Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Splunk

Download as PPTX, PDF
D
Deep Mehta

Splunk is a time-series data platform that handles the three V's of data (volume, velocity, and variety) very well. It collects, indexes, and allows searching and analysis of data. Splunk can collect data from files, directories, network ports, programs/scripts, and databases. It breaks data down into searchable events and builds a high-performance index. This allows users to search, manipulate, and visualize data in reports, charts, and dashboards. Splunk can analyze structured, unstructured, and multistructured data from various sources like logs, networks, clicks, and more.

1 of 39
By Deep Mehta
What is Splunk? Splunk is Time Series Indexer that take care of three V’s very well. Data Collection Data Indexing Search and Analysis
Splunk
Data Collection in Splunk • Static data or by monitoring changes and additions to files or complete directories on a real time basis. • Data can also be collected from network ports or directly from programs or scripts. • Splunk can connect with relational databases to collect, insert or update data.
Data Indexing in Splunk • Data is broken down into events, roughly equivalent to database records. The data is processed and a high performance index is updated, which points to the stored data.
Splunk
Search And Analysis • The Splunk Processing Language, you are able to search for data and manipulate it to obtain the desired results, whether in the form of reports or alerts. The results can be presented as individual events, tables, timecharts, dashboard or charts .
Data in Splunk • Traditional structured data that is residing in databases or data warehouses. • Unstructured data or documents stored in content repositories. • Multistructured data available in different types of logs. • Clickstream data. • Network data.
Why Splunk
• Operational Data Insights • Machine Data • Business Intelligence • Machine learning Why Splunk
• Operational intelligence (OI) is a category of real-time dynamic, business analytics that delivers visibility and insight into data, streaming events and business operations Operational Data Insights
• The newer categories of data such as logs, network, clickstream and social media becoming part of the mainstream data analysis done by enterprises to make better business decisions. These types of data are sometimes also known as machine data. Machine Data
Splunk
• Business Intelligence (BI) refers to the tools, technologies, applications and practices used to collect, integrate, analyze, and present an organization’s raw data in order to create insightful and actionable business information. Business Intelligence
• Machine learning has the potential to radically transform our daily lives. Whether you are trying to predict how likely someone is to purchase a product, or determine when a cellular network will go down, machine learning can deliver predictive analytics based on the patterns seen in machine data Machine Learning with Splunk
Splunk requires I.T. to focus on • Aligning with the business • Improving customer experience • Accelerating time to value • Develop new Digital Service
Splunk Architecture
Splunk
Splunk Architecture
Scaling in Splunk
Splunk
Splunk for Single Indexer
Splunk For Multi Indexer
Splunk For Security
Splunk SIEM Solutions • Real Time Monitoring — Get a clear visual picture of the organization’s security posture, easily customize views and drill down to the raw event • Prioritize and Act — Gain a security-specific view of your data to increase detection capabilities and optimize incident response • Rapid Investigations — Use ad hoc search and static, dynamic and visual correlations to determine malicious activities • Handle Multi-Step Investigations — Conduct breach and investigative analyses to trace the dynamic activities associated with advanced threats • Splunk ES can be deployed as software, as a cloud service, in a public or private cloud, or in a hybrid software-cloud deployment • Gain insight from hybrid, Cloud and on-premises services • Migrate or replace your legacy SIEM – select flexible options to overcome legacy SIEM challenges
Application Management Using Splunk Splunk helps companies deliver a better customer experience with application management solutions that monitor and measure the key areas that impact Customer Experience (CX): uptime, response times, and MTTR. Unlike traditional vendors, Splunk provides visibility across the entire stack, which enables customers to: •Reduce mean-time-to-resolution (MTTR) from a few days to a few minutes. •Proactively alert and notify for rapid problem detection and resolution •Index any form of machine data and systemically analyze application and system performance •Gain insights on end-user transactions from multiple points of view •Empower stakeholders to gain insights and make better business and technology decisions
