Why Real-time search for IT data?
Today we are releasing version 4.1 of our search engine and it comes with one of the coolest features in our short history. As of v4.1, any search or report can be run in real-time – that means real-time updating charts and dashboards or “tail –f” across hundreds or thousands of sources. Any search or report you can type into Splunk can be run as a real-time search, and once you try it you will see why search is never going to be the same.
Interestingly, it’s consumer search that is pushing search into real-time. Twitter and other short message services, location bases services, to name a few are forcing search to operate in “real-time” or very close to it.…
I love working at splunk, reason #231
Yes, that is a meat slicer below.
It came in the mail yesterday and that is Matt breaking in our new toy.
And yes, we used it today, with lots of bbq’d tri-tip.
I love working at Splunk – meat slicer, matt, and all.
“Serendipity is looking in a haystack for a needle and discovering a farmer’s daughter” – Julius Comroe
I just read the quote in a presentation from Matt Jones of BERG at the DXf conference. There is so much i love about this presentation i don’t know where to start. Just click through it ( embedded below ) and have your own reaction. It’s clearly designed to be a fun/light read. I think I clicked at about one slide per few seconds. Then went back and stopped on a few that really spoke to me. It was entertainment that made me think which then made me smile.
At its heart, splunk is a time machine. It allows someone to go…
Add a Server or Two!
Every week i run into someone that is having performance issues and they are not aware you can just add another server or two or ten. I’ll travel to meet a company and I’ll ask how many servers they are using for Splunk to search/index/report on a terabyte a day. They will say a couple. I’ll then ask how many they have for a similar sized hadoop or data warehouse project. They will say 50 to 100X that number. Look if your going to give these systems 300+ servers, can we please get 15?
Somehow there is a breakdown in our communication that we scale like all other good architectures.
The following are hopefully some easy pictures to help tell…
Exponential is the entrepreneurs linear
I was in a meeting last thursday where some “important-people” ( not sure if they want to be named ) dropped the D word ( “disruptive” ) several times. They were presenting a slide that proved-out an age-old (1994?) adage that the key to success is ( can be ) a disruptive business model. It’s one thing for professor Christensen to talk about it, and another when its bankers have a slide for it. Personally I need to be reminded of its importance every day, since being disruptive was one of the most important guiding principals when founding Splunk. As we grow, and become more established, i hope we continue to be a disruptive leader – it certainally faces…
Collision of big data analytics and splunk
How people use Splunk is often a surprise to us – at least they are going beyond our original intent. Initially we thought of splunk as a search engine for log files, Google for your logs if you will, to help IT folks troubleshoot their complex systems. Quickly we found that users started Splunking config files, network packets, source code, email, etc. Over the years our customers have been dragging us into all sorts of new uses-cases like global windmill power plant data analysis, protein structure prediction, or just something simple like analyzing user behavior on a website.
The Puppet Master Cometh
Last week Luke Kaines, The Master of Puppet, held a very well attended Puppet Camp here in SF. He drew a fantastic attendance from top notch companies – I was most impressed with the technical quality of the presentations and breakout sessions ( quality food too! ). These types of events can often be mundane or boring – this was not. Kudos to Luke for building a quality community.
I had the pleasure of meeting Luke some three years ago back at a BayLISA event where I saw him win over a tough audience with an early incarnation of Puppet. Its been fun watching him over the years deliver on that early promise and for continuing…
(coming soon) The return of Splunk Free, as in Free Beer
Back several months, before the launch of 4.0, we were confronting at all the work ahead. As always, we had to make hard decisions about what is in and what is out. In 4.0 we had re-implemented much of the UI and a good chunks of the backend. With over 1000 paying customers and looking at a potentially challenging upgrade process and a huge testing task we needed to reduce risk to the schedule and product quality. It was a hard decision but we reduced the GA risk by pulling out the Free product until we GA’d and fixed most of the critical bugs. Our guess was that it would take 45-90 beyond the GA to get few maintenance releases out before we could test the free product.
Search engine for virtual sprawl – vmware app for splunk
I’ve wanted to release this a few months ago but the project keeps getting stuck on the back-burner. Finally I’ve cleaned it up and had a few people try it and it seems to work well. I’m sure there are configurations and versions out there that will have issues – please write me back ( my first name at splunk.com ) if it does not work as advertised.
My favorite “customer” and Splunk as multi-tenant platform
Everyone has their favorite customer.
I have one too and he is the CTO of a very cool IVR/VoIP platform. His name is RJ Auburn
Around here is synonomys with filing 34 bugs between sunday 9PM when we push bits to the site and 9AM when we get in to the office. I dont mean the usual the UI-is-off-by-10-pixels but complex indexing or distributed search bugs. Well, sometimes is its a trivial thing we missed, but usually he is usually pushing splunk to its limits. Its not often that a CTO and “industry expert” is the one to personally put splunk through its paces –…