Copyright © 2015 Splunk Inc.

Getting Started

2

Why Splunk?“Splunk takes machine data and makes it relevant for non-technical business users. ..Splunk provide[s] both the up-to-the-minute and long-term trending data business users need to make the decisions that impact revenue.”

“It's become a collaborative tool where everybody can gather around the same data and see the same big picture.” “I'm sometimes so amazed by what we can do with Splunk, I wonder if there's magic in there.”

Splunk selected by Symantec to help security intelligence operations.Symantec centralizes, monitors and analyzes security-related data in Splunk Enterprise to help investigate incidents and detect advanced threats. Symantec also uses Splunk software to ensure comprehensive compliance with Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI DSS). www.datacenterknowledge.com

3

Splunk Company Overview

3

Company

• Global HQs:

San Francisco

London

Hong Kong

• 1,500 employees globally

• Annual Revenue for FY14: $450M (YoY +50%)

• NASDAQ: SPLK

Products

• Free trial to massive scale

• Splunk products: Splunk Enterprise

Splunk Cloud

Hunk

Splunk MINT

Premium Apps VMWARE

MS Exchange

PCI Comp and ES App

Customers

• 9,000+ customers

• Across 100+ countries

• Small to large organizations

• 80+ of the Fortune 100

• Largest license:

400+ Terabytes/day

4

Our Plan of Action

4

1.Big Data - setting the stage.

2.How does Splunk fit in the landscape?

3.What differentiates Splunk?

4.Components that make up Splunk?

5.Demo - How it works?

5

The Accelerating Pace of Data

Volume | Velocity | Variety | VariabilityGPS,

RFID,Hypervisor,

Web Servers,Email, Messaging,

Clickstreams, Mobile, Telephony, IVR, Databases,

Sensors, Telematics, Storage,Servers, Security Devices, Desktops

Machine data is the fastest growing, most complex, most valuable area of big data

5

6 6

Making machine data accessible,usable and valuable to everyone.

6

7

Big Data Landscape

Key/Value, Columnar or Other (semi-structured)

CassandraCouchDBMongoDB

NoSQL

7

Relational Database(highly structured)

SQL &MapReduce

RDBMS

Oracle,MySQL,

IBM DB2,Teradata

Teradata Aster DataSQL on Hadoop

Distributed File System(semi-structured)

Hadoop

HDFS Storage + MapReduce

Temporal, UnstructuredHeterogeneous

Real-Time Indexing

MapReduce

8

Big Data Landscape

Key/Value, Columnar or Other (semi-structured)

CassandraCouchDBMongoDB

NoSQL

8

Relational Database(highly structured)

SQL &MapReduce

RDBMS

Oracle,MySQL,

IBM DB2,Teradata

Teradata Aster DataSQL on Hadoop

Distributed File System(semi-structured)

Hadoop

HDFS Storage + MapReduce

Temporal, UnstructuredHeterogeneous

Real-Time Indexing

MapReduce

9

perf

shellAPI

Mounted File Systems\\hostname\mount

syslogTCP/UDP

Event Logs Performance

Active Directory

syslog hostsand network devices

Unix, Linux and Windows hosts

Local File MonitoringSplunk Forwarder

virtualhost

Windows

Scripted or Modular Inputsshell scripts

API subscriptions

Mainframes*nix

Wire DataSplunk App for Stream

Efficient Time Based Indexing

Splunk Differentiators

10

Splunk Differentiators

10

• Role Based Access Control• Define roles and assign users to them.• Integrate with LDAP or SSO.

• Multi-Tennant• Allows multiple users across the organization to securely leverage same

instance with multiple data types.• Align data access to policies in the organization

• Secure Data Transmission• Universal Forwarders provides easy, reliable, secure data collection

from remote sources.• SSL security, data compression, configurable throttling and buffering.

11

Splunk Components

11

Data Collection Layer - Universal Forwarders, syslog, API, TCP, Scripts, Wire, etc.

Data Indexing Layer – Indexer(s).

Data Presentation Layer– Search Head(s)

Universal Forwarder

13

1.

2.

3.

4.

How to Get Started

Download

Install

Forward Data

Search

Dat

abas

es

Net

wo

rks

Serv

ers

Vir

tual

M

ach

inesSmart

phones and

Devices

Cu

sto

mA

pp

licat

ion

s

Secu

rity

Web

Serv

er

Sen

sors

Four steps:

14

Demo – How it Works

14

1. Installing and Starting Splunk2. Ingesting Data3. Search Basics

• Search Bar• Time Picker• Extracted Fields

4. Alerting5. Statistics and Reporting6. Dynamic Field Extraction7. Command Language8. Splunk Applications

15

Demo

15

16

Education Resources

16

Splunk Education• www.splunk.com/education

Using Splunk, Searching and Reporting, Developing Apps, Administering Splunk, and more!

Books• Implementing Splunk: Big Data Essentials for Operational Intelligence• Splunk Essentials• Exploring Splunk• Splunk Operational Intelligence Cookbook

17

Supplemental Information

17

Download• www.splunk.com/download

Search Tutorial:• docs.splunk.com/Documentation/Splunk/latest/SearchTutorial

Tutorial Data:• docs.splunk.com/images/Tutorial/tutorialdata.zip

18

Things to Remember

18

1. Splunk is Free – Download and get started today2. Quick Time to Value3. Data Gold Mines – what informational fortune awaits?!4. Leverage the Splunk Community

• apps.splunk.com• answers.splunk.com• blogs.splunk.com

5. Happy Splunking

1919

The 6th Annual Splunk Worldwide Users’ Conference

• September 21-24, 2015

• The MGM Grand Hotel, Las Vegas

• 4000 IT & Business Professionals

• 2 Keynote Sessions

• 3 days of technical content– 165+ sessions

• 3 days of Splunk University– Sept 19-21, 2015– Get Splunk Certified for FREE! – Get CPE credits for CISSP, CAP, SSCP, etc.– Save thousands on Splunk education!

• 80 Customer Speakers

• 80 Splunk Speakers

• 35+ Apps in Splunk Apps Showcase

• 65 Technology Partners

• Ask The Experts and Security Experts, Birds of a Feather, Chalk Talks and a new & improved Partner Pavilion!

• Register at conf.splunk.com

Thank You