Embed Size (px)
Citation preview
Copyright © 2013 Splunk Inc.
What’s New in Splunk Enterprise 6
Legal NoticesDuring the course of this presentation, we may make forward-looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward-looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not, be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release.
Splunk, Splunk>, Splunk Storm, Listen to Your Data, SPL and The Engine for Machine Data are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective
owners.
©2013 Splunk Inc. All rights reserved.
2
Company (NASDAQ: SPLK)
Business Model / Products
Customers 6000+
founded2004first software release2006
HQ San Francisco
On-premise
In the cloud
SaaS
60+
100
of the Fortune 100
Largest license:
Terabytes/day
Splunk Company Update
3
Industry Recognition
Big Data Innovator
2013 SIEM Magic Quadrant
LEADER2012 Security Market Growth
#1 Worldwide2012 IT Operations Market Growth
#3 Worldwide
Best SIEM North America Best Enterprise Security Solution EMEA
#1
MostInnovative #4
4
The Accelerating Pace of DataVolume | Velocity | Variety | Variability
GPS,RFID,
Hypervisor,Web Servers,
Email, Messaging,Clickstreams, Mobile,
Telephony, IVR, Databases,Sensors, Telematics, Storage,
Servers, Security Devices, Desktops
Machine data is the fastest growing, most complex, most valuable area of big data
5
What Does Machine Data Look Like?Sources
Order Processing
Care IVR
Middleware Error
6
Machine Data Contains Critical InsightsCustomer ID Order ID
Customer’s Tweet
Time Waiting On Hold
Twitter ID
Product ID
Company’s Twitter ID
Customer IDOrder ID
Customer ID
Sources
Order Processing
Care IVR
Middleware Error
7
Machine Data Contains Critical InsightsOrder ID
Customer’s Tweet
Time Waiting On Hold
Product ID
Company’s Twitter ID
Order ID
Customer ID
Twitter ID
Customer ID
Customer ID
Sources
Order Processing
Care IVR
Middleware Error
8
9
Make machine data accessible, usable and valuable to everyone.
Industry Leading Platform for Machine DataAny Machine Data Operational Intelligence
HA Indexes and Storage
Search and Investigation
Proactive Monitoring
Operational Visibility
Real-time Business Insights
CommodityServers
Online Services Web
Services
ServersSecurity GPS
Location
StorageDesktops
Networks
Packaged Applications
CustomApplicationsMessaging
TelecomsOnline
Shopping Cart
Web Clickstreams
Databases
Energy Meters
Call Detail Records
Smartphones and Devices
RFID
10
Industry Leading Platform for Machine DataAny Machine Data Operational Intelligence
HA Indexes and Storage
Search and Investigation
Proactive Monitoring
Operational Visibility
Real-time Business Insights
CommodityServers
Online Services Web
Services
ServersSecurity GPS
Location
StorageDesktops
Networks
Packaged Applications
CustomApplicationsMessaging
TelecomsOnline
Shopping Cart
Web Clickstreams
Databases
Energy Meters
Call Detail Records
Smartphones and Devices
RFID
Any amount, any location, any source
Schema-on-the-fly
Universal forwarding
No back-end RDBMS
No need to filter
data
11
Turning Machine Data Into Operational Intelligence
Reactive
Searchand
Investigate
ProactiveMonitoringand Alerting
OperationalVisibility
ProactiveReal-time Business
Insight
12
IT Operations Management Industrial Data / Internet of Things
Operational Intelligence for IT and Business Users
13
Digital Intelligence
Business Analytics
Application Management
LOB Owners/Executives
SystemAdministrator
OperationsTeams
SecurityAnalysts
IT Executives
Application Developers Auditors Website/Business
AnalystsCustomerSupport
Security and Compliance
ITOperations
Security and Compliance
Digital Intelligence
App Dev and
App Mgmt.
Developer Platform (REST API, SDKs)
Business Analytics
Industrial Data and Internet of
Things
Small Data. Big Data. Huge Data.
