News

Splunk Named Worldwide IT Operations Analytics Software Market Share Leader in New Report

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced it has been named the worldwide IT Operations Analytics (ITOA) software market share leader for 2014 in a new report by IDC, a leading provider of global IT research and advice. The IDC report* states Splunk® software and cloud services claimed the top market share with 28.7 percent. This is IDC’s first study of vendor revenues and market shares in the emerging ITOA software market, which is experiencing rapid growth.

According to the IDC report authored by Tim Grieser and Mary Johnston Turner: “The company achieved rapid growth driven by expansion in log management and analysis capabilities delivered via its software and cloud service. The number of data sources and use cases continued to expand along with increases in customer data volumes, driving increased adoption. Splunk has invested in solutions for Hadoop, mobile, real-time wire, security and cloud, among other data sources.” Additionally, “Splunk supports pre-packaged content and visualization for a variety of analytics use cases including IT operations, APM, mobile and IoT. This is making Splunk-based analytics available to an increasing variety of IT and business users.”

“Splunk helped pioneer the ITOA market and we look forward to accelerating our ITOA leadership with the introduction of our newest solution — Splunk IT Service Intelligence,” said Rick Fitz, senior vice president of IT markets, Splunk. “IDC’s report validates our analytics-driven approach to address complex customer requirements across the enterprise. With IT Service Intelligence, Splunk Enterprise and Splunk Cloud, IT and business users can realize the value Splunk analytics can deliver from machine data that legacy solutions were not designed to handle.”

Splunk Enterprise and Splunk Cloud enable organizations to consolidate silos of machine data and use analytics to improve IT service health, reduce costs, resolve problems faster and drive critical business decisions. Splunk IT Service Intelligence (ITSI), an IT monitoring and analytics solution, provides new levels of visibility into key performance indicators of IT services. Splunk ITSI utilizes advanced analytics powered by machine learning to highlight anomalies, provide predictive insights, detect root causes and pinpoint areas of impact.

Visit the Splunk website to learn how Vodafone’s operations team uses analytics from Splunk ITSI to gain real-time insights in the Vodafone case study, and to learn more about IT Operations Analytics with Splunk Enterprise and Splunk Cloud.

* Worldwide IT Operations Analytics Software Market Shares, 2014: Special Report (doc #US40619915, November 2015)

Splunk Achieves ISO 27001 Certification for Splunk Cloud

Customers Continue to Win as Splunk Cloud Release Strategy Focuses on Agile, Cloud-First Releases

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced it has achieved the International Organization for Standardization’s information security standard 27001 (ISO 27001) certification for Splunk® Cloud. The ISO/IEC 27001:2013 certification is an international standard that formally outlines requirements for an information security management system (ISMS) to help protect and secure organizations’ data. The certification is in addition to Splunk Cloud’s SOC2 Type II attestation and provides additional third-party validation of the security practices and procedures of Splunk Cloud. Splunk Cloud’s certifications for SOC2 Type II and ISO/IEC 27001:2013 currently apply to Splunk Cloud environments provisioned for data ingested over 20GB/day.

“Stringent data security and data integrity are fundamental design principles of Splunk Cloud,” said Marc Olesen, senior vice president and general manager of cloud solutions, Splunk. “Achievement of ISO 27001 certification is a result of our focus on information security management, compliance with international standards and delivery of an easy-to-use cloud service that helps customers worldwide quickly gain value with full confidence.”

Splunk Cloud Driving Customer Value

Splunk’s investment in building easy-to-use cloud services continues to drive significant value to customers on a journey to the cloud. Splunk’s cloud-first product release strategy enables rapid delivery of new features and increased functionality to Splunk Cloud customers. The latest cloud release includes increased security controls and enhancements to the HTTP Event Collector to give organizations expanded ability to collect cloud data sources. Customers can deploy Splunk Cloud alongside Splunk Enterprise for a single, centralized view across their machine data.

“From day one, Splunk Cloud has given us actionable, data-driven intelligence, and Splunk’s cloud-first release process ensures we always have the leading-edge cloud-based SIEM solution,” said George Do, CISO, Equinix. “With Splunk Enterprise Security in the cloud, we are getting comprehensive SIEM functionality, the economics and simplicity of software as a service, and outstanding availability and security. As a result, we are able to reduce roughly 20 billion raw events into about 20 actionable alerts per month and investigate security incidents 30 percent faster – all while realizing a 50 percent TCO savings compared to legacy SIEM solutions.”

