SplunkLive Experience

sl_orlandoAs a CIO in a high tech company, its always great to get the chance to either speak on behalf of the company or hear from customers who are excited about your products. Last week I had both experiences at SplunkLive Orlando. Best was to hear three customers Satcom Direct, Century Link, and PSCU.  Between these, we had a database architect, security architect and VP Technology & Development all share how much of a difference Splunk had made in solving problems they could not have addressed in the past.

Favorite quotes: David from PSCU noted that for security use cases they were able to laser focus on what interested them and eliminate background noise.  Khalid from Century Link noted …

» Continue reading

Introducing: The Splunk App for Okta

I alluded to this last week in my post about Okta-ing Splunk–we’re now Splunking Okta! Today, the Splunk App for Okta went live on Splunk Apps and we’ve already gained value from looking at how our Splunkers are logging into apps.…

» Continue reading

Splunk SSO using SAML through Okta

Protip: reading to the end will yield a sneak peek of a new, upcoming Splunk app!

The Background

Almost 10 months ago, Splunk chose Okta as its federated identity management and single sign-on (SSO) vendor. There were several benefits from this project including multifactor authentication (MFA) for our business applications and VPN, user experience enhancements by not requiring Splunkers to remember multiple passwords, and instant deprovisioning once an Active Directory account was terminated.

As part of our ongoing efforts to make Splunk’s instance of Splunk (affectionately dubbed “Splunk(x)”) more valuable to the business, we made the decision to provision multiple, purpose-built search heads. We have a search head that serves as a primary point-of-entry, a search head for our Enterprise

» Continue reading

BoxWorks and Cloud Security

Will be at BoxWorks next week speaking during the afternoon keynote about Splunk’s use of Box as our document management platform. Part of the discussion will focus on what we are doing in terms of securing our cloud assets, and it will be no surprise that we use Splunk to track access, failed login attempts, and other metrics to monitor use of our information.  This will be enhanced in the coming weeks as we complete a Splunk App for Box which will set up the real time feed from the Box platform into our internal environment.  A sample of the type of dashboards we can produce is shown herein (top logins into Box over the last 30 days) but some …

» Continue reading

Improving the Splunk(x) Monitors

The time has finally come for us to bring Splunk(x) to the far reaches of the galaxyworld. I got a call from our Fed team requesting Splunk(x) monitors in our Bethesda, MD office so they could show off how we use Splunk to our public sector opportunities and customers. Always eager to go take awesome photographstravel for work, I happily obliged and you can see the results after the break.…

» Continue reading

Splunk(x) at .conf

I was thrilled to be a part of this year’s worldwide user’s conference showcasing what we’ve done with Splunk(x) and hinting about where we’re going with it. I had the privilege of presenting a session and a Splunkbase lab on how we use Splunk within Splunk. We showcased several of the dashboards I presented in my last blog post on Splunking the Enterprise (which was far too long ago) and highlighted how we’re using SalesForce.com data mashed against our machine data.…

» Continue reading

Splunk(x): Enterprise Operational Intelligence

It’s been a while since our last update on Splunk(x)! We’ve been busy working out the architecture to get to a point where we can implement NOC-like dashboards above our IT/ops space in our San Francisco office. We had a continual crowd around the Splunk(x) monitors for the first week in operation! They’re one of the first things people see when entering the office and are a great conversation piece. More importantly, the team sitting beneath them has only to look up to see a complete status snapshot of business application, infrastructure, website, and even Splunk(x) itself!

Splunk(x) Dashboards

Of course, really important bits are still fired off in real-time through Splunk alerting and herein lies much of the value of Splunk(x). …

» Continue reading

Forecasting Cloud Analytics

Looking forward to being on a panel at the upcoming Cloud Analytics Conference on April 25 to represent Splunk and opportunity of mining big data for the enterprise.  Will be contrasting Business Intelligence with Operational Intelligence.

During my career I’ve been around for the dramatic growth of the market for BI tools and now BI services.  In the beginning of the BI era, large capital projects were necessary to deliver needed functionality, as the industry for BI was still reaching maturity, and it would be some time before these processes were made more streamlined, and the data democratized. At this point, in the new millennium, the majority of CIO’s I know embrace BI solutions that are pre-integrated to their …

» Continue reading

Monitoring Website Availability with Pinger in Splunk(x)

One of the more recent use cases for which we’ve begun using Splunk(x) is website availability monitoring. It’s not enough to know that our web server is up—we want to know that it’s able to properly serve requests within tolerances of response time, bytes received, and HTTP status code expected.…

» Continue reading

Semantics and Machine Data

One of the first and most beloved series of dashboards used at Splunk internally were created by R&D and product management teams, deriving a number of statistics from the downloads of Splunk software from our website.  The apache log provided the primary raw information for these dashboards, which were enriched and used to show download activity globally, by version, platform, and by country, and geo.  These have been the business analytics used to gain insight into the distribution of our products around the world.

Since taking on the new roll out of Splunk internally, the IT team has been working to set up a series of charts that focus more on operational metrics – the up time of the service, …

» Continue reading