Contenu connexe Similaire à Splunk Discovery Brussels - September 2017 (20) Splunk Discovery Brussels - September 20171. © 2017 SPLUNK INC.
Welcome to
Splunk Discovery, Brussels
Wifi: LT_Visitors
Password: N/A
Social: #SplunkDisco17
2. © 2017 SPLUNK INC.
Agenda
Splunk Discovery Brussels | September 5, 2017
Presentation Speaker Location
9:30 – 10:05 Welcome & Introduction Driss Chhayra Auditorium
10:05 – 10:45 Splunk Overview & Operational Intelligence Demo Richard Hensen & Dominique Dessy Auditorium
10:45 – 11:15 Networking Break Event Hall
11:15 – 12:00 Splunk for Security James Hanlon Auditorium
12:00 – 12:45 Splunk for IT Operations Guillaume Aymé Auditorium
13:00 – 14:00 Lunch Event Hall
14:00 – 16:00 Breakout Tracks – Beginners, IT Operations, Security See Digital Signage
16:00 – 17:00 Happy Hour Event Hall
3. © 2017 SPLUNK INC.
I like Big Data and I cannot lie
Richard Hensen | Sales Engineer
SEPTEMBER, 5 | BRUSSELS
4. © 2017 SPLUNK INC.
During the course of this presentation, we may make forward-looking statements regarding future events or
the expected performance of the company. We caution you that such statements reflect our current
expectations and estimates based on factors currently known to us and that actual events or results could
differ materially. For important factors that may cause actual results to differ from those contained in our
forward-looking statements, please review our filings with the SEC.
The forward-looking statements made in this presentation are being made as of the time and date of its live
presentation. If reviewed after its live presentation, this presentation may not contain current or accurate
information. We do not assume any obligation to update any forward-looking statements we may make. In
addition, any information about our roadmap outlines our general product direction and is subject to change
at any time without notice. It is for informational purposes only and shall not be incorporated into any contract
or other commitment. Splunk undertakes no obligation either to develop the features or functionality
described or to include any such feature or functionality in a future release.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in
the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2017 Splunk Inc. All rights reserved.
Forward-Looking Statements
6. © 2017 SPLUNK INC.
Big Data Comes from Machines
Volume | Velocity | Variety | Variability
GPS,
RFID,
Hypervisor,
Web Servers,
Email, Messaging,
Clickstreams, Mobile,
Telephony, IVR, Databases,
Sensors, Telematics, Storage,
Servers, Security Devices, Desktops
© 2017 SPLUNK INC.
7. © 2017 SPLUNK INC.
ORDER, 2016-05-21T14:04:12.484,10098213,569281734,67.17.10.12,43CD1A7B8322,SA-2100
MAY 21 14:04:12.996 wl-01.acme.com Order 569281734 failed for customer 10098213.
Exception follows: weblogic.jdbc.extensions.ConnectionDeadSQLException:
weblogic.common.resourcepool.ResourceDeadException: Could not create pool connection. The
DBMS driver exception was: [BEA][Oracle JDBC Driver] Error establishing socket to host and port:
ACMEDB-01:1521. Reason: Connection refused
05/21 16:33:11.238 [CONNEVENT] Ext 1207130 (0192033): Event 20111, CTI Num:ServID:Type
0:19:9, App 0, ANI T7998#1, DNIS 5555685981, SerID 40489a07-7f6e-4251-801a-
13ae51a6d092, Trunk T451.16
05/21 16:33:11:242 [SCREENPOPEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
CUSTID 10098213
05/21 16:37:49.732 [DISCEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
{actor:{displayName: “Go Boys!!”,followersCount:1366,friendsCount:789,link:
http://dallascowboys.com/,location:{displayName:“Dallas, TX”,objectType:“place”},
objectType:“person”,preferredUsername:“B0ysF@n80”,statusesCount:6072},body: “Can’t buy
this device from @ACME. Site doesn’t work! Called, gave up on waiting for them to answer! RT if
you hate @ACME!!”,objectType:“activity”,postedTime:“2016-05-21T16:39:40.647-0600”}
What Does Machine Data Look Like?
SOURCES
Order Processing
Twitter
Care IVR
Middleware Error
8. © 2017 SPLUNK INC.
Machine Data Contains Critical Insights
SOURCES
Order Processing
Twitter
Care IVR
Middleware Error
Customer ID Order ID Product ID
ORDER, 2016-05-21T14:04:12.484,10098213,569281734,67.17.10.12,43CD1A7B8322,SA-2100
MAY 21 14:04:12.996 wl-01.acme.com Order 569281734 failed for customer 10098213.
