Copyright©2015Splunk,Inc.

SplunkforITOpsAndiMannChiefEvangelistITMarkets

SessionAgenda

• SplunkforITOps - Introduction• SplunkApps• IntroducingSplunkITServiceIntelligence• CustomerStories• WrapUp

SplunkforITOps - Intro

EscalatingITComplexity…

SERVERS STORAGE NETWORKING

VITUALIZATION

INFRASTRUCTUREAPPLICATIONS

PACKAGEDAPPLICATIONS

CUSTOMAPPLICATIONS

Identity

VPN

IPPhone

HR

Email

Finance

AppSvr

DB

WebSvr SaaS/PaaS

IaaS

…PlaguingITOperations

SERVERS STORAGE NETWORKING

VITUALIZATION

INFRASTRUCTUREAPPLICATIONS

PACKAGEDAPPLICATIONS

CUSTOMAPPLICATIONS

Identity

VPN

IPPhone

HR

Email

Finance

AppSvr

DB

WebSvr SaaS/PaaS

IaaS

Complex,silo-basedtechnologies

Disconnectedandoutdatedpointsolutions

Reactivebrute-forceproblemresolution

Over80%oftimeonmaintainingnotinnovating

IndustryLeadingPlatformforMachineDataAnyMachineData

OnlineServices Web

Services

ServersSecurity GPS

Location

StorageDesktops

Networks

PackagedApplications

CustomApplicationsMessaging

TelecomsOnlineShoppingCart

WebClickstreams

Databases

EnergyMeters

CallDetailRecords

SmartphonesandDevices

RFID

Datacenter

PrivateCloud

PublicCloud

EnterpriseScalability

SearchandInvestigation

ProactiveMonitoring

OperationalVisibility

Real-timeBusinessInsights

OperationalIntelligence

IndustryLeadingPlatformforMachineDataAnyMachineData

OnlineServices Web

Services

ServersSecurity GPS

Location

StorageDesktops

Networks

PackagedApplications

CustomApplicationsMessaging

TelecomsOnlineShoppingCart

WebClickstreams

Databases

EnergyMeters

CallDetailRecords

SmartphonesandDevices

RFID

Datacenter

PrivateCloud

PublicCloud

EnterpriseScalability

SearchandInvestigation

ProactiveMonitoring

OperationalVisibility

Real-timeBusinessInsights

OperationalIntelligence

Anyamount,anylocation,anysource

Schema-on-the-fly

Universalindexing

Noback-endRDBMS

Noneedtofilterdata

DeveloperPlatform (RESTAPI,SDKs)

TheFocus

8

ApplicationDelivery

ITOperations

Security,Compliance,andFraud

BusinessAnalytics

IndustrialDataandthe

InternetofThings

TurningMachineDataIntoOperationalIntelligence

Reactive

Searchand

Investigate

ProactiveMonitoringandAlerting

OperationalVisibility

ProactiveReal-timeBusinessInsight

9

TroubleshootingFindandfixproblemsfaster

10

ReduceMTTR

ImproveEndUserExperience

ReduceCosts

GreaterITproductivity

TroubleshootingFindandfixproblemsfaster

11

ReducedMTTR

ImproveEndUserExperience

ReduceCosts

GreaterITproductivity

Nomoregrepping throughlogs

End-to-endcorrelation

MonitoringFindandfixproblembeforeitbecomesaproblem

Increaseduptime

TrendsinrealtimeandHistoricalData

PowerfulVisualizations

Alertingandnotifications

SplunkAppsAccelerateInsights

SplunkApps

14

Plug-Ins,TemplatesandAppsAccelerateValueFromMachineData

Norigidschemas– Addindatafromanyothersource.

APISDKs UI

Server, Storage, Network

Server Virtualization

Operating Systems

Custom Applications

Business Applications

Cloud Services

App Performance MonitoringTicketing/ and

Other

WebIntelligence

Mobile Applications

Stream

AppsProvideDeepInsightsByRoleFindandresolveproblemsfastinindividual technologyareas

ExchangeAdmin

ServiceHealthPerformance

Messagetracking

VMware/Win/LinuxAdmin

InfrastructureHealthPerformance

Anomalies/Outliers

StorageAdmin

InfrastructureHealthPerformance

Anomalies/Outliers

SplunkITServiceIntelligence

WhatWeHearFromOurCustomers!

17

“MyCIOisdemandingwelookatITfromabusinessserviceperspective.”

“Splunkisgreatforbreak-fix,butIneedtoshowwe’remeetingSLAs.”

“Ineedeveryonetobeabletoseethesamethingatthesametime.”

