services help business owners, customer service organizations, business analyst monitor and optimize business processes.
Industry: Transport
Use case: IoT and Analytics, Cloud
More can be found at: http://www.v3.co.uk/v3-uk/feature/2427647/gatwick-s-it-future-will-take-off-with-cloud-powered-predictive-analytics
Industry: Online, Technology
Use case: App Delivery and analytics
More can be found at: http://www.splunk.com/view/splunk-at-shazam/SP-CAAANV2
Shazam are pioneering the way we consume music on our mobile with their app downloaded onto more than 500 million mobile devices to date and adding users at a rate of 13 million per month.
They have about 100 million monthly active users and they “Shazam” more than 20 million times per day.
Shazam use Splunk for real-time business analytics for their customer service, engineering and sales/marketing teams.
They use Splunk to monitor customer experience, new feature adoption, improve user engagement and accelerate their product innovation.
Splunk’s use cases for Industrial Data and the Internet of Things include:
Operational Efficiency: Using the data produced by devices and processes to generate insights into operations, availability and capacity. For example in a manufacturing environment, you can better understand short and long term trends in equipment behavior and production and use that understanding to continuously tune processes resulting in more efficient production and less unscheduled downtime.
Remote Troubleshooting and Preventative Maintenance: When equipment goes down, you can use a combination of alarm, event and sensor data to quickly and efficiently troubleshoot the device and process. With a better understanding of the underlying issue, maintenance personnel will resolve issues faster, and in fewer trips. In addition, you can find patterns and correlations in your data to better predict needed maintenance and even mitigate failures.
Security and Compliance: Connected sensors, machines and critical applications demand a serious security solution. Splunk software monitors all of your data, and can help you monitor for, and prevent, both outside and insider threats. In addition, Splunk reporting can be used to generate compliance reports from utilization and security perspectives.
Device Utilization and Customer Analytics: gain insight into how end users are using the devices and systems you manage – in real world use cases. Monitoring for user error or patterns in end user demographics can provide insight valuable when revising device manuals and user interfaces, or even from a marketing perspective when marketing consumables or new products.
Industry: Automotive/Manufacturing
Use case: IoT and Analytics
More can be found at: http://www.techworld.com/news/big-data/volkswagen-group-uses-splunk-underpin-iot-experiment-3575744/
Splunk have been working with VW’s data labs on their connected car and IoT program. Splunk is being used to analyse sensor data from VW’s E-Up cars. Splunk’s ability to search, alert, report and analyse IoT data allowed VW to see a fleet of E-Up cars at CeBIT and analyse metrics such as speed, RPM, battery level, range, temperature, when the doors were open and when windscreen wipers were on. This data could also be combined with location, maps and smart watches to show where vehicles had been, heatmaps, and driver heart rate
Splunk have been working with VW’s data labs on their connected car and IoT program. Splunk is being used to analyse sensor data from VW’s E-Up cars. Splunk’s ability to search, alert, report and analyse IoT data allowed VW to see a fleet of E-Up cars at CeBIT and analyse metrics such as speed, RPM, battery level, range, temperature, when the doors were open and when windscreen wipers were on. This data could also be combined with location, maps and smart watches to show where vehicles had been, heatmaps, and driver heart rate
Matt
Matt
Splunk has an active community:
There is an emerging ecosystem of new companies building apps on top of Splunk. They are taking advantage of open APIs and new platform capabilities to create an entirely new generation of applications.
Splunk Answers is the go-to place for your questions – and answers. Our technical support is consistently rated as industry leading and Splunk Answers has answers to thousands of questions.
You can participate in meet-ups and User Groups, contribute to our forums, or attend local SplunkLive events (like this one) to hear from you peers.
Matt
The best part is that Splunk is really easy to try and deploy.
We have multiple options for getting started:
- Try out Splunk Enterprise, Splunk Cloud, or light with our free downloads or online trials.
- Or try our free software download. The free Splunk Enterprise download is the same product that scales to ingest petabytes of data per day.
- Already running with Amazon Cloud deployments? AMIs for Splunk Enterprise and Hunk make it easy to get up and running.