Visibility across Entire Stack Splunk helps companies deliver a better customer experience with application management solutions that monitor and measure the key areas that impact Customer Experience (CX): uptime, response times, and MTTR. Unlike traditional vendors, Splunk provides visibility across the entire stack, which enables customers to: •Reduce mean-time-to-resolution (MTTR) from a few days to a few minutes. •Proactively alert and notify for rapid problem detection and resolution •Index any form of machine data and systemically analyze application and system performance •Gain insights on end-user transactions from multiple points of view •Empower stakeholders to gain insights and make better business and technology decisions
Insights Across All Environments Containers add speed and flexibility but they also introduce added complexity related to logging, monitoring, visibility, orchestration and security. Splunk helps companies unify insights across container environments and the entire technology stack with a single solution. This enables developers to focus on what’s most important—the application itself. •Monitor and analyze container data and enable IT operations analytics •Find and fix container related problems faster •Quickly address complex questions on container performance •Determine whether the container, or the application that is running the container is at fault for performance errors
Splunk for Internet Of Things Splunk software provides a scalable and versatile platform for machine data generated by all of the devices, control systems, sensors, SCADA, networks, applications and end users connected by today's networks. •Gain real-time insights and a unified view across critical industrial systems and assets •Improve operational efficiency through reduced downtime and increased availability •Quickly diagnose costly operational issues by correlating data from across operational technology •Move from reactive to proactive in your operations by detecting patterns, trends and anomalies
Splunk For Production Unit Manufacturers strive to optimize yield, performance and profit, but it can be difficult to gain operational visibility when faced with complex processes and multitudes of systems and sensors. Splunk software collects and analyzes IT and industrial data on a single platform to deliver real-time, operational insights across the organization and throughout manufacturing processes. Splunk helps you: •Gain visibility into IT and manufacturing operations •Monitor performance and uptime of systems and applications •Rapidly troubleshoot issues in IT and industrial systems •Improve security posture across the entire organization •Gain insights into device, sensor and equipment performance
Splunk For Advance Application Monitoring Proactively measuring application availability, usage and performance is critical for delivering a positive customer experience. Measure real-time availability, performance, error and usage insights on applications you’ve built and licensed, as well as the underlying infrastructure
Splunk for Troubleshooting Minimize MTTR by rapidly identifying the causes of outages, performance bottlenecks and errors, whether the problem resides in the application or the infrastructure supporting that application.
Splunk for Capacity Planning Apply usage insights to optimize application performance and cost—ensuring you can deliver a positive customer experience, both today and in the future.
Splunk for Service Level Management Analyze and report overall service availability and the key performance indicators (KPIs) that support service level agreements (SLAs). You can also quickly drill down to find out the root cause of problems that are preventing SLA attainment.
Splunk for Business Insight Collect, index and analyze data to assess the business impact of transactions and enable developers, operations and lines of business to understand how applications drive business activity.
Splunk for DevOps Improve collaboration and gain visibility across the product development lifecycle to reduce the time required to deliver effective code, monitor the DevOps tool chain, and gain application insights that influence future DevOps cycles.
Splunk for Container Monitoring Gain insights on apps running in containers, as well as the container environment. Connect insights from containers with all layers of the technology stack. Quickly address complex questions on container performance, and troubleshoot container-rich application environments
Splunk For Mobile Intelligence Improve mobile application performance monitoring (APM) and end user monitoring (EUM). Deliver better performing, more reliable apps, and gain insight on end user experience. Make mobile data open to developers, operations and line of business users.
Thanking You

