A Vertu-ous circle – a DevOps case study of smartphones, machine data and Splunk

VertuThere’s a lot of talk about DevOps at the moment. Splunk’s part in this story is to help make the most of the machine data across the DevOps ecosystem. We’re helping customers to use data to ensure quality of software, increase velocity of releases and maximize the impact they have. We’re delighted to publish the latest Splunk customer story from Vertu, a luxury mobile phone manufacturer in the UK, which is using Splunk to support quality, velocity and impact across their software development lifecycle.

Vertu (originally part of Nokia but now independent) phones are a thing of beauty. An individual craftsperson hand makes each phone from sapphire crystal, hand stitched leather (from one of the UK’s oldest tanneries) and …

» Continue reading

SplunkLive! London – A Full House. Analytics, IT Operations And Security.

pokerfullhouse2Last week I was lucky enough to be in London for our annual SplunkLive! where we had a full house in terms of standing room only and Splunk customer speakers covering each of our main use cases:

  • NHS Digital (formerly HSCIC) talking about IT operations and application delivery
  • John Lewis talking about cybersecurity and compliance in retail
  • Shazam talking about real-time analytics, music and sensor data
  • BBC Worldwide talking about their use of cloud for visibility into new digital service BBC Store


We had over 800 people at the event with a wide mix of expert Splunk ninjas through to first time attendees and complete newbies. A special think you to the largest partner ecosystem we’ve had a SplunkLive! …

» Continue reading

Smart AnSwerS #63

Hey there community and welcome to the 63rd installment of Smart AnSwerS.

With Splunk HQ officially more than two times larger, and Splunkers now spread out across more square footage, things have gotten eerily quiet around here as everyone is adjusting to their surroundings, getting to know new neighbors, and figuring out where all the new conference rooms are. Slowly, but surely, we’re getting comfortable in our new home, and once we’re completely settled in, we’ll find ourselves back into the groove of things with a nice balance of work and play :)

Check out this week’s featured Splunk Answers posts:

How to call a Python script from an HTML view?

dsollen had an HTML dashboard and wanted to …

» Continue reading

Box Plots: Making Custom Visualizations

This is the first of a two part series on implementing Box Plots in Splunk for security use cases.

Analyzing complex data is difficult, which is why people use Splunk. Sometimes patterns in data are not obvious, so it takes various ways of looking at aggregate reports and multiple charts to ascertain the important information buried in the data. A common tool in a data analyst’s arsenal is a box plot. A box plot, also called a box and whisker plot, is a visual method to quickly ascertain the variability and skew of data, as well as the median. For more about using and reading box plots, read the excellent and succinct post by Nathan Yau of the Flowing Data …

» Continue reading

Splunking Continuous REST Data

One of the ways vendors expose machine data is via REST. There are a couple of ways to get REST data into Splunk today:

  1. Use Damien Dallimore’s REST API Modular Input – you can provide a custom response handler for this input to persist state.
  2. Use the new Splunk Add-on Builder – this method will do a “one shot” of the REST endpoint – meaning, every time the input runs, it will get all the data every time.

In this post, I will show you how to implement a cursor mechanism (i.e. pick up where you left off last time) for REST endpoints that continually have new data over time using the checkpoint mechanism built into modular inputs.

The Data Source

For …

» Continue reading

My Journey with DevOps at Splunk

Ten months ago, I took the journey from being an Openstack/ Tooling Engineer and entered the world of Sales Engineering at Splunk.  I wanted to continue to maintain my development skills and help customers understand the importance to their business of their automation and deployment activities. I have focused on helping customers see the value in moving to a full DevOps methodology, but find that a lot of my customers are still struggling with getting the basics concepts of DevOps fundamentals. With how much technology has changed it surprises me that basic fundamentals of development and release management are not being followed or understood; nor are people willing to adapt to a streamlined process. But that hasn’t stopped me from …

» Continue reading

Humanizing Security Data Visualization

Visualizing and displaying complex data is hard. Understanding complex data is harder. Rapidly making operational decisions based upon complex data is extremely hard.

Historically, operational security analysts rely on alerts, tables, and charts on dashboards or in email to pull potentially useful information out of the vast sea of data dumping into their analytic systems. This has always been problematic due to the combination of false positives and understanding the context of data filtered through the human brain. Most of the standard methodologies for displaying complex information make it harder, not easier, for humans to understand the information they seek in a timely and operationally useful manner.

Everyone has seen dashboards with a wall of text in tables interspersed with …

» Continue reading

Zillow Finds Its Way Home With Splunk

ZillowGroup-square-e1435791828509With prices on the rise and more younger people than ever moving back home, jumping into the real estate market might seem like a daunting proposition. I’m speaking from first-hand experience here because my daughter has recently moved back in with me as she saves up to purchase her first home. She’s having to navigate the complex issues we’ve all had to deal with at some point, such as finding an agent, figuring out the true value of a home, calculating a mortgage payment or connecting with a lender. That’s where Zillow comes in. Zillow Group is the leading online real estate marketplace dedicated to empowering consumers with data-driven insights across the full lifecycle of owning and living in a …

» Continue reading

PostFinance banks on Splunk to improve fraud detection

When I’m thinking about Switzerland, I often think of the Swiss Alps, great chocolate and the famous Swiss army knife. The flexibility of the Swiss army knife reminds me how Swiss bank PostFinance is using the Splunk platform in multiple ways.

We say that Splunk is a SIEM and can fulfill all SIEM use cases but also Splunk is so much more – and PostFinance has proved it once again.


Splunk as a Fraud Platform

PostFinance is using Splunk for compliance and regulation, but beyond those traditional SIEM use cases they also use Splunk as fraud platform, using the insights to protect their customers’ bank accounts and digital payments. In their online banking portal alone they have over 1.6 million customers they have to …

» Continue reading

What size should my Splunk license be?

This is a pretty common question in Splunkland. Maybe you’re an admin wondering how much license you’ll need to handle this new data source you have in mind for a great new use case. Or you’re a Splunker trying to answer this question for a customer. Or a partner doing the same. Given how often this comes up, I thought I’d put together an overview of all the ways you can approximate how big a license you need, based on a set of data sources. This post brings together the accumulated wisdom of many of my fellow sales engineers, so before I begin, I’d like to thank them all for the insights and code they shared so willingly. Thank you

» Continue reading