Exception follows: weblogic.jdbc.extensions.ConnectionDeadSQLException:
weblogic.common.resourcepool.ResourceDeadException: Could not create pool connection. The
DBMS driver exception was: [BEA][Oracle JDBC Driver] Error establishing socket to host and port:
ACMEDB-01:1521. Reason: Connection refused
05/21 16:33:11.238 [CONNEVENT] Ext 1207130 (0192033): Event 20111, CTI Num:ServID:Type
0:19:9, App 0, ANI T7998#1, DNIS 5555685981, SerID 40489a07-7f6e-4251-801a-
13ae51a6d092, Trunk T451.16
05/21 16:33:11:242 [SCREENPOPEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
CUSTID 10098213
05/21 16:37:49.732 [DISCEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
{actor:{displayName: “Go Boys!!”,followersCount:1366,friendsCount:789,link:
http://dallascowboys.com/,location:{displayName:“Dallas, TX”,objectType:“place”},
objectType:“person”,preferredUsername:“B0ysF@n80”,statusesCount:6072},body: “Can’t buy
this device from @ACME. Site doesn’t work! Called, gave up on waiting for them to answer! RT if
you hate @ACME!!”,objectType:“activity”,postedTime:“2016-05-21T16:39:40.647-0600”}
Order ID
Twitter ID
Customer ID
Customer ID
Time waiting on hold
Customers Tweet
Company’s Twitter ID
9. © 2017 SPLUNK INC.
Machine Data Contains Critical Insights
SOURCES
Order Processing
Twitter
Care IVR
Middleware Error
Customer ID Order ID Product ID
ORDER, 2016-05-21T14:04:12.484,10098213,569281734,67.17.10.12,43CD1A7B8322,SA-2100
MAY 21 14:04:12.996 wl-01.acme.com Order 569281734 failed for customer 10098213.
Exception follows: weblogic.jdbc.extensions.ConnectionDeadSQLException:
weblogic.common.resourcepool.ResourceDeadException: Could not create pool connection. The
DBMS driver exception was: [BEA][Oracle JDBC Driver] Error establishing socket to host and port:
ACMEDB-01:1521. Reason: Connection refused
05/21 16:33:11.238 [CONNEVENT] Ext 1207130 (0192033): Event 20111, CTI Num:ServID:Type
0:19:9, App 0, ANI T7998#1, DNIS 5555685981, SerID 40489a07-7f6e-4251-801a-
13ae51a6d092, Trunk T451.16
05/21 16:33:11:242 [SCREENPOPEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
CUSTID 10098213
05/21 16:37:49.732 [DISCEVENT] SerID 40489a07-7f6e-4251-801a-13ae51a6d092
{actor:{displayName: “Go Boys!!”,followersCount:1366,friendsCount:789,link:
http://dallascowboys.com/,location:{displayName:“Dallas, TX”,objectType:“place”},
objectType:“person”,preferredUsername:“B0ysF@n80”,statusesCount:6072},body: “Can’t buy
this device from @ACME. Site doesn’t work! Called, gave up on waiting for them to answer! RT if
you hate @ACME!!”,objectType:“activity”,postedTime:“2016-05-21T16:39:40.647-0600”}
Order ID
Twitter ID
Customer ID
Customer ID
Time waiting on hold
Customers Tweet
Company’s Twitter ID
10. © 2017 SPLUNK INC.
Increased
revenues from
higher uptime
Savings from
fraud prevention
Revenues
from faster
product launch
Optimizing
fuel use with
sensor data
Reduction in
SLA payouts
Value from
preventing
APTs
$11.0 M
$11.0 M
$25.0 M
$25.0 M
$10.0 M
$10.0 M
$200+ M
$200+ M
$1.8 M
$1.8 M
$1.0 + B
$1.0+ B
Oil & Gas
Services
Telecom
Provider
TransportationFinancial
Services
High Tech
Manufacturing
Online
Services
Proven Customer Value Across Use Cases and Industries
11. © 2017 SPLUNK INC.
Why Splunk?
SQL Search
Schema at Write Schema at Read
Traditional Splunk
ETL Universal Indexing
Volume Velocity Variety
Unstructured
Structured
RDBMS
12. © 2017 SPLUNK INC.
