TechValidate Research on Splunk

Challenges

• Solved the following challenges with Splunk:
  • Difficulty troubleshooting/analyzing/fixing IT issues quickly
  • Difficulty correlating disparate events across IT infrastructure
  • Difficult to track and monitor external web behavior
  • Difficult to track and monitor internal users behavior

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • File system audit logs
  • Host or network security, IDS, IPS, firewall proxy
  • OS logs from hosts and applications
  • Server, desktop, database and application user activity logs
  • Infrastructure data: Network switch, router and load balancer
  • IP backbone
• Manages 1TB – 10TB data with Splunk.
• Deployed Splunk in two weeks or more.

Results

• Responds to issues and incidents 80+% faster with Splunk.
• Reduced service outages by 50-60% by achieving real-time monitoring with Splunk.
• Reduced escalations by Up to 10% with Splunk proactive monitoring.
• Identified security incidents 80+% faster with Splunk real-time monitoring.
• Splunk provided the following business and IT benefits:
  • Reduced overall system downtime through proactive detection
  • Avoided security incidents
  • Improved understanding of security risk and its impact upon the business
  • Eliminated spending on different tools and saved maintenance costs
  • Passed PCI or other compliance audit
  • Improved infrastructure visibility to better utilize capacity

Testimonials

Challenges

• Solved the following challenges with Splunk:
  • Provide security reporting

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • File system audit logs
  • Content delivery network data
  • System metrics
• Manages hundreds of GB of data with Splunk.
• Deployed Splunk in one week or less.

Results

• Responds to issues and incidents 80+% faster with Splunk.
• Reduced service outages by 40-50% by achieving real-time monitoring with Splunk.
• Reduced escalations by 80+% with Splunk proactive monitoring.
• Identified security incidents 80+% faster with Splunk real-time monitoring.
• Splunk provided the following business and IT benefits:
  • Avoided security incidents
  • Detected and reduced fraudulent activity/behavior

Testimonials

Challenges

• Solved the following challenges with Splunk:
  • Difficulty troubleshooting/analyzing/fixing IT issues quickly
  • Difficulty tracking transactions across the entire infrastructure

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • Java applications and application servers
• Manages hundreds of GBs of data with Splunk.

Results

• Reduced service outages by achieving real-time monitoring with Splunk.
• Reduced escalations by 40-50% with Splunk proactive monitoring.
• Splunk provided the following business and IT benefits:
  • Improved service delivery
  • Enabled staff to focus on revenue generating activities in addition to triage/ troubleshooting

Testimonials

Challenges

• Solved the following challenges with Splunk:
  • Difficulty troubleshooting/analyzing/fixing IT issues quickly
  • Inability to track and report on SLAs or key performance indicators across the business
  • Multiple monitoring/reporting tools inefficient and inaccurate
  • Difficulty tracking transactions across the entire infrastructure
  • Performance and/or availability issues with infrastructure or applications
  • Difficult to track and monitor external web behavior
  • Difficulty analyzing trends and patterns across large amounts of historical data

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • File system audit logs
  • OS logs from hosts and applications
  • Java applications and application servers
  • .Net applications and application servers
  • Server, desktop, database and application user activity logs
  • Service bus or other SOA middleware
• Manages hundreds of GBs of data with Splunk.

Results

• Responds to issues and incidents 70-80% faster with Splunk.
• Reduced service outages by 30-40% by achieving real-time monitoring with Splunk.
• Reduced escalations by 30-40% with Splunk proactive monitoring.
• Splunk provided the following business and IT benefits:
  • Reduced overall system downtime through proactive detection
  • Increased customer satisfaction scores and retention rates
  • Delivered better measurement and reporting of service levels
  • Provided end-to-end visibility across the entire application stack
  • Improved application performance
  • Improved service delivery
  • Enabled staff to focus on revenue generating activities in addition to triage/ troubleshooting

Challenges

• Solved the following challenges with Splunk:
  • Siloed and unconnected IT infrastructure and applications
  • Difficulty troubleshooting/analyzing/fixing IT issues quickly
  • Difficulty determining whether an issue is an IT ops issue or a security issue
  • Inability to answer ad hoc requests and questions by using data
  • Difficulty tracking transactions across the entire infrastructure
  • Difficulty correlating disparate events across IT infrastructure
  • Meeting compliance mandates

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • Storage system: NAS, SAN or similar data
  • Host or network security, IDS, IPS, firewall proxy
  • Virtualization environment: Hyper-V, Xen, VMware
  • Infrastructure data: Network switch, router and load balancer
• Manages 500GB – 1TB data with Splunk.
• Deployed Splunk in one day or more.

Results

• Reduced service outages by 0-10% by achieving real-time monitoring with Splunk.
• Reduced escalations by Up to 10% with Splunk proactive monitoring.
• Identified security incidents < 10% faster with Splunk real-time monitoring.
• Splunk provided the following business and IT benefits:
  • Improved understanding of security risk and its impact upon the business
  • Eliminated spending on different tools and saved maintenance costs
  • Improved infrastructure visibility to better utilize capacity
  • Delivered better measurement and reporting of service levels
  • Improved the partnership between development and operations

Testimonials

Challenges

• Solved the following challenges with Splunk:
  • Difficulty troubleshooting/analyzing/fixing IT issues quickly
  • Difficulty analyzing trends and patterns across large amounts of historical data
  • Splunk Provided us with easy to understand reports on our usage trends

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • Virtualization environment: Hyper-V, Xen, VMware
  • Java applications and application servers
  • System metrics
  • Infrastructure data: Network switch, router and load balancer
• Manages 1TB – 10TB data with Splunk.
• Deployed Splunk in more than one week.

