Splunk Enterprise 6.0 6.1 .pdf



Nom original: Splunk Enterprise 6.0-6.1.pdf
Titre: Slide 1
Auteur: Owner

Ce document au format PDF 1.5 a été généré par Microsoft® PowerPoint® 2010, et a été envoyé sur fichier-pdf.fr le 15/07/2014 à 13:52, depuis l'adresse IP 195.13.x.x. La présente page de téléchargement du fichier a été vue 642 fois.
Taille du document: 4 Mo (37 pages).
Confidentialité: fichier public




Télécharger le fichier (PDF)










Aperçu du document


Make machine data accessible, usable
and valuable to everyone.
11

Setting the Standard for Operational Intelligence

1 2 3

Tool
“Google for the
datacenter”

2006-2008

4 4.1 4.2 4.3

Engine
“Engine for machinegenerated data”

2009-2011

2

5 6
Platform
“Platform for operational
intelligence”

2012-2013

Copyright © 2014 Splunk Inc.

Introducing Splunk 6

3

Introducing Splunk 6

Up to 1000x faster
over Splunk 5

Powerful analytics
anyone can use

4

Powerful Analytics Anyone Can Use
Pivot

Enables non-technical users to build complex
reports without learning the search language

Data
Model

Provides more meaningful representation
of underlying raw machine data

Analytics
Store

Acceleration technology delivers up to
1000x faster analytics over Splunk 5

5

Easy-to-use Analytics Interface
Pivot
• Drag-and-drop interface
enables any user to analyze
data
• Build complex queries and
reports without learning
search language
• Click to visualize any chart
type; reports dynamically
update when fields change

POWERFUL
ANALYTICS

All chart types available in the chart toolbox

Save Report
to share

Time Window

Select fields from
data model

6

Define Relationships in Machine Data
Data Model

Hierarchical object view of underlying data

• Describes how underlying

machine data is represented
and accessed
• Defines meaningful
relationships in the data
• Enables single authoritative
view of underlying raw data

Add constraints to
filter out events

7

POWERFUL
ANALYTICS

Deliver Analytics Up to 1000x Faster

POWERFUL
ANALYTICS

High Performance
Analytics Store
• Transparent acceleration

Check to enable
acceleration of
data model

technology
• Retrieval speeds up to 1000x
faster than previous Splunk
versions
• Used to accelerate data
models - created at the click
of a button

Time window of data
that is accelerated

8

The Path to Analytics
1.

Explore and
Understand

2.

3.

Model and
Accelerate

Analyze and
Visualize

Data Model

Pivot Data

Analytics Store

9

Empowering Users Across the Enterprise
[10/11/12

18:57:04
000000b0

UTC]

Raw Data

IT Professional
• Create and share Data Models
• Accelerate Data Models and

custom searches with the
Analytics Store
• Create reports with Pivot

Data
Model

Analytics
Store

Pivot

Developer
• Leverage Data Models to

abstract data
• Leverage Pivot in custom apps

10

Analyst


Create reports using Pivot
based on Data Models created
by IT

Additional Analytics Features
Maps

Predictive Analysis

• Integrated GeoIP map that

• Find patterns in data to predict

display geographic data and
summaries

system capacity and resource
utilization

11

Powering Security Intelligence
Splunk Enterprise 6
• Normalization without data

reduction
• Customized for different
data types
• Supports converged IT
Security and IT Operations
data ontologies
• Support for fast reporting

Example of security
data models

12

POWERFUL
ANALYTICS

Other New Features in Splunk 6

INTUITIVE USER
EXPERIENCE

SIMPLIFIED
MANAGEMENT

RICH DEVELOPER
ENVIRONMENT

Improve users’
productivity
enabling instant
access to relevant
apps and content

Deliver simplified and
scalable management
for enterprise Splunk
deployments

Rapidly build Splunk
apps using
standards-based
web technologies

13

Increased User Productivity

INTUITIVE USER
EXPERIENCE

New Home Screen
• New menu system enables
rapid navigation to apps, data
and content relevant to user
• Removes need to open apps
in order to explore content
• Customizable to different
users and roles

Search Bar

Splunk Apps
Add Data Source

14

Redesigned Search and Reporting
Enhanced Search
Experience

INTUITIVE USER
EXPERIENCE

Access Reports and Dashboards

• Search and analyze data
from a unified interface
• Simplified authoring and
editing of reports
• Instantly navigate to create
new visualizations, tables
and dashboard panels

Search Bar

Search Results

15

Centralized Cluster Management

SIMPLIFIED
MANAGEMENT

Simplified Cluster
Management
• Monitor Splunk high availability
services for business critical
deployments at scale
• Automatic search workload and
data rebalancing when clusters
change
• Easier and more transparent app
deployment to indexers
• Faster recovery from failures

Cluster Health
Visual Status

Splunk Indexes

16

Easier Deployment, Configuration

SIMPLIFIED
MANAGEMENT

Forwarder Management
• New visual management
interface to deploy and
monitor thousands of
configurations
• Track status of roll out and
easily track down errors
• Monitor deployment activity
• Enables management of
forwarder configuration

Number of forwarders
being monitored

Number with errors
Number that have downloaded a config

Information about forwarder

17

Powerful Dashboard Customization
Enhanced Dashboard
Editor
Menu to easily customize
dashboard without advanced XML

• Build interactive dashboards

and user workflows without
writing Advanced XML code
• Easily add custom styling,
behavior and visualizations
• One-click access to develop
in the Splunk web
framework
18

