Author Archive

Tableau and Splunk Announce Strategic Technology Alliance

Jointly developed integration brings together the power of visual analytics and real-time machine data

Splunk Inc., provider of the leading software platform for real-time operational intelligence, and Tableau Software (NYSE: DATA), a global leader in rapid-fire, easy-to-use business analytics software, today announced a strategic alliance to leverage the power of advanced visual analytics and real-time machine data. As part of a joint technology investment, the latest version of Tableau software includes Splunk® Enterprise as a native data source using Splunk’s recently launched ODBC driver.

“Tableau is the most widely recognized provider of visual analytics software,” said Guido Schroeder, senior vice president of products, Splunk. “Our alliance with Tableau extends the value that Splunk software unlocks in machine data. Using Tableau to visualize structured data with machine data in Splunk will enable people to gain new business insights.”

“Splunk leads the market in enabling organizations to collect, index and make searchable machine data from apps, servers, networks, websites and devices in real time,” said Chris Stolte, chief development officer and co-founder, Tableau Software. “Our integration lets organizations use our visual analytics software on their machine data in Splunk software. Whether it’s to find quick insights or explore machine data, it accelerates new insights for anyone using Tableau and Splunk.”

The direct connection between Splunk and Tableau provides the following benefits:

Makes it easier for Tableau users to visualize machine data and find new insights – Users can now leverage Tableau to visualize machine data from Splunk Enterprise, enabling new business insights from a rapidly growing class of data.

New source of valuable data now available to more people – People can now access a new source of valuable machine data with Splunk Enterprise. These capabilities are complementary to the real-time and historical visualizations and analytics across large data sets in Splunk Enterprise.

Correlate machine data with other structured data- The integration enables users to correlate, analyze and visualize machine data with other structured data for advanced business analytics.

Splunk Enterprise Selected as Symantec’s Security Investigation Platform

Splunk Software to Help Investigate Security Incidents and Ensure Compliance

Splunk Inc., provider of the leading software platform for real-time operational intelligence, today announced that Symantec (NASDAQ: SYMC) has selected Splunk® Enterprise 6 to help bolster its security intelligence operations. Through this partnership, Symantec will centralize, monitor and analyze security-related data in Splunk Enterprise to help investigate incidents and detect advanced threats. Symantec will also use Splunk software to ensure comprehensive compliance with Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI DSS).

“With today’s threat landscape, it’s critical that we react quickly to identify and respond to any type of threat, especially advanced threats that continue to increase in complexity” said Julie Talbot-Hubbard, chief security officer, Symantec. “Our efforts, in combination with Splunk software, demonstrate that we are implementing best practices to not only protect our customers and partners, but also help with addressing critical customer problems.”

“Symantec is more than a valued Splunk customer, they also are a strong partner as together we help businesses and organizations tackle the toughest cybersecurity threats in the world,” said Haiyan Song, vice president of security markets, Splunk. “We look forward to seeing the Symantec security team’s accomplishments with Splunk software.”

Splunk Doubles License Capacity for Entry-level Customers

Encourages New Users to Analyze Additional Valuable Data Sources

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time operational intelligence, today announced that it is doubling license capacity at entry levels for Splunk® Enterprise. Doubling capacity enables Splunk customers to take more advantage of the hidden value in their machine data. They can more easily address their security, IT operations and application management use cases and correlate additional disparate data sources. Splunk customers can now leverage the award winning power of Splunk Enterprise more broadly across their organizations and drive further adoption of Splunk as their platform for machine data.

“From the start, we have believed in offering a free download so anyone can explore and analyze machine data at no cost. Now, we are doubling capacity for entry level customers, to further increase their ability to adopt Splunk software, explore new use cases and realize rapid return on investment,” said Godfrey Sullivan, Chairman and CEO, Splunk. “By enabling Splunk customers to analyze more data, we are further delivering on our mission to make machine data accessible, usable and valuable to everyone.”

The increased capacity applies to all new licenses up to 20 GB of daily indexing capacity. Splunk Enterprise U.S. licensing now starts at $4,500 for a 1 gigabyte (GB)/day perpetual license and $1,800 for a 1 GB/day annual term license. Splunk is also offering recent customers of Splunk Enterprise who purchased licenses up to 20 GB/day a special limited-time promotion to capitalize on the new license capacity levels.