Turning Machine Data Into Business Value
Index Untapped Data: Any Source, Type, Volume Ask Any Question
Application Delivery
Security, Compliance
and Fraud
IT Operations
Business Analytics
Industrial Data and
the Internet of Things
On-Premises
Private Cloud
Public
Cloud
Storage
Online
Shopping Cart
Telecoms
Desktops
Security
Web
Services
Networks
Containers
Web
Clickstreams
RFID
Smartphones
and Devices
Servers
Messaging
GPS
Location
Packaged
Applications
Custom
Applications
Online
Services
DatabasesCall Detail
Records
Energy Meters
Firewall
Intrusion
Prevention
13. © 2017 SPLUNK INC.
Fully Integrated Enterprise Platform
HA / DR Admin Data Security Apps SDK / APIScale
Collect
Data
Index
Data
Enrich
Data
Search &
Explore
Analyze
& Predict
Report &
Visualize
Alert &
Action
14. © 2017 SPLUNK INC.
▶ Reduced error rates by 2 orders of magnitude
in a couple of weeks
▶ Rapidly found and fixed one line of code
responsible for 30,000+ errors
▶ Real-time dashboards on error rates and
production impact
▶ In-depth visibility as they strategically migrate
apps to AWS Cloud
TECHNOLOGY – SECURITY, IT OPERATIONS
Better Code, Faster Development
and Migration to Cloud
15. © 2017 SPLUNK INC.
Optimize Multi-Channel Marketing Campaigns
Initial WebOps Use Case
▶ WebOps – site monitoring, errors
▶ Troubleshoot issues with releases
▶ Reduced MTTR from days to seconds
▶ Network monitoring in real time
Expansion to
Business Analytics
▶ Multi-channel analytics for web, mobile
and 10,000+ store locations
▶ Real-time revenue insights, product mix
and promotion effectiveness
▶ Marketing campaign optimization
▶
Data sources: weblogs, mobile, app logs, transaction logs, in-store POS data
© 2017 SPLUNK INC.
16. © 2017 SPLUNK INC.
The Splunk Portfolio
Rich Ecosystem of
Apps & Add-Ons
Splunk Premium
Solutions
Mainframe
Data
Relational
Databases
MobileForwarders
Syslog/
TCP
IoT
Devices
Network
Wire Data
Hadoop
Platform for Operational Intelligence
17. © 2017 SPLUNK INC.
Thriving Community
dev.splunk.com
40,000+ questions
and answers
1,300+ apps
Local User Groups and
SplunkLive! events
© 2017 SPLUNK INC.
18. © 2017 SPLUNK INC.
FREE ONLINE TRIAL FREE DOWNLOAD
FREE AMAZON
MACHINE IMAGES (AMI)
Easy to Try and Get Started
1 2 3
19. © 2017 SPLUNK INC.© 2017 SPLUNK INC.
Enjoy your Splunk Discovery
DEMO TIME
22. © 2017 SPLUNK INC.
Splunk for Security:
Splunk Security Vision, Strategy & Evolution
James Hanlon | Director, Security Market Specialisation, EMEA
25. © 2017 SPLUNK INC.© 2017 SPLUNK INC.
The State of Security
Operations 2017
27. © 2017 SPLUNK INC.
31
SECURITY
INCIDENTS:
Only 47% gather
sufficient
information to
take appropriate
action
28. © 2017 SPLUNK INC.
32
INCIDENT
RESPONSE
PLANS:
75% do not have
a managed
incident
response plan
29. © 2017 SPLUNK INC.
33
INCIDENTS
RESPONSE
TIMES:
Incident
Response
requires
collaboration &
time
30. © 2017 SPLUNK INC.
INCIDENT
RESPONSE
BENEFITS:
Lowers cost
and protects the
brand
31. © 2017 SPLUNK INC.
36
SECURITY
LIMITATIONS:
BAU & budget is
limiting security
effectiveness
32. © 2017 SPLUNK INC.© 2017 SPLUNK INC.
Splunk Vision & Strategy
33. © 2017 SPLUNK INC.
▶ Security tools only deliver “alerts,” not “insights”
• Difficult to determine root cause → what’s the real issue
• Same issues keep surfacing despite config / policy changes
▶ Security process is not optimized to “improve posture”
• Not designed to provide big picture view of what’s really happening
• Process is complex, based on isolated views / tools
▶ Skilled people are performing mundane tasks
• Alert overload distracts from priority issues
• Reinventing wheel over and over again
▶ Unclear how to scale across heterogeneous environment
• Prem, cloud, MSSP, global
• New business reqs, technologies, changes in architecture
So, Security is Still a Reactive Game
Tools
Process
People
Scale
34. © 2017 SPLUNK INC.