RICH
DEVELOPER
ENVIRONMENT

RICH
DEVELOPER
ENVIRONMENT

Familiar Developer Environment
Web Framework
• Quickly and efficiently build
Splunk apps using familiar
web technologies
• Client-side development
with Splunk JavaScript
components and JavaScript
libraries
• Server-side development
support with Python and the
Django framework

Build Splunk Apps

Web
Framework

Extend and Integrate Splunk

Simple XML

SDKs

JavaScript

Ruby
Java
JavaScript C#
PHP
Python

Django

REST API

19

Data Models
Search
Extensibility

Modular Inputs

Splunk 6: Operational Intelligence for Everyone

POWERFUL
ANALYTICS

INTUITIVE USER
EXPERIENCE

SIMPLIFIED
MANAGEMENT

DEVELOPER
ENVIRONMENT

Pivot
Data Models
Integrated Maps
HPAS

New Home Screen
Enhanced Search

Cluster Mgmt
Forwarder Mgmt

Dashboard Editor
Web Framework

20

Copyright © 2014 Splunk Inc.

Introducing
Splunk Enterprise 6.1

21

Introducing Splunk Enterprise 6.1
ENABLING THE
MISSION-CRITICAL
ENTERPRISE

ENHANCED
INTERACTIVE
ANALYTICS

22

EMBEDDING
OPERATIONAL
INTELLIGENCE

Introducing Splunk Enterprise 6.1
ENABLING THE
MISSION-CRITICAL
ENTERPRISE

ENHANCED
INTERACTIVE
ANALYTICS

23

EMBEDDING
OPERATIONAL
INTELLIGENCE

MISSION
CRITICAL
ENTERPRISE

Mission-critical Availability
Multi-site Clustering
• Continuous availability of
machine data in case of an
outage or disaster

REPLICATION

• Indexed and raw data is
replicated to one or more
sites

Portland
Datacenter

• Replicated data can be
accessed providing faster
results
24

New York
Datacenter

Load and Preview Structured Data
Data Preview with
Structured Inputs
• Preview massive structured
data files to verify alignment
of fields and headers prior
to indexing
• Improve data quality and
the time it takes to discover
critical insights
• Ingest structured inputs
from CSV and IIS files

Adjust configurations in the UI
• Delimiters, Headers, Time Stamp

Preview results before committing

25

MISSION
CRITICAL
ENTERPRISE

Integrated Mainframe Insights
zLinux Forwarder
• Easily collect data from IBM

mainframe applications and
platform
• Mainframe data can be
correlated with other
machine data
• Include mainframe insights
in operational sashboards
for true end-to-end visibility

26

MISSION
CRITICAL
ENTERPRISE

Demo
27

Introducing Splunk Enterprise 6.1
ENABLING THE
MISSION-CRITICAL
ENTERPRISE

ENHANCED
INTERACTIVE
ANALYTICS

28

EMBEDDING
OPERATIONAL
INTELLIGENCE

Faster Dashboard Creation

ENHANCED
INTERACTIVE
ANALYTICS

Dashboard Editor
• Rapidly build advanced
dashboards within the
Splunk UI without coding

Add new inputs and panels without
Advanced XML

• Add dashboard panels and
inputs without using
Advanced XML
• One-click access to develop
in the Splunk web
framework
29

ENHANCED
INTERACTIVE
ANALYTICS

User-driven Analytics
Contextual Drilldown
• Deliver detailed insights
when clicking on a
dashboard panel without
leaving the context of the
dashboard
• Updates to primary panel
drives updates to any
number of secondary
panels in response to
user interaction

Panel interaction

30

Drives dashboard context

ENHANCED
INTERACTIVE
ANALYTICS

Enhanced Analytics Controls
Interactive Analytics
• Chart overlay delivers
improved analysis with the
ability to overlay one chart
over another

• Pan and zoom enables more
focused analytics with
ability to select range of
interest on a chart and
zoom in for deeper analysis

Pan and Zoom

31

Chart Overlay

Demo
32

Introducing Splunk Enterprise 6.1
ENABLING THE
MISSION-CRITICAL
ENTERPRISE

ENHANCED
INTERACTIVE
ANALYTICS

33

EMBEDDING
OPERATIONAL
INTELLIGENCE

More Actionable Alerting

EMBEDDING
OPERATIONAL
INTELLIGENCE

Customized Alerts
• Deliver alerts with
embedded machine data
context reducing MTTR

Customize recipients

• Ability to customize alerts to
include messaging for
recipients, more alert
context and next-steps

Customize message

• Select preferred format and
delivery of results

Select delivery method

34

Add Splunk Insights to Business Apps
Embedded Reporting
• Embed Splunk Enterprise
charts and reports in thirdparty business applications
• Share critical insights with
users who don’t have access
to Splunk Enterprise

iframe code

Visualization in Splunk

• 1-line copy/paste to embed
in external application
Visualization in non-Splunk UI

35

EMBEDDING
OPERATIONAL
INTELLIGENCE

Demo
36

Splunk Enterprise 6.1
ENABLING THE MISSION-CRITICAL ENTERPRISE
Continuous availability of mission-critical machine data with
expanded insights from new sources

ENHANCED INTERACTIVE ANALYTICS
Easier to build dashboards and more interactive visualizations

EMBEDDING OPERATIONAL INTELLIGENCE
Extends operational intelligence to common business
applications

37



Documents similaires


user group paris 6 2
splunk enterprise 6 0 6 1
mint sales deck oct2014
i6lcm1s
w ibmc1001
digital playbook trade associations


Sur le même sujet..