39
Copyright © 2014 Splunk Inc. Splunk Overview Presentation for Cornhusker Chapter of AITP

Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Embed Size (px)

Citation preview

Page 1: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Copyright © 2014 Splunk Inc.

Splunk Overview

Presentation for Cornhusker Chapter of AITP

Page 2: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Disclaimer

Although I am employed by National Research Corporation, the materials contained in this presentation has not been sponsored or endorsed by National Research Corporation. This material should not be associated with National Research Corporation and their policies or practices. All information from this presentation, either expressed or implied, should not be associated with National Research Corporation.

I am also not an employee of Splunk. I may express opinions and give information about the company and/or the products they sell. These statements should not be considered as factual or statements from the company.

2

Page 3: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Introduction

3

Page 4: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

IntroductionsTony Reinke

National Research Corporation

• Senior Systems Engineer

• Multiple Sites / Multiple Countries

• Active Director, DNS, DHCP, Certificates, Ticket Queue, Phone System, Log Management

• Represent Systems Engineering on the Security Advisory Team

4

• Worked in companies from 4 employees to 50,000 employees

• Been in IT for 18 years

• Founded local Splunk User Group

• Coach Youth Football

Other Information

Page 5: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Agenda

• What is Splunk?

• What is Machine Data?

• Splunk’s Interface

• Troubleshooting with Splunk

• Splunk for the End User

• Splunk for Management

• Splunk for the Community

5

Page 6: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Questions for the Group

6

Page 7: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

What is Splunk?

7

Page 8: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Splunk Company

8

Company (NASDAQ: SPLK)

Business Model / Products

Customers 7,900+

founded2004

first software release2006

HQ San Francisco

On-premise

In the cloud

SaaS

60+

100

of the Fortune 100

Largest license:

Terabytes/day

Page 9: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

What is Machine Data?

9

Page 10: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

What Does Machine Data Look Like?

10

Machine Data: Any Location, Type, Volume

Online Services Web

Services

ServersSecurity GPS

Location

StorageDesktops

Networks

Packaged Applications

CustomApplicationsMessaging

TelecomsOnline

Shopping Cart

Web Clickstreams

Databases

Energy Meters

Call Detail Records

Smartphones and Devices

RFID

On-Premises

Private Cloud

Public Cloud

Platform Support (Apps / API / SDKs)

Enterprise Scalability

Universal Indexing

Answer Any Question

DeveloperPlatform

Report and analyze

Custom dashboards

Monitor and alert

Ad hoc search

Page 11: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

What Does Machine Data Look Like?

11

Sources

Order Processing

Twitter

Care IVR

Middleware Error

Page 12: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

What Does Machine Data Look Like?

12

Customer ID Order ID

Customer’s Tweet

Time Waiting On Hold

Twitter ID

Product ID

Company’s Twitter ID

Customer IDOrder ID

Customer ID

Sources

Order Processing

Twitter

Care IVR

Middleware Error

Page 13: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

What Does Machine Data Look Like?

13

Order ID

Customer’s Tweet

Time Waiting On Hold

Product ID

Company’s Twitter ID

Order ID

Customer ID

Twitter ID

Customer ID

Customer ID

Sources

Order Processing

Twitter

Care IVR

Middleware Error

Page 14: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Splunk’s Interface

14

Page 15: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

15

Raw events

Auto-detected fields and values

Page 16: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

16

Page 17: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

17

Page 18: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

18

Page 19: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

19

Page 20: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

20

Page 21: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

21

Page 22: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Troubleshooting with Splunk

22

Page 23: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

23

Page 24: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

24

Page 25: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

25

Page 26: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Splunk for End Users

26

Page 27: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

27

Page 28: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Splunk for Management

28

Page 29: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

29

Page 30: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Copyright © 2014 Splunk Inc.

Splunk for the Community

Page 31: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

31

Page 32: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

32

Page 33: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

33

Page 34: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

34

Page 35: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

35

Page 36: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Upcoming Meetings

March 2015 MeetingJanuary 2015 Meeting

Location:

First Data in Omaha, NE

Date:

January 28th, 2015 at 6pm

Topics:

• How First Data is using Splunk

• Getting your data in to Splunk

• About Violin Memory

Location:

National Research Corp. in Lincoln, NE

Date:

March 25th, 2015 at 6pm

Topics:

• TBA featured company

• TBA learning

• About Nimble Storage

36

Page 37: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Splunk IRCSplunk Answers

37

Page 38: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Resources

Splunk402Splunk

http://www.splunk.com

500mb/day free

Recorded sessions from .conf2014

Splunk Events

Weekly Demos

Events Splunk will be at

User Group Events

Twitter: @splunk

http://www.splunk402.com

[email protected]

Twitter: @splunk402

38

Tony Reinke

[email protected]

Twitter: @tjreinke

Page 39: Splunk Overviewsplunk402.com/wp-content/uploads/2015/01/AITP.pdf · Agenda • What is Splunk? • What is Machine Data? • Splunk’s Interface • Troubleshooting with Splunk •

Thank You