Splunk > live Melbourne

A while ago a college of mine was looking around and investigating possible tools and came across Splunk, so we signed up  for an account and joined the newsletter. Last week I attended the Splunk > live Melbourne convention.  So being new to the product I attended the 101 presentations.

From first glance the product looked impressive. Its ability to consolidate multiple data sources from logs on a switch to database connections and server logs to deliver real time reports for business analysis. Splunk’s only had a footprint in Australia for the past 5 years and looks to continue to build customers as more  and more find value in its powerful reporting capabilities. Its been used by a number of fortune 500 companies and here in Australia by one of our major banks and a major online sports betting agencies.

The key to Splunk is thinking of it as a search engine. So rather then model the data then save it and then report on predefined filters, just add the data source to Splunk and then you define how and what you want to see. If you ask me what the one thing I have taken away form this was I found a new way of thinking about how reporting can be build from a search query and the “Google” way that Splunk does its magic.

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s