.conf2014 Highlight Series: Deep Dive into Search Head Clustering

We’re back with the latest installment of our .conf2014 highlight series. Today, we revisit one of our most popular sessions of last year’s conference, “What’s New in Search Head Clustering.”

lgo-conf2014-pms381Skill Level:
Solution Area:
Deploying Splunk
Splunk Enterprise

Presentation overview:
A complete deep dive on the Splunk Search Head Clustering feature. This session covers how Search Head Clustering provides horizontal scalability to support more users and searches, and high availability to ensure users can access their searches at all times. We also cover the architecture, how it works, and best practices guides for large scale deployment.

For the full recording, check out Deep Dive into Search Head Clustering.

conf2015-logoWe look forward to sharing …

» Continue reading

Smart AnSwerS #12

Hello Splunk community and welcome to the 12th installment of Smart AnSwerS.

I had just come back from eating lunch and what do I find 10 feet away from my desk? Over 15 boxes of leftover pizza from a meeting of course. I fight the urge to grab a slice or five and I take a break for the gym instead. I get back to the office and what do I find in the kitchen? 3 boxes of leftover deep dish pizza. I reach for a cup of tea instead and head to my desk. Our amazing executive assistant Jade Lo comes around with a box full of large buttery cookies of all flavors. What do I do? …

» Continue reading

Splunk at Mobile World Congress 2015



If you’re heading to Mobile World Congress this year, be sure to visit us at booth 8.0I27 in Hall 8.0!

Over the past two decades, Mobile World Congress has become THE event where companies – including communications service providers, makers of next-generation mobile devices and mobile-savvy enterprises come together to share their point of view, and give the audience a glimpse into the “next big things” in mobile. They’ll have quite the audience for this.

This year, over 100,000 IT, communications and business leaders come to the event to learn how they can adapt mobile innovations into their business. From mobile payments, to better security, to connecting with customers wherever they may be, there’s much to see and learn at …

» Continue reading

Splunk DB Connect & Cloudera Hive JDBC Connector

First things first. Try Hunk before you go down this path. Hunk allows you to seamlessly query your Hive tables with native SPL queries from the search interface. This gives you all the goodness of Splunk including agile reporting and analytics, role-based access controls, report acceleration and the fast time to value that you’ve come to know and love from Splunk. If you have tried Hunk and it’s just not the right fit then read on.

I recently helped a customer use Splunk DB Connect and the Cloudera Hive JDBC Connector to query tables on their Hive Server 2. Hive Server 2 is available in CDH 4.1+. You can read more about it on this Cloudera blog post.

Here are the quick …

» Continue reading

Please Bypass the Database

It has been a while since I posted to these pages and I am sure there may be one or two of you who misses my erudite musings or as some may say ramblings of a longtime Splunker. Either way, here’s my first post for 2015.

I have noticed that there are a quite a few deployments in the world that write time series data to a log rotated file and have another process translate those events into a rows and columns to be ingested into a relational database. After this extract, translate, and load process (ETL), they then use SQL to gather their database records either add-hoc search or for aggregate reporting. This practice has been going on for …

» Continue reading

Splunk at Nordstrom (Part 3 of 4): Using DevOps Principles to Manage Splunk

badge_online_events We recently hosted a Splunk at Nordstrom webinar and Keith Kent, Senior Monitoring Engineer at Nordstrom, did a fantastic job outlining how Splunk was used across the Nordstrom enterprise. One area that generated particular interest during the presentation was how Splunk technology was deployed at Nordstrom and how that has enabled better application delivery across the enterprise.

Similar to other large enterprises, Nordstrom has a pretty extensive IT infrastructure supporting their operations and keeping track of all the changes can be tedious. So with Splunk’s deployment, Nordstrom took a different tack: why not apply DevOps principles?

Splunk as Source Code
Splunk is used as a shared service at Nordstrom, and the entire Splunk deployment is managed as source code …

» Continue reading

Splunk and Cisco Help Organizations Drive Business Outcomes with Analytics

This week we are excited to join Cisco on a webinar exploring how companies are moving toward the pervasive use of analytics and operational intelligence and the business value this shift is driving.

Cisco's Jim McHugh and Splunk's Shay Mowlem discuss Splunk and Cisco collaborations.During the webinar, Splunk VP Shay Mowlem and Cisco Vice President of UCS and Data Center Solutions Marketing Jim McHugh will share how Splunk and Cisco are collaborating on a range of security, networking, application management, IoT and other solutions. You’ll also learn how Cisco is working with Splunk to tune and optimize Cisco’s end-to-end big data and analytics infrastructure for Splunk Enterprise, enabling our joint customers to reduce risk and accelerate time to market.

Please join Splunk, Cisco and other industry leaders for tomorrow’s webcast hosted …

» Continue reading

Splunk at Nordstrom (part 2 of 4): Nordstrom and Mobile POS

badge_online_eventsNordstrom is one of my favorite stores (if only because they carry Jimmy Choo!). One of the best parts I love about shopping at Nordstrom is that I don’t have to wait in line to purchase my items. The salesperson whips out a mobile device, takes my card, prints my receipt and I’m out the door. But this super easy checkout experience is actually far from it from an operational standpoint. That’s where Splunk comes in.

As one of the pioneers of mPOS, Nordstrom faced some unanticipated challenges when they initially piloted mPOS. For instance, managing consumer-grade devices in an enterprise environment is no easy task. How do the payment sleds work with those devices? How does the mPOS …

» Continue reading

Smart AnSwerS #11

Hi there Splunk community and welcome to the 11th installment of Smart AnSwerS.

This week is Splunk’s FY’16 Sales Kickoff (SKO) and there’s been a lot of hustle and bustle with Splunkers from around the globe in town. It’s been a jam-packed week reflecting on amazing achievements this past fiscal year, hearing personal customer experiences, and getting psyched for future goals with the ever changing landscape of big data. To put a cherry on top, we’ve had a cotton candy machine at HQ because the venue for the event wouldn’t allow us to use it there. I have yet to hear any complaints in the office about it (unsurprisingly) :P – Check out this week’s featured Splunk Answers posts:…

» Continue reading

.conf2014 Highlight Series: Splunk Ninjutsu by David Veuve

In our ongoing series of .conf2014 #TBT highlights, we revisit David Veuve’s “Security Ninjutsu” presentation focused on using Splunk for Advanced Correlation, Anomaly Detection and Response Automation.
Skill Level:
Solution Area:
IT Operations, Security
Splunk Enterprise

Presentation overview:
Splunk’s analytical capabilities allow security users to leverage advanced correlation and anomaly detection moving beyond basic incident response. Splunk can also take action, ranging from integration with ticketing systems to automatic blocking and beyond. This session walks the audience through automated threat intelligence response, behavioral profiling, anomaly detection, and tracking an attack against the kill chain. Through each of the examples, David reviews the data, how to analyze it, and what actions could be taken, providing reusable examples for how …

» Continue reading