Daniel Miller is the Australia and New Zealand Country Manager of Splunk. 9th Annual Innovators Conference -presentation day 1: March 7th @ the Palazzo Versace, Gold Coast, Australia
we may make forward looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release.
release in 2006 HQ: San Francisco / Region HQ: London, Hong Kong Over 750 employees, based in 12 countries FY2012 $120 million; +83% year-over-year Business Model / Products Free download to massive scale On-premise, in the cloud and SaaS 4,800+ Customers Customers in over 85 countries 54 of the Fortune 100 Largest license: 100 Terabytes per day
is being produced at a rate that is beyond the performance limits of traditional systems Volume The volume of data is too large for traditional database software tools to cope with Variety The data lacks the structure to make it suitable for storage and analysis in traditional databases and data warehouses – “Big data” describes the realization of greater business intelligence by storing, processing and analyzing data that was previously ignored due to the limitations of traditional data management technologies to handle its volume, velocity and/or variety.
is being produced at a rate that is beyond the performance limits of traditional systems Intimidating The volume of data is too large for traditional database software tools to cope with Ill-defined The data lacks the structure to make it suitable for storage and analysis in traditional databases and data warehouses – “Big data” describes the realization of greater business intelligence by storing, processing and analyzing data that was previously ignored due to the limitations of traditional data management technologies to handle its volume, velocity and/or variety.
capacity of conventional database systems. The data is too big, moves too fast, or doesn’t fit the strictures of your database architectures. To gain value from this data, you must choose an alternative way to process it.” Ed Dumbill, O’Reilly
data into a traditional data warehouse no longer represents the extent of capabilities necessary for BI.” “….require new information management capabilities to integrate information from disparate, external and unstructured information sources.” “The simple idea of building a traditional data warehouse to support a BI platform is no longer sufficient.” Source: Business Analytics Require New Information Management Capabilities, Nov, 2011.
How do we use mobile and geo location data to improve content mix for new mobile services? How do we get better visibility into customer interactions with online service in real time? How do we get real-time insights into purchases online and from new devices? How do we drive product innovation with insight into how customers use our products?
| Variability GPS, RFID, Hypervisor, Web Servers, Email, Messaging Clickstreams, Mobile, Telephony, IVR, Databases, Sensors, Telematics, Storage, Servers, Security Devices, Desktops Machine-generated data is one of the fastest growing, most complex and most valuable segments of big data 11
Customer interacts with service online or from any device Real-Time Business Insights from Machine Data Example: Business Visibility From Machine Data 66.57.19.112 ..[05/Dec/2011 07:05:22:152]”GET /card.do?action=addtocart&itemid=EST-17& product_id=K9-BD- 01&JSESSIONID.SD7SLSFF8ADFF8HTTP 1.1” 200 3923 AppleWebKit/535.2 (KHTML.like Gecko) Chrome/15.0.874.121 Safari535.2 Product Action User session User browser information Product_id=K9-BD-01 Product Name=2 TB Portable Drive Manufacturer=iomega Geo location data Correlated with product information from database Location data based on where the customer purchased / interacted with service – What products are popular in what region? – Which product are customers leaving in cart? – What are interaction paths by devices? – How can we improve customer experience? 12
(exabytes) Business transaction data Well understood & analyzed Slow growth Handled by traditional BI Unstructured data Tremendous source of business value Under leveraged by business Cannot be handed by BI Needs a new approach Structured Data Machine Data
CRM Apps ETL Data- warehouse Data Mart Data Mart Data Mart Data Mart Dashboards Key Challenges Requires pre-defined schema – limits flexibility Difficult to handle data diversity in real time Adding new and changing data sources is hard Scaling for large volumes of data is difficult Time consuming with long deployments
JMS, JMX .NET events Code and scripts Networking Configurations syslog SNMP netflow Databases Configurations Audit/query logs Tables Schemas Virtualization & Cloud Hypervisor Guest OS, Apps Cloud Linux/Unix Configuration s syslog File system ps, iostat, top Windows Registry Event logs File system sysinternals Logfiles Configs Messages Traps Alerts Metrics Scripts Tickets Changes Click-stream data Shopping cart data Online transaction data Manufacturing, logistics… CDRs & IPDRs Power consumption RFID data GPS data Splunk Collects and Indexes Any Machine Data 18
Data Outside the Datacenter Applications Web logs Log4J, JMS, JMX .NET events Code and scripts Networking Configurations syslog SNMP netflow Databases Configurations Audit/query logs Tables Schemas Virtualization & Cloud Hypervisor Guest OS, Apps Cloud Linux/Unix Configuration s syslog File system ps, iostat, top Windows Registry Event logs File system sysinternals Logfiles Configs Messages Traps Alerts Metrics Scripts Tickets Changes Click-stream data Shopping cart data Online transaction data Manufacturing, logistics… CDRs & IPDRs Power consumption RFID data GPS data No custom connectors No RDBMS No need for ETL No upfront schema •Any amount, any location, any source.