Splunk customers can deploy Splunk Enterprise on-premises, in private or public clouds and in virtualized environments. A free version of Splunk Enterprise is available as a download for anyone indexing up to 500 MB/day and also as an Amazon Machine Image (AMI) through the AWS Marketplace, where organizations can use Splunk software without the hassle of building and maintaining a physical infrastructure. Click here to download Splunk Enterprise.

Splunk does not charge for data sources, data types, number of users, number of searches or alerts, or total data stored – instead maintaining the simple, straightforward pricing based on daily indexing volume that fosters adoption across organizations. For more details, please visit the pricing page on the Splunk website or contact Splunk Sales. Pricing varies by region.

Stalk Cyberattackers with the Latest Splunk App for Enterprise Security

New Visualizations Significantly Reduce Time to Incident Detection and Response

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time operational intelligence, today announced version 3.0 of the Splunk® App for Enterprise Security, which empowers security professionals to stalk cyberattackers. New visualizations enable advanced threat detection, resulting in a significant reduction in the time to incident discovery and response. The Splunk App for Enterprise Security also includes a new threat intelligence framework, support for new data types, data models and pivot interface.

Threat detection speed and accuracy can be deciding factors in whether an attack becomes a massive data breach or a success story for security teams. In order to know and understand attacks as they unfold, organizations must collect any data that may be security relevant and correlate it with business data that can provide context for security events. Splunk Enterprise 6 and the Splunk App for Enterprise Security 3.0 combine to form a security intelligence platform that can support advanced security analytics at scale for even the largest IT environments, in real time. Watch the Splunk App for Enterprise Security demo to learn more about the latest release and the Splunk for Security video to better understand Splunk software’s role in organizations’ security infrastructure.

“The new Splunk App for Enterprise Security helps security professionals connect the dots to catch cyberattackers, watching their every step by enabling customers to monitor all data and see potentially malicious activity patterns,” said Steve Sommer, chief marketing officer, Splunk. “The new visualizations enable both Splunk power users and newcomers to perform complex actions needed to find and report on data anomalies and outliers. The threat intelligence framework in the Splunk App for Security delivers something security information and event management (SIEM) systems do not — all threat feeds in a single view with de-duplicated threat information. These new enhancements can create tremendous efficiencies for security teams whose number one goal is to identify and react to threats in as little time as possible.”

“The Splunk App for Enterprise Security provides the flexibility and customization necessary for an incident responder, security professional or SOC to pull the information they need to the surface quickly,” said Adrian Sanabria, senior security analyst, 451 Research. “Researching a security incident is stressful enough – being able to identify threats through a simple point-and-click interface and easily create alerts is essential. The Splunk App for Enterprise Security helps the security professional work incidents and perhaps discover the source of an intrusion in as little time as possible.”

Customers Slash Threat Response Times with Security Solutions from Splunk

IDT Corporation (NYSE: IDT) is a leading telecommunications and payment services provider that is using Splunk Enterprise 6 and the Splunk App for Enterprise Security as the backbone of its security infrastructure.

“Splunk software already helped IDT security teams cut incident response times from minutes to seconds, and the new version of the Splunk App for Enterprise Security will further improve our security posture for internal and external threats,” said Golan Ben-Oni, chief security officer and senior vice president of network architecture, IDT. “One of the biggest improvements in this new version is the new visualizations which make it easier for our security investigators who aren’t Splunk experts to get their hands on all of the data. The threat intelligence framework is also a welcome addition, as it will allow us to not only view all of our feeds in one place but also eliminate duplicated information on new threats.”

The Splunk App for Enterprise Security takes full advantage of the features available in Splunk Enterprise 6. New features include:

New Visualizations: Security professionals can visually correlate data to identify anomalous behavior, providing a starting point for security investigations. Once an unusual data pattern for a person, application or system is identified, the analyst is never more than three clicks away from the raw data and can create a notable event for investigation and analysis workflows.

Threat Intelligence Framework: Organizations subscribing to threat intelligence feeds can organize and de-duplicate the data to make it more useful to security teams, instead of just viewing the data like most SIEM products.

Data Models and Pivot Interface: Anyone can create, save or export new, custom visualizations or reports without being an advanced Splunk user or having any knowledge of Splunk’s search processing language (SPL). Splunk Enterprise 6 and the Splunk App for Enterprise Security includes a large catalog of visualizations as a starting point and developers can create custom visualizations using the programming language of their choice with the powerful web framework.

