Splunk> IT Search

The Industry-leading Platform for Operational Intelligence

Your IT systems and technology infrastructure—websites, applications, servers, networks, sensors, mobile devices and the like—generate massive amounts of machine data.

By monitoring and analysing everything from customer clickstreams and transactions to network activity and call records, Splunk Enterprise turns your machine data into valuable insights.

Troubleshoot problems and investigate security incidents in minutes, not hours or days. Monitor your end-to-end infrastructure to avoid service degradation or outages. Gain real-time visibility into customer experience, transactions and behaviour.

One Platform. Many Applications. Operations Troubleshoot problems Your IT infrastructure and applications have ever more complex and dynamic dependencies. When something breaks, finding and fixing the problem takes too long and costs too much. Splunk indexes every type of IT data from every source and lets you search, alert and report in real time across your entire infrastructure from one place. Recover from problems faster, have less down time, and improve your service levels. Security - Investigate attacks Your security solutions deal with an overwhelming volume of data by filtering events only to produce a smaller number of alerts. But without the original data you can't perform in-depth incident response or threat analysis. With Splunk you can search in real time on any user, network, system or application activity all from one place. Lower your risk and exposure by getting the complete visibility you've always wanted but didn't think you could achieve. Compliance - Reporting and controls e-Discovery, FFIEC, FISMA, HIPAA, IT Governance, PCI, SOX and other mandates require regular review of logs and IT data. But most solutions only work with a small number of data sources, require constant maintenance and are too rigid to be used for other applications. Splunk gives you sustainable compliance and leverages the same investment for other applications. Meet requirements for log review, audit trail collection, reporting and file integrity monitoring and empower operations staff and developers too. Business Intelligence - Analyse transactions The problem is not just access to the data. Business users can't effectively analyse application or user activity even if IT provides the data because its too voluminous for tools like Excel or MS-Access. Traditional web analytics and BI tools don't lend themselves to ad-hoc access by business analysts. With Splunk, everyone in your organisation will be empowered to answer the questions that come up in their jobs about what's happened in your applications and services.

Any Data From Any Source

Collect and index any machine-generated data from virtually any source or location in real time. This includes data streaming from packaged and custom applications, application servers, web servers, databases, networks, virtual machines, telecoms equipment, operating systems, sensors and much more. Just point Splunk Enterprise at your data, and it immediately starts collecting and indexing—so you can start searching and analysing.

Collect Data From Remote Sources

Splunk Forwarders deliver reliable, secure, real-time data collection from up to tens of thousands of sources. They can monitor local data sources—applications, sensors, endpoint devices; collect the output of status commands on a schedule; grab performance metrics from virtual or non-virtual sources; or watch the file system for configuration, permissions and attribute changes. Forwarders are centrally managed, lightweight and can be deployed quickly at no additional cost.

Correlates Complex Events

With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations:

• Time-based correlations identify relationships based on time, proximity or distance
• Transaction-based correlations track a series of related events as a single transaction to measure duration, status or other analysis
• Sub-searches take the results of one search and use them in another
• Lookups correlate machine data with external data sources outside of Splunk Enterprise
• Joins support SQL-like inner and outer joins

Correlating events enables richer analysis and insight from your machine data. Read the Event Correlation Technical Brief to learn more.

Enterprise-class Scale, Resilience and Interoperability

Splunk Enterprise scales to collect and index tens of terabytes of data per day. And because the insights from your data are mission critical, Splunk Enterprise's clustering technology provides the availability you need, even as you scale out your low-cost, distributed computing environment. Automatic load balancing optimises workloads and response times and provides built-in failover support. Out-of-the-box reporting and analytics capabilities deliver rapid insights from your data. Splunk DB Connect delivers reliable, scalable, real-time integration between Splunk and traditional relational databases.

Find out more about Splunk> IT Search here
Download Splunk and Trial it for Free Download "The Guide to IT Search"