Splunk live! Inteligência operacional em um mundo de bigdata

Diogo  Tamura  Brazil  Alliances  and  Channel  Sales  Manager  

Inteligência Operacional em um Mundo de Big Data

Copyright © 2014 Splunk Inc.

Big Data

“Big  data  is  high-­‐volume,  high-­‐velocity  and  high-­‐variety  informa=on  assets  that  demand  cost-­‐effec3ve,  innova3ve  forms  of  informa3on  processing  for  enhanced  insight  and  decision  making.”    

     h#p://www.gartner.com/it-­‐glossary/big-­‐data/  

Gartner:

Quais são os Desafios?

Estruturados

Não Estruturados

Todd Papaioannou Jan 27, 2014, 11:55 PM! FIND A BETTER PIC?!

Dados de Máquina

Transforme Dados de Máquina em Vantagem Competitiva

GPS, Wire,

Hypervisor, Web Servers,

Email, Messaging Clickstreams, Mobile,

Telephony, IVR, Databases, Sensors, Telematics, Storage,

Servers, Security Devices, Desktops

Mar 01 19:18:50:000 aaa2 radiusd[12548]:[ID 959576 local1.info] INFO RADOP(13) acct start for 2172618992@splunktel.com 10.164.232.181 from 12.130.60.5 recorded OK.!2013-03-01 19:18:50:150 10.2.1.34 GET /sync/addtolibrary/01011207201000005652000000000053 - 80 - 10.164.232.181 "Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3" 503 0 0 825 1680!Mar 01 19:18:50:163 aaa2 radiusd[12548]:[ID 959576 local1.info] INFO RADOP(13) acct stop for 2172618992@splunktel.com 10.164.232.181 from 12.130.60.5 recorded OK.!

DADOS DE MÁQUINA TEM VALOR

IP  Address  

Phone  Number  

Track  ID  

Error  Code  

E Como Trabalhar os

Dados de Máquina?

Forma Tradicional…

Coletar    Dados  

Armazenar  Dados  

Visualizar  Dados  

Minerar  Dados  

Coletores   Parsers   Banco  de  Dados  

Modelag.  Anali3ca  

Forma Tradicional…

Coletar    Dados  

Armazenar  Dados  

Visualizar  Dados  

Minerar  Dados  

Coletores   Parsers   Banco  de  Dados  

Modelag.  Anali3ca  

Big Data

“Big  data  is  high-­‐volume,  high-­‐velocity  and  high-­‐variety  informa=on  assets  that  demand  cost-­‐effec3ve,  innova3ve  forms  of  informa3on  processing  for  enhanced  insight  and  decision  making.”    

     h#p://www.gartner.com/it-­‐glossary/big-­‐data/  

Gartner:

✗   ✗   ✗  ✗  

E Por Tentam me Empurrar Isso??

- Volume de dados armazenados

- Volume de dados processados ✗  ✗  

O Que é Importante para seu Negócio?

- Preciso de respostas, e preciso já! - Não sei hoje o que vou perguntar amanhã!

FOCO NO TEMPO DE RESPOSTA E REAÇÃO!!

Inteligência Operacional

Turning Machine Data Into Business Value Index  Untapped  Data:  Any  Source,  Type,  Volume  

Online  Services   Web  

Services  

Servers  Security   GPS  

Loca=on  

Storage  Desktops  

Networks  

Packaged  Applica=ons  

Custom  Applica=ons  Messaging  

Telecoms  Online  

Shopping  Cart  

Web  Clickstream

s  

Databases  

Energy  Meters  

Call  Detail  Records  

Smartphones  and  Devices  

RFID  

On-­‐  Premises  

Private    Cloud  

Public    Cloud  

Copyright © 2014 Splunk Inc.

 Ask  Any  Ques3on  

Applica3on  Delivery  

Security,  Compliance  &  Fraud  

IT  Opera3ons  

Business  Analy3cs  

Industrial  Data  &  Internet  of  Things  

SPLUNK ANALYTIC CAPABILITIES

HA  /  DR   Admin   Data  Security   Apps   API  Scale  

Feed  Data  

Store  Data  

   Structure  Data  

Search,  Explore  

Analyze,  Mine    

Report,  Visualize  

Alert  &  Ac3on  

Splunk Platform

17  

Capabili3es   Data  Input  

Data  Fabric  

Metadata  Capture    Layer  

Search,  Explore    

Analyze,  Mine    

Report,  Dashboard,  Pivot    

Alert  &  Ac3on    

•  Modular  Inputs†  •  DBConnect†  •  GDI  UI*  •  MINT*  •  Stream*  •  Forwarder  Remote  Inputs‡  

•  Index†  •  HPAS  (TSIDX)†  

•  App  KV  Store*  

•  TSUM  on  TSIDX‡  

•  Data  Model†  •  Add-­‐Ons†‡  •  IFX*  •  CIM‡  

•  SPL†  •  Explora3on  UI†  •  Instant  Pivot*  •  Pa]ern  Detect*  

•  PL-­‐SPL‡  •  Anomaly  Detec3on‡  

•  Forecas3ng‡  

•  Prebuilt  Panels*  •  Mobile  Access*  •  Collab‡  •  Query  Builder‡  

•  Mod  Alerts‡  •  Workflow‡  

Scale/  HA/  DR   Manageability/  Admin  

Data  Security  &  Sensi3vity  

Apps  Pla`orm  &  Marketplace  

Extensibility  &  Developer  

•  APIs/SDKs†  •  ODBC†  

•  Mul3-­‐Site  Clustering  •  SH  Clustering*  

†  Already  shipped  *  An=cipated  in  6.2  ‡  Roadmap  item  

•  Distributed  Mgmt  Console*  

•  App  Deployment‡  

•  Data  signing‡  

9 YEARS OF SPLUNK ENTERPRISE SOFTWARE R&D ON TOP OF HADOOP

HUNK

5th Annual Splunk WWUC •  October 4-6, 2014 •  MGM Grand, Las Vegas •  3 days of Splunk University - Get

Certified! •  3 days of Technical Content •  140+ sessions •  50+ Customer Speakers •  30+ Technology Partners •  30+ Apps in Apps Showcase •  Ask the Experts, Business Value ROI

Booth, and more

conf.splunk.com