Splunk (the product) captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
Splunk aims to make machine data accessible across an organization and identifies data patterns, provides metrics, diagnoses problems and provides intelligence for business operation. Splunk is a horizontal technology used for application management, security and compliance, as well as business and web analytics. Splunk has over 5,200 licensed customers in 74 countries, including more than half of the Fortune 100.
The company was started in 2003 by co-founders Michael Baum, Rob Das and Erik Swan. The name "Splunk" is a reference to exploring caves, as in spelunking. Splunk is based in San Francisco, with regional operations across EMEA and Asia and has over 900 employees. Splunk is venture funded, having raised 40 million USD by 2007 and became profitable in 2009. In 2012, Splunk had its initial public offering, trading under NASDAQ symbol NASDAQ: SPLK. In September 2013, the company announced the agreement to acquire Bugsense, a leading analytics solution for machine data generated by mobile devices.
Splunk's core product Splunk Enterprise (also called Splunk), can perform real-time and historical search, as well as reporting and statistical analysis. The product can index structured or unstructured textual machine-generated data. Search and analytics operations are specified using SPL (Search Processing Language), created for managing machine-generatedbig data. Originally based upon Unix Piping and SQL, its scope includes data searching, filtering, modification, manipulation, insertion, and deletion.
In 2011, Splunk introduced Splunk Storm, a cloud-based version of the core Splunk product. Splunk Storm offers a turnkey, managed and hosted service for machine data.
In 2013, Splunk announced a product called Hunk: Splunk Analytics for Hadoop, which supports accessing, searching, and reporting on external data sets located in Hadoop from a Splunk interface.
In 2013, Splunk announced that Splunk Storm would become a completely free service and expanded its cloud offering with Splunk Cloud.
Splunk offers its main software in two license types: —an Enterprise License designed for companies and large organizations, and a gratis License designed for personal use. The freeware version is limited to 500 MB of data a day, and lacks some features of the Enterprise license edition.
As of the release of Splunk Cloud, Splunk Storm is free and includes 20GB of data storage.
Notable Use Cases
Splunk originated as a tool primarily aimed at IT/Operations use cases, but has expanded its reach to additional use cases.
"MetroPCS, a leading North American telecoms operator, is using Splunk to index data from firewalls, intrusion detection systems and web servers to identify network abusers and take corrective action..."
SaaS provider Ceryx uses Splunk to track and manage email flow issues.
Denver Water's IT team uses Splunk to see failure trends and address them ahead of time.
Splunk was used to analyze open data made available through Bangkok's Metropolitan Administration Department of Drainage and Sewage. Using the Splunk architecture, a system was implemented that monitors and sends out alerts to subscribers of the system to alert them as water levels rise so that they can prepare and evacuate as necessary
Eglin Air Force Base uses Splunk to monitor usage of elevators, security doors, light switches, wall mounted thermostats, and air conditioners in its facilities and then analyzes the collected data to determine usage patterns and identify when energy usage can be moderated.
Nest Labs, makers of the wifi-enabled Nest thermostat uses Splunk to analyze the thermostat data from hundreds of thousands of customers to improve device performance.
Medical device manufacturer iRhythm uploads remote monitor data to Splunk to check on performance of its products.
An unnamed elevator company uses Splunk to monitor its customers' elevator usage patterns and uses the information to decide whether to offer different plans to certain customers.
Splunk is used for a variety of security purposes.
University of Connecticut uses Splunk to analyze security log data and generate a "security score" based on various security metrics including use of anti-virus and OS patch level, which is then used to advise and educate the users in question.
Splunk is used by federal and state agencies to automate review and analysis of security and network log data so that security issues can be addressed quickly.
"Barclay's banking group's security division is using Splunk, a big data technology tool, to help it comply with an increasingly complex regulatory environment and is also looking to roll out the technology across a number of other business units."
Credit Suisse uses Splunk to monitor data coming from servers, databases, firewalls, etc.
"Monster Worldwide, parent company of the popular Monster.com job website, has chosen Splunk software to manage security, monitoring and compliance efforts for its online hosting business..."
Australian online bookmaker Sportsbet uses Splunk to generate reports for PCI auditors that can be used to assess compliance with the standards.