Custom dashboards Monitor and alert Ad hoc search Real-time Collection and Indexing Developer Platform 20 Splunk storage Other Stores Optimized for real-time, low latency and interactivity
Monitoring Operational Visibility Real-time Business Insights IT & Ops Gain real-time insight from operational data to make better-informed business decisions Business
monitor trading and settlement applications. Improve uptime and reduce MTTR. Monitor and manage online investment application and servers. Network security monitoring and rapid incident response to mitigate security risks. Ensures effective compliance while improving productivity of compliance team. End to end monitoring across trading applications – improving uptime and customer experience. Cross-tier visibility to improve dev ops coordination and accelerate MTTR. Index data across trading applications and FIX order processing to improve customer service.
financial management solutions Serving 1800+ financial institutions and 4 million+ end customers (from 2011) Applications include: – Consumer and business internet banking – Electronic bill payment and presentment – Personal online financial management – Website hosting and development for financial institutions “Fraud team’s goal is to provide fraud analysis on more of a proactive basis.” 26
historical analysis of past 30 / 90 / all time periods identifies new fraud patterns As patterns emerge build real-time alerts when evidence of similar patterns of known fraudsters emerge (SMS, email) Result: – Watching fraudster in real-time—seeing $5M, $7M, $8M wire attempts – Splunk exposed every element of the infrastructure that he touched – Next we could correlate activities based on time to understand his pattern of activity 27
enabled location of attacker Noticed a similar fraud pattern across 15 banks Then we mapped them to see they were within 15 miles of one another Fraud was coming from one data processing vendor who they all shared Big Data enables Intuit to make better decisions using the data they already have
hours Reports came in piecemeal across 5000 emails with different syntax Only sophisticated (aka highly- paid) users could track patterns Splunk provides single pane of glass with full visibility Role-based access provides secure views into data Customer service and banking customer teams can begin queries on their own—no waiting for access/ permission—no highly paid engineer required Identify fraudulent activity in seconds Went from reactive response to real-time monitoring Splunk Speeds Analysis and Action 29
processes thousands of transactions across 25+ applications Indexes data across all applications and tiers including mission critical middle-tier trade service Splunk provides in-depth visibility across tiers: – Improves system uptime with timely alerts – Understand user trends and improve user experience – Accelerates trade processing times – Troubleshoot difficult issues within seconds Leading European Financial Services Firm “Today, we run threshold-based alerts to address issues before they cause downtime” - Team Lead for Trading Infrastructure
gain insight across financial industry exchange (FIX) logs to address customer requests Indexes data across trading applications – includes FIX logs, syslog from hosts and applications Splunk provides in-depth visibility across tiers: – Automated transaction record monitoring – Significantly reduced customer request response times – Reduced broker response times – Increased productivity of existing resources Improves Customer Service and Streamlines Operations “Splunk helps us improve customer service. We are closing queries as fast as we open them” - Matt Easley, Customer Support Manager
35 Indexes millions of events/day. Machine data across: – Custom & 3rd party software, servers – Java code, databases, Operating systems Splunk provides insights to improve service: – Decreased downtime through proactive monitoring – Reduced MTTR with faster troubleshooting – Better coordination across Development & Operations – Improved team efficiency and better resource utilization Financial Service Firm Improves Service and Customer Satisfaction “We paid for Splunk in the first month…..now, we are actually proactively solving problems”
exceeds 20 MM transactions per day – settlement process is critical Indexes data across all applications and engines Splunk provides insights to improve performance: – Alerting supports pro-active customer engagement – Engine dashboards highlight KPI to monitor performance – Developers see impact of changes in real-time – Rapidly perform forensic investigations to troubleshoot Leading Global Equities and Commodities Exchange “Tried months and several homegrown solutions to surface real time insight – with Splunk it was working in 1 week”
cloud computing offering has Splunk integrated from the ground up. It is the go-to solution for every type of question – it helps in decision making at every level right from dev/test/ops to account management, product management and pricing. “ ” Vincent Bumgarner Principal Systems Engineer Running Compute Instances Avg CPU Utilization CPU Percentile Splunk integrated into Risk Metrics’ high performance cloud computing effort from the ground up Used throughout the organization for delivering deep insights to vendor pricing, CFO, account management and sales, in addition to dev/test and support
Half the Fortune 100 Cloud and Online Services Cloud and Online Services Education Cloud and Online Services Energy and Utilities Cloud and Online Services Financial Services & Insurance Cloud and Online Services Government Cloud and Online Services Manufacturing Cloud and Online Services Media & Entertainment Cloud and Online Services Cloud and Online Services Healthcare Travel and Leisure Cloud and Online Services Retail Cloud and Online Services Telecommunications Cloud and Online Services Technology Cloud and Online Services
tswgproducts
chriscoyier
sugarenia
colly
samanthasiow
philhawksworth
keavy
eitanlees
panda_program
moore
andyhume
phodgson
trishagee
![Copyright © 2012 Splunk, Inc. Dan Miller, Splunk ([email protected]) Splunk](https://files.speakerdeck.com/presentations/e6cf3d506ecf0130c56622000a9f1084/slide_0.jpg){kind=link}
![Thank You [email protected]](https://files.speakerdeck.com/presentations/e6cf3d506ecf0130c56622000a9f1084/slide_46.jpg){kind=link}