Splunk Delivers Value Across IT and the Business
VERSIONS
Setting the Standard for Operational Intelligence
Engine Platform1 2 3
2006-2008
Tool
2009-2011 2012
VERSIONS4 4.1 4.2 4.3
VERSIONS5
“Google for the datacenter”
“Engine for machine-generated data”
“Platform for operational intelligence”
15
What’s NextWhat do organizations need
16
Drive Value Across the Enterprise
Simplify management of enterprise Splunk
deployments
Enable faster and easier analytics for broader
set of users
Deliver Operational Intelligencefor Everyone
Accelerate development of enterprise apps
using Splunk
17
Introducing Splunk 6
Powerful analytics anyone can use
Up to 1000x faster over Splunk 5
18
Powerful Analytics Anyone Can Use
Enables non-technical users to build complex reports without learning the search language
Provides more meaningful representation of underlying raw machine data
Acceleration technology delivers up to 1000x faster analytics over Splunk 5
Pivot
Data Model
Analytics Store
Easy-to-use Analytics Interface
Pivot• Drag-and-drop interface
enables any user to analyze data
• Build complex queries and reports without learning search language
• Click to visualize any chart type; reports dynamically update when fields change
POWERFULANALYTICS
Select fields from data model
Time Window
All chart types available in the chart toolbox
Save Report to share
20
Define Relationships in Machine Data
Data Model• Describes how underlying
machine data is represented and accessed
• Defines meaningful relationships in the data
• Enables single authoritative view of underlying raw data
POWERFULANALYTICS
Hierarchical object view of underlying data
Add constraints to filter out events
21
Deliver Analytics Up to 1000x Faster
High Performance Analytics Store• Transparent acceleration
technology • Retrieval speeds up to 1000x
faster than previous Splunk versions
• Used to accelerate data models - created at the click of a button
POWERFULANALYTICS
Time window of data that is accelerated
Check to enable acceleration of data model
22
The Path to Analytics
Explore and Understand
Analyze and Visualize
Pivot DataData Model
Analytics Store
Model and Accelerate
1. 2. 3.
23
24
Empowering Users Across the Enterprise
IT Professional• Create and share Data Models• Accelerate Data Models and
custom searches with the Analytics Store
• Create reports with Pivot
Developer Analyst• Leverage Data Models to
abstract data• Leverage Pivot in custom apps
• Create reports using Pivot based on Data Models created by IT
PivotData ModelRaw Data Analytics
Store[10/11/12 18:57:04 UTC] 000000b0 PolicyService E
Additional Analytics Features
Predictive AnalysisMaps• Integrated GeoIP map that
display geographic data and summaries
• Find patterns in data to predict system capacity and resource utilization
25
Powering Security Intelligence
Splunk Enterprise 6• Normalization without data
reduction• Customized for different
data types• Supports converged IT
Security and IT Operations data ontologies
• Support for fast reporting
POWERFULANALYTICS
Example of security data models
26
Other New Features in Splunk 6
Improve users’ productivity
enabling instant access to relevant apps and content
Deliver simplified and scalable management for enterprise Splunk
deployments
Rapidly build Splunk apps using
standards-based web technologies
SIMPLIFIED MANAGEMENT
INTUITIVE USER EXPERIENCE
RICH DEVELOPER ENVIRONMENT
27
Increased User Productivity
New Home Screen
• New menu system enables rapid navigation to apps, data and content relevant to user
• Removes need to open apps in order to explore content
• Customizable to different users and roles
INTUITIVE USER EXPERIENCE
Search Bar
Splunk Apps
Add Data Source
28
Redesigned Search and Reporting
Enhanced Search Experience• Search and analyze data
from a unified interface• Simplified authoring and
editing of reports• Instantly navigate to create
new visualizations, tables and dashboard panels
INTUITIVE USER EXPERIENCE
Search Bar
Search Results
Access Reports and Dashboards
29
Centralized Cluster Management
Simplified Cluster Management• Monitor Splunk high availability
services for business critical deployments at scale
• Automatic search workload and data rebalancing when clusters change
• Easier and more transparent app deployment to indexers
• Faster recovery from failures
SIMPLIFIED MANAGEMENT
Cluster Health
Visual Status
Splunk Indexes
30
Easier Deployment, Configuration
Forwarder Management• New visual management
interface to deploy and monitor thousands of configurations
• Track status of roll out and easily track down errors
• Monitor deployment activity• Enables management of
forwarder configuration
SIMPLIFIED MANAGEMENT
Information about forwarder
Number that have downloaded a config
Number of forwarders being monitored
Number with errors
31
Powerful Dashboard Customization
Enhanced Dashboard Editor• Build interactive dashboards
and user workflows without writing Advanced XML code
• Easily add custom styling, behavior and visualizations
• One-click access to develop in the Splunk web framework
RICH DEVELOPER ENVIRONMENT
Menu to easily customize dashboard without advanced XML
32
Familiar Developer Environment
Web Framework• Quickly and efficiently build
Splunk apps using familiar web technologies
• Client-side development with Splunk JavaScript components and JavaScript libraries
• Server-side development support with Python and the Django framework
RICH DEVELOPER ENVIRONMENT
REST API
Build Splunk Apps Extend and Integrate Splunk
Simple XML
JavaScript
Django
Web Framework
JavaJavaScriptPython
RubyC#PHP
Data Models
Search Extensibility
Modular Inputs
SDKs
33
Faster and easier analysis and visualizations for business users
Easier management of enterprise-scale Splunk deployments
Powerful productivity features for end users
Summary
INTUITIVE USER EXPERIENCE
RICH DEVELOPER ENVIRONMENT
Rapidly build Splunk apps using standard web languages and frameworks
POWERFULANALYTICS
SIMPLIFIED MANAGEMENT
34
Thank Youwww.splunk.com/6
