Making the case for SPLUNK in leading the bigdata revolution
Splunk makes it easy to unearth valuable insights buried deep inside massive piles of data collected from a variety of sources by capturing, indexing, and correlating real-time data in a searchable repository from which users can generate graphs, reports, alerts, dashboards, and visualizations.
Splunk users can collect and index any machine data from virtually any source without the requirement to understand the data upfront, which empowers every user — from IT to the business — to analyze data however it suits them best.
For example, Zillow, a popular online real estate database company, selected Splunk to provide it with operational intelligence and to help it understand what’s happening across its brands. Before Splunk, Zillow was relying on an assortment of open source tools to meet its complex requirements, but that approach turned out to be unscalable and unacceptably expensive.
“There was not a standard format for log files and no incentive to keep things standard. It was extremely challenging to access this information because the data was tightly controlled. If production had a question about a site or service, it took time to find the person who could access the logs, and additional time to query the data. The systems were so disjointed and unreliable that we didn’t know whether we would get the queries working properly, said Seth Thomas, Director of Site Operations at Zillow.
By standardizing its log and other data infrastructure management, Zillow was able to look at the data it generates more efficiently, without any of the major operational headaches associated with using a patchwork of open source tools.
“More and more companies are realizing that standardizing on Splunk software as a platform allows them to turn vast amounts of machine data across IT into actionable business insights,” said Rick Fitz, Senior Vice President of IT Markets at Splunk.” These insights help Splunk customers experience continuous business success and expansion.”
Splunk Enterprise
Zillow initially deployed Splunk Enterprise, which is a real-time IT monitoring and intelligence software product that provides high-level insights into service metrics and quality, something Zillow is deeply passionate about.
Splunk Enterprise supports a variety of standard and custom input methods, which allows it to accept virtually any machine data, including file-based data, DevOps data, IoT data, and data from other disparate sources. Splunk Enterprise can then turn the ingested data into valuable insights thanks to its extensive product capabilities.
Users can continuously monitor events, conditions, and critical KPIs with the help of real-time dashboards and visualizations. Real-time critical events can trigger alerts and kick off subsequent actions based on a variety of conditions.
Splunk Enterprise can generate comprehensive reports in real-time or schedule them to be generated at a certain time or interval. The reports can be shared in secure file formats that make it impossible to edit them, so they can be safely distributed among all stakeholders.
Because Splunk Enterprise features a number of enterprise integrations, it’s possible to embed Splunk reports and data in just about any commonly used enterprise application or use ODBC integrations to access Splunk data in applications such as Microsoft Excel or Tableau. Splunk Enterprise also supports SAML authentication via most popular identity providers, and it comes pre-configured for Okta, PingFederate, Azure AD, CA SiteMinder, OneLogin, Optimal IdM, and other providers.
Splunk Cloud
In 2016, Zillow announced that it would use Splunk Cloud across additional Zillow Group-owned brands. Splunk Cloud is another key part of the Splunk platform, allowing companies to tap into the value of their machine data in a very short time without putting a strain on their resources. Other companies that use Splunk Cloud to gain visibility across the entire organization include CloudShare, FINRA, Aurizon, Backupify, and many others.
In a nutshell, the purpose of Splunk Cloud is to deliver the same features offered by Splunk Enterprise but with the convenience of a managed cloud service. Splunk Cloud can go live in just two days, reducing downtime to a minimum. Because Splunk Cloud uses the Software as a Service (SaaS) distribution model, in which a third-party provider hosts applications and makes them available to customers over the internet, companies that decide to deploy it don’t have to waste resources to meet certain infrastructure requirements and can focus solely on their core business.
Apart from those we’ve already mentioned, one such company is BrightEdge, a mid-size SEO and content performance marketing platform that enables marketers to increase revenue from organic search. “As a cloud-first company without a large IT department, we use pretty much all of the best-of-breed SaaS products, from NetSuite as a financial system to BambooHR for human resources,” said Jae An, Head of Information Security at BrightEdge.
The company deployed Splunk Cloud to gain insight into the adoption, usage, and security of its customer relationship management platform, Salesforce. BrightEdge was able to set up Splunk Cloud within a day, and the investment paid off very quickly.
“We recently had one of our employees compromise her access. She didn’t know that she had an issue until an (unnamed) organization tried to use her credentials to access our Salesforce application. Splunk Cloud detected that immediately, and we were able to respond quickly so we didn’t lose any data,” said An. “A resource like Splunk Cloud helps me do my job and enables our organization to be compliant. Without it, I could not be responsible or accountable for security within BrightEdge.”
Splunk Light
While Splunk Cloud is a perfect solution for most small and mid-sized companies, not all IT teams have a use for all of its features. Many small IT teams want a light yet comprehensive log search and analysis solution that’s free to download, easy to set up, and can effortlessly automate log search and analysis. For such teams, Splunk Light is the best way how to realize the untapped value of their machine data.
A good example of a small company that relies on Splunk Light to monitor its mission-critical applications is WGT Media (WGT), an innovative sports gaming and media company that develops realistic and engaging online golf and baseball games for over 20 million players worldwide across online, social, and mobile platforms.
“We’ve been aware of and amazed by all the capabilities of the full Splunk platform since our inception. However, as an emerging company, we are conscious of our resources, so when Splunk Light came along, it seemed like the best solution to meet our log viewing, analysis, and budgetary needs,” said Homan Lee, Director of Information Systems and Technology at WGT. “Splunk Light gives us confidence in our systems and the knowledge that we can quickly address any issue that arises. We are now able to isolate the specific logs that we need to monitor in order to identify particular errors.”
Thanks to Splunk Light, WGT was able to proactively review and analyze the full breadth of its data and enjoy a high level of visibility into application performance. Because Splunk Light helped WGT offload a lot of administrative concerns, the company could stop manually reviewing its logs and employ a more proactive approach, characterized by automated monitoring and alerting.
“At the end of the day, it’s all about the user experience and how best we can support that. Being able to offload certain things onto Splunk Light saves us significant time. We can use it to easily detect anomalies or problems with the site. It has become a key technical resource at WGT,” concluded Lee.
Considering how much Splunk Light helped WGT grow, it’s very likely that the company will eventually outgrow it. When that happens, WGT can seamlessly upgrade to Splunk Enterprise without losing any of its data, customizations, searches, or dashboards because Splunk Light can seamlessly scale to meet all needs.