Splunk’s Latest One-Two Punch for Business-Critical Analytics: 100% Cloud Uptime + Real-Time Access To Wire Data
Splunk is shipping a pair of new technologies this summer that continue to improve on ways companies can use machine data to deliver enterprise-class operations – across on-premises, cloud and hybrid environments. IDN discusses the one-two punch for business-critical analytics with Splunk execs.
by Vance McCarthy
director of product marketing
"We’ve taken many important steps to deliver 100% uptime with new HA [high availability] and redundancy for Splunk Cloud."
Splunk is shipping a pair of new technologies this summer that continue to improve on ways companies can use machine data to deliver enterprise-class operations – across on-premises, cloud and hybrid environments.
First, Splunk is now promising its Splunk Cloud can deliver 100 percent uptime. Splunk Cloud is the company’s SaaS-based version of its Splunk Enterprise machine data analytics offering. Next, Splunk is also shipping a free add-on to let Splunk customers tap into a whole new reservoir of valuable machine data – real-time wire data.
Security & Management
The push to improve uptime from the cloud comes as more customers begin to seriously consider moving their mission-critical apps to the cloud, Praveen Rangnath, Splunk Cloud’s director of product marketing, told IDN.
Splunk Cloud features include monitoring and alerting, role-based access controls, data model/pivot, knowledge mapping, report acceleration, anomaly detection, pattern matching and robust REST APIs. “We’ve taken many important steps to deliver 100% uptime with new HA [high availability] and redundancy for Splunk Cloud,” Rangnath told IDN.
Here are four of the Splunk improvements that deserve to be called out:
Amazon Web Services (AWS) redundancy – “First we’ve architected across multiple AWS availability zones – not just one. That means we’re running across multiple zones that failover to each other,” Rangnath told IDN.
Dedicated clouds – Splunk Cloud also provisions dedicated cloud environments for each customer, he added. “This means we don’t have [customer] data comingling. We have a single tenant cloud environment for each customer,” he said.
Self-healing – Splunk Cloud also leverages what Rangnath called Splunk’s core “self-healing” features to keep things running. “Splunk already can automatically trigger an action when certain thresholds are hit. We now also incorporate that in AWS,” he said.
“Secret sauce” for Splunk Cloud – Finally, Splunk Cloud uses the Splunk platform software for real-time monitoring and visibility to maintain reliable operations, he added.
Beyond all these 100% SLA features, Splunk also lets IT customize its own Splunk Cloud. “We also offers a build-your-own tool around SDKs and alerting to let IT create their own scripts to trigger actions based on data you see in Splunk,” Rangnath said.
Splunk Cloud’s 100% uptime is making a big difference to MindTouch, a provider of cloud-based customer success software. It uses Splunk Cloud to monitor its cloud-based software and to collect and analyze all of its machine data. “Our products are mission-critical to our customers, and the 100 percent uptime delivered by Splunk Cloud helps us meet our customers’ expectations to be online all the time. Splunk Cloud has helped us to deliver 24/7 reliability,” said MindTouch CEO Aaron Fulkerson in a statement.
One analyst said 100% uptime SLAs will become more valuable and important, especially as more providers and customers look for the cloud to deliver business-critical outcomes.
“We’ve been seeing organizations start to move their mission-critical applications to the cloud, but many still see availability and uptime as a significant barrier,” said 451 Research senior analyst Dennis Callaghan in a statement. “By guaranteeing 100 percent uptime in its SLA, Splunk Cloud should help ease some of the performance monitoring and visibility concerns associated with applications and infrastructure running in the cloud.”
Splunk also revealed lower prices – up to a 33% price reduction. In addition, Splunk expanded it service plans to offer up to 5TB/day and up to 10x more data bursting.
Splunk Also Taps into Real-Time Wire Data
Also this month, Splunk debuted a new app, Splunk App for Stream, which adds an important new dimension to obtaining real-time machine data insights – the capture of streaming wire data.
Wire data is transmitted between applications over the network, and viewed correctly can provide unique insights into the operations and performance of the overall business, as well as apps, infrastructure and security issues, Leena Joshi, Splunk’s senior director of solutions marketing, told IDN.
With Splunk App for Stream, customers of Splunk Enterprise or Splunk Cloud can obtain and analyze their wire data. Further, customers can correlate wire data with logs, events, metrics and many other varieties of machine data that Splunk already captures, Joshi added.
By correlating wire data with other machine data, customers can now gain granular visibility into public, private or hybrid cloud infrastructures and capture new insights on application and infrastructure performance, operational issues, transaction paths, system downtime, infrastructure relationships, security vulnerabilities, compliance and customer behavior, she said.
Joshi expects popular early use cases to include security and application performance management.
"One great example is security: Customers may have hybrid environments – a customer of ours has 200 marketing apps running in the AWS cloud, and they have no sense of the security profile or exposure of these apps. They could deploy the Splunk App for Stream to all the unmanaged virtual machines in AWS and use the data collected to profile the apps and ascertain risk exposure,” Joshi told IDN.
In specific, Splunk App for Stream enables in-depth monitoring and real-time correlations for breaches, threat prevention and detection, she added.
As for APM (application performance management), Joshi expects Splunk App for Stream to also be especially attractive because of its ease-of-use and the app’s ability to work in hybrid environments – where diagnostics can be difficult.
“Customers using legacy products might find it unwieldy to deploy heavy monitoring agents to cloud environments and they usually don't have access to the underlying networking hardware to tap that instead,” Joshi said. “With the Splunk App for Stream, they can quickly deploy the stream forwarders to their cloud instances and send the data to Splunk Enterprise on premises or in the cloud – to get a sense of where applications are suffering from poor response times – whether in the cloud or with their backend legacy systems.”
For application management, Splunk App for Stream can tap wire data to provide deep-dive data on transaction response times, transaction traces, transaction paths, and network performance and database queries without requiring any instrumentation of the application, she added.
Other stakeholders can benefit from the new access to wire data. Among them:
IT Operations: Helps pinpoint root-causes and map dependencies of critical infrastructure services and ensure the delivery of services at the levels required by the business.
Business Analytics: Captures web interactions and key metrics such as time spent on page, bounce rates, navigation paths and product performance, without the need to tag individual pages.
Under the covers, Splunk App for Stream collects, aggregates and filters wire data from a range of network endpoints, including routers, switches, firewalls and other points at the network perimeter. It also works with virtual machines in public clouds and even virtual desktops.
Thanks to easily-defined filters and rules, customers can also dynamically control data volumes or capture only the wire data that is most relevant to a specific analysis, Joshi added. It does not require code instrumentation.
Splunk App for Stream is the first product to arise from Splunk’s acquisition of Cloudmeter last year. It is available free and works with Splunk Enterprise and Splunk Cloud deployments.
- Centrify Analytics Service Uses Machine Learning and User Behavior To Stop Breaches in Real Time
- Splunk Continues To Expand Its Adaptive Response Initiative To Detect, Battle CyberThreats Faster
- 2017 Survey: Security Professionals Say Their Enterprises Score ‘Below Average’ in Ability To Assess Cyber Risks
- IBM Says Know Your Security Posture: The Key To Incident Response is Understanding Your Risks
- ForgeRock Says IoT is Pushing Security To Become ‘Password-Less’ and More Friction-Free