“IjustwanttothrowdataatSplunkandhaveitfindproblemsforme.”

“Showmewhatmydatacandoforme!”

Data-drivenserviceinsightsforroot-causeisolationandimprovedserviceoperations

INTRODUCING

SplunkITServiceIntelligence

19

KeyConcepts

WhatisaService?

Service RequestsResponses

InSplunkITSI,aService isalogicalgroupoftechnologycomponents thatauserdeemsneedtobemonitoredtogether.Itcanoftenbegeneralizedasa“blackbox”whichwesendrequestsandexpectresponses

WhatisaService?

DNS RequestsResponses

TechnicalServices

Auth RequestsResponses

Web RequestsResponses

Servicescanbetechnology-centric…

WhatisaService?

DNS RequestsResponses

TechnicalServices

CustomerTransactions

RequestsResponses

BusinessServices

Auth RequestsResponses

Web RequestsResponses

SupportDesk RequestsResponses

…andbusiness-centric

WhatisaService?

PacketNetwork

HypervisorandHosts

RBMDBs

StorageTier

APIServices

WebServices

CustomerTransactions

Mobile

API/Middlew

are

PartnerPortal

DNS

ServicescanencompassmultipletiersoftheITdomainandmayalsodependuponotherservices/micro-services

WhatisaKPI?

DNS RequestsResponses

KPI:NumberofrequestsKPI:ErrorrateKPI:Averageresponse timeKPI:ServicerCPUloadKPI:ServernetworkI/Ferrors

CustomerTransactions

RequestsResponses

KPI:NumberoftransactionsKPI:ErrorrateKPI:Averageresponse timeKPI:CountofIncidentTicketsKPI:SyntheticTransx Health

KPIsandHealthscoresconstitutethemeansbywhichServicesaremonitored.

KeyPerformanceIndicators(KPIs)

26

KPI:ASplunksavedsearchdefinedinSplunkITSIthathelpsmonitoraspecificfieldlikeCPU,Memoryandsoon.KPIsarecontainedwithinServices.

ServiceHealthScores

27

AHealthscoreisascorefrom0-100thathelpsdeterminethehealthofaService.ItiscalculatedbasedonallKPIsimportanceanditsstatusonceeveryminute.

Capabilities&Features

ServiceAnalyzer,GlassTables,DeepDives

29

ServiceAnalyzer:AutogeneratedfilterableandtiledviewofServicehealthscoresandKPIs

GlassTables: CustomizablefreeformdrawingdashboardstoviewhealthscoresandKPIsofchoicewithvisualtoolstocreatecontext

DeepDives:Swimlaneanalysisdashboardtoshowallthose indicatorsovertimeforinvestigations

MultiKPIAlerts,NotableEvents

30

MultiKPIAlerts:Correlationsearchesonservicedegradation

NotableEvents:EventframeworkforMultiKPIAlerts

ITSIDemo

WhatMakesSplunkITSIDifferent!

32

Search-Based KPIs• Easytowrite,manageandchangebothservices andKPIs

• Reflects business andtechnologypriorities

• Benefit:RapidlygenerateandchangeKPIstoalignservicehealthwithbusiness

• Fiserv – 1000s injustweeks

FullFidelityService Health

• Adaptableandflexibledefinitions ofservicehealth

• Onesolution togoseamlesslyfromservicereportstorootcause, includingrawdata

• Remainsadaptableandyetstillmaintainscompletehistoricalcontext

UniversalDataPlatform

• Datadriven:AllITdataincludingevents,metricsandlogs

• Schemaon-the-Fly• Askanyquestion ofthedata

• Fasttimetovalue

• Datafidelity

CustomersLeadingTheWay

WhyEnterprisesUseSplunkforITOperations

IncreasedUptimeto99.9%Availability

ReducedMTTRfrom2-3daystofewminutes

ImprovedMarginsbyprotectingmillionsin

ad-revenue

ConsolidatedToolsbyretiring27monitoring

solutions

OptimizedCapacitybysaving$500KinSW,HW&licenses

DrivesInnovationwithusageanalyticson

productfeatures

35

Unifiedinsights:dataintegrationsfromothertools

11,000to100s

Reducedincidenttickets

AlertingonserviceKPI’sinsteadof

serverperformance

Usagebaselinestoidentifyanomalies

SplunkITServiceIntelligenceat

36

Server-basedtoServices-basedmonitoring

Top-downanddeep-diveservice insights

200+servicesand1500+KPIsmonitored

FlexiblecreationandmodificationofservicesandKPIs

AlertingonserviceKPIsinsteadof

serverperformance

Real-time,holisticandproactive“client”view

SplunkITServiceIntelligenceat

SplunkITServiceIntelligenceat

37

Replacedhome-growntools

Real-timeserviceinsights toLOBs

Reducedtimetoresolution

WrapUp

TroubleshootingContinuous Deployment

ApplicationManagement

Service Monitoring

SplunkistheBackboneofModernIT

PlatformforMachineData

AVAILABLENOW!Tryit: SPLUNK.COM/ITSIFree.InSplunkCloud.