More Related Content

Splunk

  • 2. What is Splunk? Splunk is Time Series Indexer that take care of three V’s very well. Data Collection Data Indexing Search and Analysis
  • 4. Data Collection in Splunk • Static data or by monitoring changes and additions to files or complete directories on a real time basis. • Data can also be collected from network ports or directly from programs or scripts. • Splunk can connect with relational databases to collect, insert or update data.
  • 5. Data Indexing in Splunk • Data is broken down into events, roughly equivalent to database records. The data is processed and a high performance index is updated, which points to the stored data.
  • 7. Search And Analysis • The Splunk Processing Language, you are able to search for data and manipulate it to obtain the desired results, whether in the form of reports or alerts. The results can be presented as individual events, tables, timecharts, dashboard or charts .
  • 8. Data in Splunk • Traditional structured data that is residing in databases or data warehouses. • Unstructured data or documents stored in content repositories. • Multistructured data available in different types of logs. • Clickstream data. • Network data.
  • 10. • Operational Data Insights • Machine Data • Business Intelligence • Machine learning Why Splunk
  • 11. • Operational intelligence (OI) is a category of real-time dynamic, business analytics that delivers visibility and insight into data, streaming events and business operations Operational Data Insights
  • 12. • The newer categories of data such as logs, network, clickstream and social media becoming part of the mainstream data analysis done by enterprises to make better business decisions. These types of data are sometimes also known as machine data. Machine Data
  • 14. • Business Intelligence (BI) refers to the tools, technologies, applications and practices used to collect, integrate, analyze, and present an organization’s raw data in order to create insightful and actionable business information. Business Intelligence
  • 15. • Machine learning has the potential to radically transform our daily lives. Whether you are trying to predict how likely someone is to purchase a product, or determine when a cellular network will go down, machine learning can deliver predictive analytics based on the patterns seen in machine data Machine Learning with Splunk
  • 16. Splunk requires I.T. to focus on • Aligning with the business • Improving customer experience • Accelerating time to value • Develop new Digital Service
  • 22. Splunk for Single Indexer
  • 23. Splunk For Multi Indexer
  • 25. Splunk SIEM Solutions • Real Time Monitoring — Get a clear visual picture of the organization’s security posture, easily customize views and drill down to the raw event • Prioritize and Act — Gain a security-specific view of your data to increase detection capabilities and optimize incident response • Rapid Investigations — Use ad hoc search and static, dynamic and visual correlations to determine malicious activities • Handle Multi-Step Investigations — Conduct breach and investigative analyses to trace the dynamic activities associated with advanced threats • Splunk ES can be deployed as software, as a cloud service, in a public or private cloud, or in a hybrid software-cloud deployment • Gain insight from hybrid, Cloud and on-premises services • Migrate or replace your legacy SIEM – select flexible options to overcome legacy SIEM challenges
  • 26. Application Management Using Splunk Splunk helps companies deliver a better customer experience with application management solutions that monitor and measure the key areas that impact Customer Experience (CX): uptime, response times, and MTTR. Unlike traditional vendors, Splunk provides visibility across the entire stack, which enables customers to: •Reduce mean-time-to-resolution (MTTR) from a few days to a few minutes. •Proactively alert and notify for rapid problem detection and resolution •Index any form of machine data and systemically analyze application and system performance •Gain insights on end-user transactions from multiple points of view •Empower stakeholders to gain insights and make better business and technology decisions
  • 27. Visibility across Entire Stack Splunk helps companies deliver a better customer experience with application management solutions that monitor and measure the key areas that impact Customer Experience (CX): uptime, response times, and MTTR. Unlike traditional vendors, Splunk provides visibility across the entire stack, which enables customers to: •Reduce mean-time-to-resolution (MTTR) from a few days to a few minutes. •Proactively alert and notify for rapid problem detection and resolution •Index any form of machine data and systemically analyze application and system performance •Gain insights on end-user transactions from multiple points of view •Empower stakeholders to gain insights and make better business and technology decisions
  • 28. Insights Across All Environments Containers add speed and flexibility but they also introduce added complexity related to logging, monitoring, visibility, orchestration and security. Splunk helps companies unify insights across container environments and the entire technology stack with a single solution. This enables developers to focus on what’s most important—the application itself. •Monitor and analyze container data and enable IT operations analytics •Find and fix container related problems faster •Quickly address complex questions on container performance •Determine whether the container, or the application that is running the container is at fault for performance errors
  • 29. Splunk for Internet Of Things Splunk software provides a scalable and versatile platform for machine data generated by all of the devices, control systems, sensors, SCADA, networks, applications and end users connected by today's networks. •Gain real-time insights and a unified view across critical industrial systems and assets •Improve operational efficiency through reduced downtime and increased availability •Quickly diagnose costly operational issues by correlating data from across operational technology •Move from reactive to proactive in your operations by detecting patterns, trends and anomalies
  • 30. Splunk For Production Unit Manufacturers strive to optimize yield, performance and profit, but it can be difficult to gain operational visibility when faced with complex processes and multitudes of systems and sensors. Splunk software collects and analyzes IT and industrial data on a single platform to deliver real-time, operational insights across the organization and throughout manufacturing processes. Splunk helps you: •Gain visibility into IT and manufacturing operations •Monitor performance and uptime of systems and applications •Rapidly troubleshoot issues in IT and industrial systems •Improve security posture across the entire organization •Gain insights into device, sensor and equipment performance
  • 31. Splunk For Advance Application Monitoring Proactively measuring application availability, usage and performance is critical for delivering a positive customer experience. Measure real-time availability, performance, error and usage insights on applications you’ve built and licensed, as well as the underlying infrastructure
  • 32. Splunk for Troubleshooting Minimize MTTR by rapidly identifying the causes of outages, performance bottlenecks and errors, whether the problem resides in the application or the infrastructure supporting that application.
  • 33. Splunk for Capacity Planning Apply usage insights to optimize application performance and cost—ensuring you can deliver a positive customer experience, both today and in the future.
  • 34. Splunk for Service Level Management Analyze and report overall service availability and the key performance indicators (KPIs) that support service level agreements (SLAs). You can also quickly drill down to find out the root cause of problems that are preventing SLA attainment.
  • 35. Splunk for Business Insight Collect, index and analyze data to assess the business impact of transactions and enable developers, operations and lines of business to understand how applications drive business activity.
  • 36. Splunk for DevOps Improve collaboration and gain visibility across the product development lifecycle to reduce the time required to deliver effective code, monitor the DevOps tool chain, and gain application insights that influence future DevOps cycles.
  • 37. Splunk for Container Monitoring Gain insights on apps running in containers, as well as the container environment. Connect insights from containers with all layers of the technology stack. Quickly address complex questions on container performance, and troubleshoot container-rich application environments
  • 38. Splunk For Mobile Intelligence Improve mobile application performance monitoring (APM) and end user monitoring (EUM). Deliver better performing, more reliable apps, and gain insight on end user experience. Make mobile data open to developers, operations and line of business users.