Michael Wilde, Splunk Ninja, gives an overview of Splunk, and discusses ways in which Splunk has solved some of its challenges using Amazon\'s EC2 / S3 Web Service to accomplish business goals
7. Our IT infrastructures are too complex,
dynamic, service oriented, virtualized and
mission critical. Existing management
approaches haven’t kept up.
The IT Search Company
8. Search is scalable, versatile
and keeps up with change. It turns
the data you already have into
actionable information.
The IT Search Company
9. Search your IT infrastructure
>
Last 60 minutes
The IT Search Company
10. Search your IT infrastructure
J2EE exception >
Last 60 minutes
Operations
Troubleshoot problems
The IT Search Company
11. Search your IT infrastructure
fail* password sshd >
Last 24 hours
Operations Security
Troubleshoot problems Investigate attacks
The IT Search Company
12. Search your IT infrastructure
file modify | chart by source >
Last 7 days
Operations Security Compliance
Troubleshoot problems Investigate attacks Reporting and Controls
The IT Search Company
13. Search your IT infrastructure
transaction fields=userid >
Last 7 days
Operations Security Compliance Business Intelligence
Troubleshoot problems Investigate attacks Reporting and Controls Analyze transactions
The IT Search Company
14. Search your IT infrastructure
transaction fields=userid >
Last 7 days
Operations Security Compliance Business Intelligence
Troubleshoot problems Investigate attacks Reporting and Controls Analyze transactions
The IT Search Company
15. Search
• Time search with interactive results
• Keyword search with quoted strings, wild
cards, booleans and nesting
• Targeted field search
- Host, sources, events
- Custom fields
• Summary and statistical search
• Transaction search
• Right click integration
with other applications
The IT Search Company
16. Alert
• Save any search and run it on a schedule
to create an alert
• Alerts can trigger notifications and/or
actions based on the search results
• Notifications can be sent via email, SMS,
RSS or SNMP and integrated with other
management consoles
• Actions can trigger scripts to perform
activities like restarting a server
The IT Search Company
17. Report
• One click reports from search results
• Any field can be used to plot series
• Flexible chart outputs and formats
• Interactive charts provide one click
drill down
• Select multiple fields to plot
several series together
The IT Search Company
18. Share
• Save knowledge to share with other
users and groups
- Searches
- Alerts
- Reports
- Dashboards
- Types, Tags, Actions
• Package knowledge as an application
and share with other installations
The IT Search Company
19. Visualize
• Connect visualization apps to the
Splunk API
• Feed business intelligence and
reporting applications with IT data
using the Splunk API
• Create dynamic visualizations of data
with using one of the Splunk SDKs
- Flash
- Python
- C, C++
- Java
- .Net
The IT Search Company
22. Running a Developers Camp
• First Splunk Developers Camp
(August 4, 2008)
• 65 onsite, 298 watching live via
Splunk.TV
• Give dev’s a place to work they
can self administer, but how?
The IT Search Company
23. DevCamp - the Fabulatr
• Users don’t need AWS accounts
• Easy starting/stopping of EC2
instances
• Emails the instructions & SSH
key Kord Campbell, Chief Evangelist
• Free, Open Source
The IT Search Company
24. DevCamp - the Fabulatr
• Users don’t need AWS accounts
• Easy starting/stopping of EC2
instances
• Emails the instructions & SSH
key Kord Campbell, Chief Evangelist
• Free, Open Source
The IT Search Company
25. DevCamp - the Fabulatr
Get it
@Google
Code
The IT Search Company