Support for New Data Types and Threat Feeds: All data is security-relevant, and the Splunk App for Enterprise Security supports making decisions quickly with the context of business activity by supporting traditional log data, flow data, packet capture data, industrial control system data, external threat intelligence feeds and other business data that may be in databases.

Splunk Enterprise Named Best Big Data Analytics Solution

Government Security News 2013 Homeland Security Awards Recognize Critical Impact of Machine Data on Security Posture for Public Sector Organizations

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time operational intelligence, today announced that Splunk® Enterprise has been named the Best Big Data Analytics Solution in the GSN: Government Security News 2013 Homeland Security Awards.

“Splunk is honored to be recognized by GSN as the leading big data analytics solution, and we share the honor with all those who use Splunk software in mission-critical Homeland Security projects,” said Bill Cull, vice president of public sector, Splunk. “Modern security is far from simple because all data is relevant to security investigations. As a big data security intelligence platform, Splunk software enables customers to collect, search, visualize and analyze massive streams of machine data so that they can identify and act on threats in real time.”

“The director of the FBI recently noted that cybersecurity is one of the largest and most dangerous threats public sector organizations will face in the near term,” said Chuck Brooks, vice president and client executive for Department of Homeland Security (DHS), Xerox. “It is great to see that entries for the GSN awards, like Splunk Enterprise and the Splunk App for Enterprise Security, are at the cutting edge of cybersecurity solutions across the threat spectrum.”

The award winners were selected by a panel of judges that included Brooks; Scott Greiper, president of Secure Strategy Group; Paul Goldenberg, CEO of Cardinal Point Strategies and member of the Homeland Security Advisory Council (HSAC); and Matt Johnson, cybersecurity expert and veteran of the Department of Defense Intelligence Community.

GSN specializes in news, analysis, interviews, new products and technologies in all aspects of homeland security, from access control and airport security to biometrics, border protection, disaster recovery, emergency preparedness, IT security, maritime and port security, rail security, security services, state and local governments and urban security.

Splunk App for VMware Wins Top Honors for Server Virtualization

App for VMware and Splunk Enterprise Recognized by Virtualization Review in “Editor’s Choice” Awards

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time operational intelligence, today announced that Splunk® App for Vmware has won the Editor’s Choice award for the Server Virtualization category in Virtualization Review’s 2014 Reader’s Choice Awards. Customers rely on the Splunk App for VMware for proactive health monitoring, operational insights such as performance, capacity and security analytics, and to correlate VMware data with data from all other technology tiers for true end-to-end visibility.

“In the information age, data is king, and Splunk is able to process lots of it coming from just about any source – OS, apps, hardware – and make sense of it all,” said Michael Domingo, editor-in-chief, Virtualization Review. “The simplicity with which it offers up that data to users is why it earned a spot on the 2014 Virtualization Review Editor’s Choice in the category of Server Virtualization.”

“Splunk is honored to be recognized by Virtualization Review with an award that demonstrates the value that the Splunk App for VMware provides customers in resolving challenges in virtualized environments,” said Leena Joshi, senior director of solutions marketing, Splunk. “This recognition, coupled with the app’s popularity among Splunk’s customers, confirms that virtualized datacenters value the ability to gain operational insights about their virtualization layer in context of data from all their other technology tiers.”

Virtualization Review is the first and only print publication solely devoted to IT virtualization and cloud technologies. The 2014 awards are chosen by the readers of Virtualization Review and presented to vendors in 16 categories ranging from Mobile Virtualization and Cloud Storage to Business Continuity and Virtualization Automation. E-mail invitations were sent to Virtualization Review readers in October 2013 to vote on more than 400 products.

Responses were collected during a two-week period. A team of editors reviewed the results to ensure that they legitimately came from Virtualization Review readers. Vendors were excluded from the voting process and were not, in anyway, allowed to solicit votes.

Splunk Announces Acquisition of Cloudmeter

Adds Innovative Solution for Network Data Capture to Award-Winning Platform for Machine-Generated Big Data

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time operational intelligence, today announced it has acquired Cloudmeter, Inc., a provider of network data capture technologies. The addition of Cloudmeter will enhance the ability of Splunk customers to analyze machine data directly from their networks and correlate it with other machine-generated data to gain insights across Splunk’s core use cases in application and infrastructure management, IT operations, security and business analytics.