Splunk Cloud Customers span a wide range of verticals, geographies and company sizes, and gain value across a diverse range of use cases including security, IT operations, fraud, business analytics and the Internet of Things.

Splunk Enterprise Security 4.0, Splunk UBA and the Splunk App for PCI Compliance 3.0 Now Generally Available

Splunk Enterprise Security and Splunk UBA Are a Leap Forward in Detecting and Responding Throughout the Lifecycle of Security Attacks

Splunk Inc, provider of the leading software platform for real-time Operational Intelligence, today announced the general availability of Splunk Enterprise Security 4.0 (ES), Splunk User Behavior Analytics (UBA) and the Splunk App for PCI Compliance 3.0. Splunk® ES includes major updates to help organizations track attackers’ actions with streamlined ad hoc analyses and event sequencing. Splunk UBA delivers out-of-the-box capabilities driven by machine learning and advanced analytics to help detect cyberattacks and insider threats. The Splunk App for PCI Compliance helps organizations verify their compliance to the Payment Card Industry Data Security Standards (PCI DSS).

“Splunk is the nerve center for security, enabling our customers to detect, understand and take rapid, coordinated action across the organization,” said Haiyan Song, senior vice president of security markets, Splunk. “Splunk Enterprise Security lets analysts visually correlate events over time and better communicate details of multi-stage attacks. Splunk UBA uses machine learning to help spot the most dangerous offenders. Together, they create a powerful defense that is further strengthened by hundreds of security apps available to Splunk customers on Splunkbase.”

Splunk ES Helps Organizations Detect, Scope and Respond to Advanced Attacks

Splunk ES 4.0 tackles multi-stage attacks with improved breach detection and response as well as improved collaboration through an extensible analytics framework. New features and benefits include:

– Investigator Journal keeps track of ad hoc searches and activities to streamline analysis of multi-stage attacks associated with breach detection and response.
– Investigator Timeline allows individual analysts to place any event, activity or annotation within a visual timeline to better understand and communicate the cause and effect of events and the details of advanced multi-stage attacks.
– Investigator Timeline also allows different security team members to place events, actions and annotations onto the visual timeline to share their analysis and understanding of the scenario to collaboratively investigate incidents, problems and breaches.
– Enterprise Security Framework allows customers, vendors and third parties to create, access and extend ES functionality with their own apps that can run within ES and utilize features such as the alert management, risk scoring, threat intelligence, and identity and asset frameworks.

Learn more about Splunk ES 4.0 on the Splunk website. Splunk ES 4.0 requires Splunk Cloud or Splunk Enterprise version 6.3.x.

Splunk UBA Adds a New Layer of Defense

Splunk UBA uses unsupervised machine learning, multi-entity behavior baselines, peer group analytics and advanced correlations to improve detection of cyber-attacks and insider threats. Benefits include:

– Helps detect anomalous behavior by users, devices and other entities within the enterprise, and then discover and combine patterns of anomalies into specific, actionable threats.
– Increases security analysts’ effectiveness by helping them to focus upon meaningful threats and malicious activities using kill chain visualizations.
– Operationalizes security through integration with the larger family of Splunk products, including rapid analysis of data from Splunk Enterprise and automatic creation of alerts in Splunk ES 4.0 for easy to manage incident response.

Learn more about Splunk UBA on the Splunk website.

Splunk App for PCI Compliance Measures the Effectiveness of PCI

Splunk App for PCI Compliance 3.0 is designed to help organizations verify their PCI compliance posture by reviewing and measuring the effectiveness and status of their technical controls. It can also identify and prioritize any control areas that need attention and lets organizations quickly address auditor requirements. Features include:

– New reports and searches covering the PCI DSS 3.1 standard.
– Updated user interface and additional technology add-ons.
– Built on the Enterprise Security Framework to take advantage of the alert management, risk scoring, threat intelligence, and identity and asset frameworks.

Learn more about the Splunk App for PCI Compliance on Splunkbase.

New Splunk App for AWS Announced at AWS re:Invent 2015

Splunk and FINRA to Present How Organizations Gain End-to-End Visibility in Large-Scale AWS Environments

AWS re:Invent 2015 and SAN FRANCISCO – October 6, 2015 – Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced the new release of the Splunk App for AWS at AWS re:Invent 2015. The new version of the app transforms AWS CloudTrail, AWS Config, Amazon CloudWatch, and now Amazon Virtual Private Cloud (Amazon VPC) Flow Logs into easy-to-use dashboards that provide comprehensive security, compliance and operational insights into Amazon Web Services (AWS) environments.