Reactive
Proactive
Search
and
Investigate
Proactive
Monitoring
and Alerting
Security
Situational
Awareness
Real-time
Risk
Insight
Security
Operations
Maturity
35. © 2017 SPLUNK INC.
2017 Required Security Technology Enablers
Security Alerting Only Context Based Prioritization
Monitoring Only Monitoring Automation
Human Authoring Only Human-Machine Authoring
BusinessRiskDriven
Security
36. © 2017 SPLUNK INC.
WAF & App
Security
Orchestration
Network
Threat Intelligence
Internal Network
Security
Identity and Access
Firewall
Web Proxy
Endpoints
SPLUNK VISION:
The Security Nerve Center
37. © 2017 SPLUNK INC.
Custom
dashboards
Report and
analyze
Monitor
and alert
Developer
Platform
Ad hoc
search
References – Coded fields, mappings, aliases
Dynamic information – Stored in non-traditional formats
Environmental context – Human maintained files, documents
System/application – Available only using application request
Intelligence/analytics – Indicators, anomaly, research, white/blacklist
Real-Time
Machine Data
On-Premises
Private Cloud
Public
Cloud
Storage
Online
Shopping Cart
Telecoms
Desktops
Security
Web
Services
Networks
Containers
Web
Clickstreams
RFID
Smartphones
and Devices
Servers
Messaging
GPS
Location
Packaged
Applications
Custom
Applications
Online
Services
DatabasesCall Detail
Records
Energy Meters
Firewall
Intrusion
Prevention
SOLUTION:
Splunk, the Engine for
Machine Data
38. © 2017 SPLUNK INC.
DATA
SOURCES
PLATFORM
Monitoring
Net Flow
Relational
Databases
IdentityNetwork Endpoint Firewall
Threat
Intelligence
Hadoop
Platform for Operational Intelligence
Real-Time
Monitoring
Advanced
Threat
Detection
Anti-Fraud
Insider
Threats
Security and
Compliance
Reporting
Incident
Investigations
and Forensics
USE
CASES
SOLUTIONS
Visibility,Analytics,Awareness&Action
Vendor Apps
Community Apps
Use Case Apps
Showcase Apps
SPLUNK
PLATFORM:
Security
Architecture
39. © 2017 SPLUNK INC.
Industry
Recognition:
Rapid 5 Year Ascension in
Gartner SIEM MQ
Niche Player
2011
2016
Leader
40. © 2017 SPLUNK INC.
Splunk Positioned as a Leader
in Security Analytics Platforms
Forrester Wave:
Security Analytics Platforms, Q1 2017
Splunk receives highest possible
scores in 17 criteria
*The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of
Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester's call on a market and is
plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any
vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions
reflect judgment at the time and are subject to change.
41. © 2017 SPLUNK INC.
CONTEXT BASED
PRIORITIZATION:
Any data correlation,
enrichment &
contextualization
Risk-Based
Context and
Intelligence
Connecting Data
and People
42. © 2017 SPLUNK INC.
WAF & App
Security
Orchestration
Network
Threat Intelligence
Internal Network
Security
Identity and Access
Endpoints
Firewall
Web Proxy
MONITORING
AUTOMATION:
Splunk Adaptive Response
Partnerships
43. © 2017 SPLUNK INC.
HUMAN MACHINE
AUTHORING:
Security Machine Learning
& Data Science
44. © 2017 SPLUNK INC.
What Customers Have to Say About Splunk UBA
“Splunk UBA is unique in its data-science driven approach to automatically
finding unknown threats rather than the traditional rules-based approaches that
doesn’t scale. We are pleased with the efficacy and efficiency of this solution as it
makes the life of our SOC analysts’ way better.”
– Mark Grimse, VP IT Security, Rambus
“A layered defense architecture is necessary to combat modern-day threats such as
cyberattacks and insider threats, and it’s crucial to use a data science driven
approach in order to find unknown patterns. I found Splunk UBA to be one of the
most advanced technologies within the behavioral analytics space.”
– Randolph Barr, CSO, Saba
46. © 2017 SPLUNK INC.© 2017 SPLUNK INC.
Security Portfolio Evolution
47. © 2017 SPLUNK INC.