Results

• Responds to issues and incidents 50-60% faster with Splunk.
• Reduced service outages by 40-50% by achieving real-time monitoring with Splunk.
• Reduced escalations by 80+% with Splunk proactive monitoring.
• Identified security incidents 60-70% faster with Splunk real-time monitoring.
• Splunk provided the following business and IT benefits:
  • Reduced overall system downtime through proactive detection
  • Avoided security incidents
  • Improved understanding of security risk and its impact upon the business
  • Provided immediate visibility into key business metrics and analytics
  • Improved infrastructure visibility to better utilize capacity
  • Improved application performance
  • Detected and reduced fraudulent activity/behavior

Testimonials

Challenges

• Solved the following challenges with Splunk:
  • Difficulty troubleshooting/analyzing/fixing IT issues quickly
  • Inability to track and report on SLAs or key performance indicators across the business
  • Multiple monitoring/reporting tools inefficient and inaccurate
  • Difficulty tracking transactions across the entire infrastructure
  • Difficulty correlating disparate events across IT infrastructure
  • Performance and/or availability issues with infrastructure or applications

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • Java applications and application servers
  • .Net applications and application servers
• Manages 500GB – 1TB data with Splunk.
• Deployed Splunk in a few hours or less.

Results

• Responds to issues and incidents 80+% faster with Splunk.
• Reduced service outages by 50-60% by achieving real-time monitoring with Splunk.
• Splunk provided the following business and IT benefits:
  • Provided immediate visibility into key business metrics and analytics
  • Improved infrastructure visibility to better utilize capacity
  • Delivered better measurement and reporting of service levels
  • Provided end-to-end visibility across the entire application stack
  • Improved application performance
  • Detected and reduced fraudulent activity/behavior

Testimonials

Challenges

• Solved the following challenges with Splunk:
  • Siloed and unconnected IT infrastructure and applications
  • Difficulty determining whether an issue is an IT ops issue or a security issue
  • Difficulty tracking transactions across the entire infrastructure
  • Difficulty correlating disparate events across IT infrastructure
  • Difficulty analyzing trends and patterns across large amounts of historical data

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • File system audit logs
  • Host or network security, IDS, IPS, firewall proxy
  • OS logs from hosts and applications
  • Virtualization environment: Hyper-V, Xen, VMware
  • Java applications and application servers
  • .Net applications and application servers
  • Server, desktop, database and application user activity logs
  • Infrastructure data: Network switch, router and load balancer
  • Hosted/ outsourced environments (EC2, MSSPs)
  • Active Directory data
• Manages Less than 500GB data with Splunk.
• Deployed Splunk in one week or less.

Results

• Responds to issues and incidents 60-70% faster with Splunk.
• Reduced service outages by nothing by achieving real-time monitoring with Splunk.
• Reduced escalations by 40-50% with Splunk proactive monitoring.
• Identified security incidents 80+% faster with Splunk real-time monitoring.
• Splunk provided the following business and IT benefits:
  • Eliminated spending on different tools and saved maintenance costs
  • Supplied role-specific, dashboard views to give appropriate data access to users without compromising security
  • Provided immediate visibility into key business metrics and analytics
  • Improved infrastructure visibility to better utilize capacity
  • Delivered better measurement and reporting of service levels
  • Provided end-to-end visibility across the entire application stack
  • Enabled staff to focus on revenue generating activities in addition to triage/ troubleshooting

Testimonials

Challenges

• Solved the following challenges with Splunk:
  • Difficulty troubleshooting/analyzing/fixing IT issues quickly
  • Inability to track and report on SLAs or key performance indicators across the business
  • Multiple monitoring/reporting tools inefficient and inaccurate
  • Difficulty tracking transactions across the entire infrastructure
  • Difficulty correlating disparate events across IT infrastructure
  • Inability to provide views and dashboards from machine data to non-IT users
  • Difficulty analyzing trends and patterns across large amounts of historical data

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • File system audit logs
  • Host or network security, IDS, IPS, firewall proxy
  • OS logs from hosts and applications
  • Virtualization environment: Hyper-V, Xen, VMware
  • Java applications and application servers
  • .Net applications and application servers
  • Ruby on Rails applications and application servers
  • System metrics
  • Server, desktop, database and application user activity logs
  • Infrastructure data: Network switch, router and load balancer
  • Active Directory data
  • Mail server or Exchange server data
• Manages Less than 500GB data with Splunk.
• Deployed Splunk in three days or less.

Results

• Responds to issues and incidents 80+% faster with Splunk.
• Reduced escalations by 20-30% with Splunk proactive monitoring.
• Splunk provided the following business and IT benefits:
  • Eliminated spending on different tools and saved maintenance costs
  • Supplied role-specific, dashboard views to give appropriate data access to users without compromising security
  • Improved infrastructure visibility to better utilize capacity
  • Delivered better measurement and reporting of service levels
  • Improved the partnership between development and operations
  • Provided end-to-end visibility across the entire application stack
  • Enabled faster time to market for developing applications

Testimonials

Challenges

• Solved the following challenges with Splunk:
  • Difficulty troubleshooting/analyzing/fixing IT issues quickly
  • Difficulty determining whether an issue is an IT ops issue or a security issue

Use Case

• Uses the following data sources to perform its analysis with Splunk:
  • File system audit logs
  • Desktop/endpoint security data
  • Host or network security, IDS, IPS, firewall proxy
  • OS logs from hosts and applications
  • Infrastructure data: Network switch, router and load balancer
• Manages 100TB – 500TB data with Splunk.
• Deployed Splunk in two weeks or more.

Results

• Reduced escalations by Up to 10% with Splunk proactive monitoring.
• Splunk provided the following business and IT benefits:
  • Passed PCI or other compliance audit
  • Detected and reduced fraudulent activity/behavior

Testimonials