Can Big Data Predict and Prevent Your Next Outage or Breach? Discover the answer at Splunk Booth, CIsco Live San Francisco!

Can you guess what Internet of Things, big data, SDN, virtualization, Cisco Application Centric Infrastructure and FlexPod have in common? No, it’s not that they’re all the latest industry buzzwords. Find the solution at our Splunk booth (#2011) at Cisco Live World of Solutions in San Francisco from May 19th through the 22nd. That’s four days, packed with brand new sessions and demos. Check out our theater sessions schedule here.

Yes, we are also known for our cool Splunk t-shirts. Come by and grab one, but also have fun learning all the new ways of getting Operational Intelligence from your machine data. Not to mention a chance to travel home peacefully with a new pair of Bose headphones. Or …

» Continue reading

Splunk Enterprise 6.1: Embedded Reports

Splunk 6.1 is here and I’m loving it.

For those who haven’t read thru the release notes yet and jumped on the “Embedded reports” feature, I wanted to walk you through it and show you just how easy it is.  Go to splunk.com and download Splunk 6.1.  While you’re there, go over to the Apps community and get this bad boy–Splunk Enterprise 6.1 Overview.

Once you fire it up, your Splunk home screen should look like this.

 

001_SplunkStarteAppInstalled

 

In addition to giving you a tour of the new key features, the Splunk Enterprise 6.1 Overview app includes some data already assigned to index=sfpd.  I’ll use that data and make a simple search that will form the basis of …

» Continue reading

Mission Critical Availability with Splunk Enterprise 6.1

One of the newest features in Splunk Enterprise 6.1 is Multi-site Clustering.  This feature strengthens our ‘Operational Intelligence for everyone’ message by making the mission critical machine data available to users all the time, and it can even withstand an entire datacenter outages. Splunk Enterprise 6.1 has raised the bar on enterprise readiness to a new level.

 

Just as a recap, the clustering feature has been available in Splunk Enterprise since version 5.0. The earlier versions provided the much-needed High Availability (HA) capabilities – if one of the indexers is down then a replicated copy of the same data is available to users, thus minimizing any interruption in service.

 

The new Multi-site Clustering feature in 6.1 provides the …

» Continue reading

Mission Critical Analytics – Everywhere

You are so incredibly awesome.

That’s what I wanted to call the new release of Splunk Enterprise announced today, but instead we went with Splunk Enterprise 6.1. What this release represents is pretty remarkable. Why? Because it’s defined by what we see you do.

You’ve made machine data a valuable asset in your organization. Whether you’re in IT, on the applications team or on the security team, you’ve helped yield powerful results for the company you work for. So valuable that machine data insights are now more mission critical than ever.

You’re changing how you analyze data—you’re comfortable exploring and analyzing data, knowing that Splunk software will eat just about anything you throw at it and give you answers …

» Continue reading

Using Splunk as a data store for developers

A number of years ago, I wrote a blog entry called Everybody Splunk with the Splunk SDK, which succinctly encouraged developers to put data into Splunk for their applications and then search on the indexed data to avoid doing sequential search on unstructured text. Since it’s been a while and I don’t expect people to memorize the dissertations of ancient history (to paraphrase Bob Dylan), I’ve decided to write about the topic again, but this time in more detail with explanations on how to proceed.

Why Splunk as a Data Store?

Some may proclaim that there are many no-sql like data stores out there already, so why use Splunk for an application data store? The answers point to simplicity, …

» Continue reading

A sneak preview of TM Forum Big Data 2014

TMForumBigDataI’m lucky enough to be going to the TM Forum Big Data event in Amsterdam next week. It should be an interesting set of speakers and reference point for what telcos are doing with big data and also a great place to share best practice and practical experience.

I’m particularly interested to see the use cases for telco big data, looking at what data is being collected (from the network, handset, customer data) but also how that data is being used (customer experience, fraud, DevOps, marketing etc.)

We hear a lot about how big data allows better analysis, more informed decisions and identification of trends but in particular I’m keen to hear the presentation on how telcos are monetizing big …

» Continue reading

Five Must-See Splunk Demos at Cisco Live Milan

Splunk and Cisco are collaborating to unify security, networking, application and other data center silos with centralized, comprehensive operational intelligence.

Stop by Splunk booth E1/E2 at Cisco Live Milan January 27-31 to learn why Splunk is the ideal complement to your Cisco-based infrastructure plus check out a range of LIVE demos including …

Security

» Continue reading

Hunk Setup using Hortonworks Hadoop Sandbox

Hortonworks Sandbox is a personal, portable Hadoop environment that comes with a dozen interactive Hadoop examples. Recently Hortonworks and Splunk released a tutorial and video to install and connect Hunk with the Hortonworks Hadoop Sandbox version 1.3

This blog summarizes the configurations used as part of the Hunk setup.

Configurations for Hadoop Provider:

Key Value
Java Home /usr/jdk/jdk1.6.0_31
Hadoop Home /usr/lib/hadoop
Hadoop Version Hadoop version 1.x, (MR1)
Job Tracker sandbox:50300
File System hdfs://sandbox:8020
Splunk search recordreader com.splunk.mr.input.SimpleCSVRecordReader, com.splunk.mr.input.ValueAvroRecordReader

 

Configurations for Hadoop Virtual Indexes:

Key Value
Name hadoop_sports
Path to data in HDFS /user/hue/raanan/…
Whitelist \.csv$

 

 

For more Hunk details and examples go to the blog:

http://blogs.splunk.com/2013/11/08/hunk-intro-part-3/

Enjoy.

 …

» Continue reading

Splunk for Networking and SDN: In Action in Vegas!

Have you registered for Splunk Worldwide Users’ Conference .conf2013 in Vegas? If not, please hurry up and register here http://conf.splunk.com/. Time is running out!

Come to our session “Splunk for Networking and SDN” on October 1st, 1:45 PM to learn how Splunk can help you gain get deeper visibility into your existing networking infrastructure as well as your Software Defined Networking rollouts. We will discuss how to utilize Splunk to optimize your networking resources to cater to dynamically changing applications’ needs, reducing the number of monitoring solutions in your network, increasing security and of course, saving you money!

To see Splunk in action in the networking space, please stop by the booths and/or sessions of our technology partners Arista Networks …

» Continue reading

Happy SysAdmin day! I need to Splunk my brain – does your organization need to?

Hi. I’m having one of those weeks where I could do with Splunking my brain. Why? Because one thought keeps firing off another activity and adding to the unstructured list of things that I need to do. Essentially – it is working a bit like this:

What I really need, is it to work like this:

I’m sure we’ve all had times like this – lots of data coming at you that fits the mythical “three Vs”. There’s a high volume of data, it is moving quickly to give it velocity and there’s a lot of variety. What further adds to the need to Splunk my brain is the fact the data is at so many different …

» Continue reading