▶ Ensure their analysts do have one centralized place to do
security analytics and investigations
▶ Justifying their resources, measuring their playbook efficiency
▶ Implementation of 100+ Playbooks
▶ Dashboards for the operations team to point to malicious
activities for first level triage
Cisco’s own CSIRT in EMEA
uses Splunk
“In order to setup your own playbook there are really 4
questions you need to ask yourself. What am I trying to
protect? What are the threats? How do I discover them?
How do we respond?”
– Imran Islam, leader of Cisco’s EMEA/APAC CSIRT team
TECHNOLOGY – SECURITY
49. © 2017 SPLUNK INC.
▶ Blocked over two million security threats
▶ Orchestrated threat intelligence across 20 security
technologies sitting within its internal Threat
Intelligence System
▶ Automated threat hunting and 90% of its security
metrics process in just two months
Aflac: Automating Threat
Intelligence System With Splunk
“Since implementing Splunk ES as the brain in our security nerve
center, we have found Splunk to be the right solution to quickly
and effectively create and implement security analytics across a
wide array of data sources and security use cases.”
– Senior Vice President, Chief Global Security Officer, Aflac
FINANCIAL SERVICES, SECURITY
51. © 2017 SPLUNK INC.
▶ Using Splunk Enterprise to monitor potential external
security breaches and UBA to detect insider threats
▶ Analyst efficiency to gather data and speed security
investigations has increased by more than 50%
▶ Provides deep understanding of data and reusable
correlation rules across all support engineer levels
Nasdaq: Keeping Markets Moving
“Splunk allows us to have a single skill set that is
common across the entire organization. Information
security is writing queries but using the same
language as our operations team.”
– AVP, Nasdaq
FINANCIAL SERVICES – SECURITY
53. © 2017 SPLUNK INC.© 2017 SPLUNK INC.
MAKING THE MOST OF
TODAY
54. © 2017 SPLUNK INC.
Time to Learn More?
Session:
The Day in the
Life of a GDPR
Breach
Session:
Detect via behavior &
orchestrate via SIEM+
Conversation:
Splunk Security
Solutions
55. © 2017 SPLUNK INC.
Join:
Our Community with
Apps, Ask Questions or
join a online session!
https://www.splunk.com/en_us/community.html
Try:
Splunk Security Online
Experience (No Download)
https://www.splunk.com/en_us/solutions/solution-
areas/security-and-fraud/security-
investigation/getting-started.html
Explore:
Splunkbase – our online
store of over 1000+ apps
https://splunkbase.splunk.com/
56. © 2017 SPLUNK INC.
• 5,000+ IT and Business Professionals
• 175+ Sessions
• 80+ Customer Speakers
PLUS Splunk University
• Three days: Sept 23-25, 2017
• Get Splunk Certified for FREE!
• Get CPE credits for CISSP, CAP, SSCP
SEPT 25-28, 2017
Walter E. Washington Convention Center
Washington, D.C.
CONF.SPLUNK.COM
.conf2017: The 8th Annual Splunk Conference
58. © 2017 SPLUNK INC.
Splunk for IT Operations:
Splunk IT Operations Vision, Strategy & Evolution
Guillaume Aymé | IT Operations Evangelist, EMEA
60. © 2017 SPLUNK INC.
People don't know
what they want until
you show it to them
64. © 2017 SPLUNK INC.
It’s never been so cheap
to try and fail
But there’s nothing more
expensive than not trying
66. © 2017 SPLUNK INC.CONFIDENTIAL. INTERNAL USE ONLY.
No way to
differentiate
69. © 2017 SPLUNK INC.
IT is becoming fragmented and complex
Containers DevOps SaaS
IaaS Microservices APIs Serverless
Hadoop Network
Sensors
72. © 2017 SPLUNK INC.
The User Experience is the Digital Experience
Social Media
Campaign
Visit
Website
Book on
Mobile App
Check-in in
Reception
Connect to
Wifi in Room
Watch TV in
Room
Check-out
On Mobile
74. © 2017 SPLUNK INC.
Data is your most precious
and binds (it) all
75. © 2017 SPLUNK INC.
Collecting and analysing this data has never been so easy
Network
InfrastructureLayer
Packet, Payload, Traffic,
Utilization, Perf
Storage
Utilization, Capacity,
Performance
Server
Performance, Usage,
Dependency
ApplicationLayer
User Experience
Usage, Response Time,
Failed Interactions
Byte Code Instrumentation
Usage, Experience,
Performance, Quality
Business Performance
Corporate Data, Intake,
Output, Throughput
Splunk Approach:
▶ Single repository for ALL data
▶ Data in original raw format
▶ Machine learning
▶ Simplified architecture
▶ Fewer resources to manage
▶ Collaborative approach
MACHINE
DATA
76. © 2017 SPLUNK INC.
