splunksummit 2015 - it service intelligence
TRANSCRIPT
Copyright © 2015 Splunk Inc.
IT Service IntelligenceSplunkSummit Canberra 2015
Andrew GoodallSenior Sales Engineer, Federal [email protected]
What We Hear From Our Customers!
2
“My CIO is demanding we look at IT from a business service perspective.”
“Splunk is great for break-‐fix, but I need to show we’re meeting SLAs.”
“I need everyone to be able to see the same thing at the same time.”
“I just want to throw data at Splunk and have it find problems for me.”
“Show me what my data can do for me!”
Why Another Splunk Solution?
3
Data-‐centric approach is needed
Service context maximises Splunk value
Integrated solution accelerates customer successes
Data-‐driven service insights for root-‐cause isolation and improved service operations
INTRODUCING
Splunk IT Service Intelligence Deploy flexible and scalable solution in days, not months
5
Any IT data (metrics and events) from anywhere
Quick to install, immediate value and on-‐the-‐fly customisation
Flexible deployment options (on-‐premises, Cloud and hybrid)
Scale and robustness of the Splunk platform
Splunk IT Service Intelligence Transform IT monitoring with data-‐driven analytics
6
Dynamically adapting KPIs for dynamic thresholds
Machine learning to baseline normal operations
Detection of anomalous behavior to drive meaningful actions
Correlation searches to create meaningful “alerts” off KPIs
Splunk IT Service Intelligence Redefine the role of IT (as a strategic business partner) with service awareness
7
Data-‐driven insights – ask any question, any time
Flexible and powerful framework to map data into services
Easy definition of KPIs to easily measure what matters most
Drill downs for in-‐depth investigation and resolution
What is a Service?
Service RequestsResponses
In Splunk ITSI, a Service is a logical group of technology components that a user deems need to be monitored together.It can often be generalized as a “black box” which we send requests and expect responses
What is a Service?
DNS RequestsResponses
Technical Services
Auth RequestsResponses
Web RequestsResponses
Services can be technology-‐centric…
What is a Service?
DNS RequestsResponses
Technical Services
Customer Transactions
RequestsResponses
Business Services
Auth RequestsResponses
Web RequestsResponses
Support Desk RequestsResponses
… and business-‐centric
What is a Service?
Packet Network
Hypervisor and Hosts
RBMDBs
Storage Tier
API Services
Web Services
Customer Transactions
Mobile
API/Middlew
are
Partner Portal
DNS
Services can encompass multiple tiers of the IT domain and may also depend upon other services/micro-‐services
What is a KPI?
DNS RequestsResponses
KPI: Number of requestsKPI: Error rateKPI: Average response timeKPI: Servicer CPU loadKPI: Server network I/F errors
Customer Transactions
RequestsResponses
KPI: Number of transactionsKPI: Error rateKPI: Average response timeKPI: Count of Incident TicketsKPI: Synthetic Transx Health
KPIs and Health scores constitute the means by which Services are monitored.
Key Performance Indicators (KPIs)
13
KPI: A Splunk saved search defined in Splunk ITSI that helps monitor a specific field like CPU, Memory and so on. KPIs are contained within Services.
Service Health Scores
14
A Health score is a score from 0-‐100 that helps determine the health of a Service. It is calculated based on all KPIs importance and its status once every minute.
Demo
Achieve Service Visibility FasterService AnalyzerHigh-‐level view of services and composite health scores
Glass TablesPersonalized visualisations of your services
Deep DivesOrganized view of performance indicators across silos
Multi KPI AlertsCorrelation rules to generate notable events
Notable EventsEasy-‐to-‐understand report on results of correlation searches
Anomaly Detection and Adaptive Thresholds Machine learning to baseline normal operations and identify anomalous behavior
16
Splunk IT Service Intelligence
17
What Makes Splunk ITSI Different!
18
Search-‐Based KPIs• Easy to write, manage and change both services and KPIs
• Reflects business and technology priorities
• Benefit: Rapidly generate and change KPIs to align service health with business
• Fiserv – 1000s in just weeks
Full Fidelity Service Health
• Adaptable and flexible definitions of service health
• One solution to go seamlessly from service reports to root cause, including raw data
• Remains adaptable and yet still maintains complete historical context
Universal Data Platform
• Data driven: All IT data including events, metrics and logs
• Schema on-‐the-‐Fly • Ask any question of the data
• Fast time to value
• Data fidelity
Case Studies
20
Unified insights: data integrations from other tools
11,000 to 100s
Reduced incident tickets
Alerting on service KPI’s instead of
server performance
Usage baselines to identify anomalies
Splunk IT Service Intelligence at
21
Server-‐based to Services-‐based monitoring
Top-‐down and deep-‐dive service insights
200+ services and 1500+ KPIs monitored
Flexible creation and modification of services and KPIs
Alerting on service KPIs instead of
server performance
Real-‐time, holisticand proactive “client” view
Splunk IT Service Intelligence at
Splunk IT Service Intelligence at
22
Replaced home-‐grown tools
Real-‐time service insights to LOBs
Reduced time to resolution
Splunk IT Service IntelligenceData-‐driven service monitoring and analytics
23
SPLUNK IT SERVICE INTELLIGENCE
Time-‐Series Index
Platform for Machine Data
Dynamic Service Models
Schema-‐on-‐Read Data Model Common Information Model
At-‐a-‐Glance Problem Analysis
Early Warning on Deviations
Simplified Incident Workflows
Thank You
Feature Drilldown
Correlate KPIs from multiple services
Generates notable events to detect emerging problems and streamline incident investigations
Accelerates seamless workflow integrations for incident resolution
26
Early Warning on Deviation
27
Customisable Visualisations of Services (Glass Table)
28
Easy Access to Actionable Information (Deep Dive)
Simplify problem resolution by unifying data across your IT silos
In-‐context drill down for troubleshooting
Gain a single view of your service stack
Proactively address emerging operational issues and prevent service degradations in real time
Augment Conventional Monitoring
Splunk IT Service Intelligence
APM NPM Operations & Infra Mgmt. Domain Tools
Deliver Insights Based on Integrated Data, Not Integrated Products
30
Splunk IT Service Intelligence
Get Data Define services, entities and KPIs
Monitor and troubleshoot
Analyse and detect
Data-‐Defined, Data-‐Driven Service Insights
How Do You Get It?
31
ONLINE SANDBOX TRIAL
15 days of access to a free, personal environment in the Cloud, with pre-‐
populated data
Engage in a proof-‐of-‐concept to index your data and experience the
power of Splunk ITSI