“The increasing complexity of enterprise applications and infrastructure makes network data a valuable source of data for operational intelligence,” said Godfrey Sullivan, Chairman and CEO, Splunk. “Cloudmeter has a strong technical team with deep networking expertise. They have built a robust, highly scalable solution that will allow our customers to easily capture network data, either on-premises or in the cloud. We look forward to integrating Cloudmeter technology into Splunk’s platform for machine data.”
Founded in 2007, Cloudmeter was one of the early companies to identify the value in the massive amounts of data that flow through organizations’ networks. Cloudmeter helps customers harvest network traffic to create actionable insights across a broad range of use cases.

“Our focus has been to develop innovative solutions that enable easier access to and insight from network data,” said Michael Dickey, founder, CEO and CTO, Cloudmeter. “Network data is a major contributor to the growth of big data and we are excited to join Splunk. We look forward to developing new capabilities that will help customers realize the full potential of their network and other machine-generated big data.”
Terms of the transaction were not disclosed. The transaction was funded with cash from Splunk’s balance sheet.

Splunk Drives Operational Intelligence with Amazon Web Services

Splunk Enterprise 6 and Hunk Now Available on AWS Marketplace; Splunk Releases New Version of Splunk App for AWS

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time operational intelligence, today announced the availability of new Amazon Machine Images (AMIs) for Splunk® Enterprise 6 and Hunk™: Splunk Analytics for Hadoop. The new AMIs further accelerate the speed at which organizations can deploy Splunk software and gain critical visibility into their cloud-based applications and data. Splunk also released the new version of the Splunk App for Amazon Web Services (AWS), which leverages the newly announced AWS CloudTrail, a new service that logs all AWS API calls, to enable organizations to improve monitoring, security and compliance across all applications and infrastructure running in AWS. The Splunk Enterprise AMI and Hunk AMI are available in the AWS Marketplace. The Splunk App for AWS is available on Splunk Apps.

“Splunk Cloud, Splunk Storm and the new AMIs demonstrate our continued commitment to cloud computing and our innovative work with AWS,” said Leena Joshi, senior director of solutions marketing, Splunk. “Organizations are rapidly moving their applications to the cloud, and AWS is the leader in cloud computing. The release of AMIs for Splunk Enterprise and Hunk makes it easy for customers to use Splunk products in AWS so machine data is accessible, usable and valuable to everyone across the organization. The new version of the Splunk App for AWS will help organizations increase visibility into their cloud deployments by combining AWS access, usage and billing data to provide security intelligence along with operational and business insights.”

“We are very excited about the new Splunk offerings on AWS,” said Terry Wise, Director, Worldwide Partner Ecosystem, AWS. “Enterprise customers with large Hadoop deployments can gain significant benefits from the Hunk AMI, which enables them to explore and interact with analytics of raw Hadoop data including Amazon Elastic MapReduce data. The availability of the Splunk Enterprise AMI, coupled with the pre-built Splunk App for AWS, empowers customers to gain insights from machine-generated data across a range of uses, including operational monitoring, billing, security and compliance.”

“Adobe is pleased to be working closely with AWS and Splunk to give us more insight into our cloud deployments,” said Kenny Cheng, manager of cloud operations, Adobe. “The alignment between Splunk and AWS will give us greater visibility and control while also helping us maximize value from our IT investments.”
“It is thrilling to see two of our most strategic vendors, AWS and Splunk, aligning resources and products to make an even bigger impact at FamilySearch,” said Gary Stokes, director of product engineering, FamilySearch. “Combining the ease and affordability of AWS with the speed and analytic precision of Splunk software makes it easier for us to provide crucial visibility into our cloud deployments and to gain operational intelligence.”

AMIs for Splunk Enterprise and Hunk let users benefit from standardized, preconfigured instances that can be rapidly accessed in the Amazon Elastic Compute Cloud (EC2). The Hunk AMI works on most leading Hadoop distributions including Amazon Elastic MapReduce (EMR), enabling customers to interactively explore, analyze and visualize data in these Hadoop clusters.

Splunk’s updated version of the Splunk App for AWS integrates with the newly announced AWS CloudTrail to provide analytics including operational analysis, security threats and compliance reporting, and billing and usage analyses. Users can combine data about AWS usage and access with other data in Splunk Enterprise to have complete visibility into operational and security postures.