Worldwide IT Event and Log Management
Software Market 2016
Market-share
leader for the
second
consecutive
year
78. © 2017 SPLUNK INC.
Don’t treat
your online
customers as
second class
citizens
79. © 2017 SPLUNK INC.
We wouldn’t
allow users or
customers to
fail in physical
world?
83. © 2017 SPLUNK INC.
Not all your customers are
the same
Context is everything
84. © 2017 SPLUNK INC.
Hardware OS Process Application Transactions
1980s 1990s 2000s 2010s Now
Machine
Data AnalyticsSmall
Data
IT monitoring
needs to change
Users
85. © 2017 SPLUNK INC.
Infrastructure Application Process Customers
Evolution of monitoring at ING Bank
Reduced downtime to 8 minutes a year
89. © 2017 SPLUNK INC.
Fix problems faster and
reduce MTTR
Reduce IT outage
costs
Identify issues before
they happen
Splunk has been helping customers for years
90. © 2017 SPLUNK INC.
Tesco
95% cut in investigation & resolution time
50% reduction in escalations
30% acceleration in development cycles
92. © 2017 SPLUNK INC.
But we must
equip your
crew to go at
warp factor 9
95. © 2017 SPLUNK INC.
End-to-end visibility of virtual desktop
infrastructure user experience with
Splunk
Visibility of poor user
experience
previously never
detected
Incident resolution
time from weeks to
hours
97. © 2017 SPLUNK INC.
Your CI/CD pipeline is complex
Continuous Integration (CI)/Continuous Delivery (CD)
Plan
(JIRA, Rally)
Code
(Git, MS-TFS)
Build
(Jenkins, Bamboo)
Test/QA
(Cucumber, SonarQube)
Release
(Jenkins, Octopus)
Stage
(Pivotal, AWS)
Config
(Puppet, Ansible)
Monitor
(New Relic, Dynatrace)
98. © 2017 SPLUNK INC.
Value Stream
Mapping from
concept to
delivery
99. © 2017 SPLUNK INC.
Identify waste in your
delivery pipeline
For example, waiting
for your builds to
complete
100. © 2017 SPLUNK INC.
Value stream
focuses on
business value not
just that a feature
has been released
101. © 2017 SPLUNK INC.
Version
Control
Logging &
Performance
Build
Automation
Test
Automation Deployment
MeterJ
APACHE
Complete visibility into performance in dev/test
End-to-end visibility of delivery toolchain
Risk Systems
DevOps team
103. © 2017 SPLUNK INC.
Accelerate your time to market with apps
Platform for Operational Intelligence
There are now 1400+ apps for Splunk
104. © 2017 SPLUNK INC.
Management asked for
« One day trip » - how
much value can we get out
in one day without knowing
either solution at all. In
half a day I had responded
to my needs with Splunk. It
was clearly the choice for
my management
Gabriel DAUSQUE
.NET developer at Engie Global Trading
105. © 2017 SPLUNK INC.
Application Chronos
Time To Value
▶ End-to-end visibility over trading desk
application and underlying infrastructure with
Splunk ITSI
▶ Real time KPIs of business and IT performance
Deployed in 3 weeks
VS
One-year of internal
development
107. © 2017 SPLUNK INC.
Let machines help
you
(Some things
machines are better
than we are at)
109. © 2017 SPLUNK INC.
Event Management
– let Splunk
intelligently group,
filter, aggregate
111. © 2017 SPLUNK INC.
Let machines learn what good
and bad looks like
113. © 2017 SPLUNK INC.
Outlier detected for faulty cell tower light
The tower light turns on only at night,
controlled by Canadian air traffic control
116. © 2017 SPLUNK INC.
Predict Numeric Fields (Linear
Regression)
Predict Categorical Fields (Logistic
Regression)
Detect Numeric Outliers (distribution
statistics)
Detect Categorical Outliers
(probabilistic measures)
Forecast Time Series
Cluster Numeric Events
Splunk Machine
Learning Toolkit
117. © 2017 SPLUNK INC.
Machine Learning packed
tightly into Apps without
needing you to worry
120. © 2017 SPLUNK INC.
Your KPIs have become
Revenue
Net Promoter Score
Time to Market
Risk
122. © 2017 SPLUNK INC.
Passenger KPIs at Gatwick Airport
Getting
passengers to
their plane as
quickly as
possible