Meetme@theAsktheExpertBarat16:00

Driving Service Intelligence that creates measurable insight and value

Colin FergusonDirector, Market Specialists

What’s My Role?

AdministratorManager Programmer

Service Owner

Architect

Executive

Whatwehear…

“Service Intelligence is new to us. How do we get started?”

“Do you have best practices to help us with Service Intelligence?”

Splunk IT Service Intelligence

SPLUNKITSERVICEINTELLIGENCE

Time-seriesIndex

PlatformforMachineData

DynamicServiceModels

Schema-on-read DataModel CommonInformationModel

At-a-GlanceProblemAnalysis

EarlyWarningonDeviations

SimplifyIncidentWorkflows

Driving Service Intelligence

Bring Subject Experts Together

Design BeforeConfiguring

Driving Service Intelligence

Start with a Problem worth

solving

Start with a Problem worth

solving

Driving Service IntelligenceHow Critical?

Which customers are impacted?

How are they impacted?

Does the service drive revenue?

Who is the business owner?

How Complex?

How often are we experiencing problems?

What systems are impacted?

How quickly is it being resolved?

Who is involved to resolve?

Bring Subject Experts Together

Driving Service Intelligence

CollaborationisKeyEscalation Manager

Enterprise ArchitectAdministrators

Business functions

Performance indicators

Common business issues

Frequency of issues

Business impact of issues

Service OwnersCommon issues

Performance indicators

Resolution processes

Tools used for resolving issues

Frequency of issues

IT impact of issues

Current tools and usage, and adoption levels

Splunk expertise

Environment expertise

Business processes

Key inputs and outputs

Technology architecture

Data architecture

Common issues

Design Before Configuring

Metrics

Components

Supporting Data

Driving Service Intelligence

DesignMethodology:ServiceDecomposition

Start With Business Function & Flow

DefineScope & Depth

Link Supporting Technology

Start with Business Function & Flow

Measure health and impact 73%-36%

Gaining Service IntelligenceService Layer Supply Chain

Infrastructure LayerServer ©Server

Business Layer Order Entry ShippingManufacturing Fulfillment

Application Layer EDI

Middleware Database

Online Store

Web Tier

Bringing it all together - KPIsService Layer Supply Chain

Infrastructure LayerServer ©Server

Application Layer Online Store EDI

Web Tier Middleware Database

Business Layer Order Entry ShippingManufacturing Fulfillment

ServiceHealth

Unit Count Unit Failures

Service Level Delivery Time

Online OrdersOnline Revenue

Service Health

CPU LoadMemory UsedDisk UsedIO Latency

CPU LoadMemory UsedDisk UsedIO Latency

Service Health Service Health

Total OrdersTotal RevenueService Health

A flying start to Service Intelligence

Start With A problem worth solving

Collaborate with Subject Matter Experts

Design Before Configuring

We’re here to help!Harness the creativity and domain knowledge of your

organization to unlock the value of data and solve an important Business Service problem through a joint service

intelligence workshop with key stakeholders

Define methods for:› Proactive service monitoring› Reduced risk and failures› Faster issue resolution› Increased business performance

What is it? › 1 Day Onsite Workshop› Tightly linked with value› Collaborative approach› Build your own Glass Table

57

SEPT26-29,2016WALTDISNEYWORLD,ORLANDOSWANANDDOLPHINRESORTS

• 5000+IT&BusinessProfessionals• 3daysoftechnicalcontent• 165+sessions• 80+CustomerSpeakers• 35+Apps inSplunkAppsShowcase• 75+TechnologyPartners• 1:1networking:AskTheExpertsandSecurityExperts,BirdsofaFeatherandChalkTalks

• NEWhands-on labs!• Expandedshowfloor,DashboardsControlRoom&Clinic,andMORE!

The7th AnnualSplunkWorldwideUsers’Conference

PLUSSplunkUniversity• Threedays:Sept24-26,2016• GetSplunkCertifiedforFREE!• GetCPEcreditsforCISSP,CAP,SSCP• Savethousands onSplunkeducation!