“The new Splunk® App for AWS provides leading enterprises with additional visibility and security as they move mission critical workloads to the cloud with confidence,” said Marc Olesen, senior vice president of cloud solutions, Splunk. “As they efficiently and productively deploy and manage AWS environments, enterprises benefit from end-to-end visibility and the ability to monitor user activity, resource changes, topology and network traffic flows. We are excited to show organizations how this can be done with Splunk cloud solutions at AWS re:Invent 2015.”

“Splunk is an excellent example of a company that leverages rapid, continuous innovation to the benefit of AWS customers,” said Terry Wise, vice president of channels and alliances, Amazon Web Services. “With the Splunk App for AWS, customers can further simplify their operational and security intelligence by centralizing their machine data into easy-to-use dashboards.”

“The Splunk App for AWS succeeded in providing us an effortless click through experience in configuring and monitoring all our AWS logs. Using the Splunk App for AWS we are able to visualize and represent our data in a way that makes sense to developers, system administrators and security professionals in one easy to manage interface. The new VPC Flow logging is an exciting and new added bonus that finally gives us insight into intra-VPC and inter-VPC traffic patterns,” said Nathan J Gibson, product privacy and security lead, ADT.

New Splunk Security Solutions Advance as the Nerve Center for Security

Splunk Takes Organizations’ Security Posture to the Next Level with Splunk Enterprise Security 4.0 and Splunk User Behavior Analytics

Splunk Inc, provider of the leading software platform for real-time Operational Intelligence, today announced a leap forward in detecting and responding across the entire lifecycle of modern security attacks. Splunk® Enterprise Security 4.0, formerly named the Splunk App for Enterprise Security, includes major updates to help organizations track attackers’ steps through streamlined ad hoc analyses and event sequencing. Splunk is also announcing Splunk User Behavior Analytics (UBA), a new solution developed from the acquisition of Caspida, Inc. Splunk UBA delivers out-of-the-box capabilities driven by machine learning and advanced analytics to detect cyberattacks and insider threats. Splunk Enterprise Security 4.0 and Splunk UBA will be generally available by October 31, 2015.

“When critical networks are under assault, every second counts. Splunk security solutions give an edge to security teams by improving attack and breach detection and incident response,” said Haiyan Song, senior vice president of security markets, Splunk. “Many customers consider Splunk solutions to be their nerve center for security because they help enable teams to leverage their entire security technology stack and utilize their data to detect, understand and take rapid, coordinated action across the organization. Splunk Enterprise Security lets analysts visually correlate events over time and communicate details of multi-stage attacks. Splunk UBA uses machine learning to help spot the most dangerous offenders – advanced attackers including malicious insiders.”

“Splunk is the trailblazer in security analytics and is continuing its path of innovation with Splunk Enterprise Security and Splunk UBA,” said Robert Herjavec, Founder and CEO, Herjavec Group. “Splunk solutions continue to help us protect our clients from rapidly changing attack techniques. Splunk Enterprise Security 4.0 represents another significant step in how we help our clients tackle multi-stage attacks while Splunk UBA promises to illuminate anomalies using disparate machine data to defend against the most dangerous breaches, those responsible for most of the headlines.”

”Splunk continues to address analytics-driven security through product developments and strategic acquisitions,” said Scott Crawford, research director, 451 Research. “Splunk Enterprise Security is designed to help practitioners conduct more efficient investigations and provides a new open framework that further supports a growing ecosystem of partners. Splunk User Behavior Analytics extends threat detection for customers through data science and machine learning.”

Splunk Enterprise Security Helps Organizations to Detect, Scope and Respond to Advanced Attacks

Splunk Enterprise Security 4.0 (ES) tackles multi-stage attacks with improved breach detection and response as well as improved collaboration through an extensible analytics framework. New features and benefits include:

– Investigator Journal keeps track of ad hoc searches and activities to streamline analysis of multi-stage attacks associated with breach detection and response.
– Investigator Timeline allows individual analysts to place any event, activity or annotation within an investigation timeline to better understand, visualize and communicate the cause-and-effect of events and the details of advanced multi-stage attacks. For example, users could apply the kill chain within the timeline during investigations.
– Investigator Timeline also allows different security team members to place events, actions and annotations into the timeline to share their perspective of the scenario to collaboratively investigate incidents, problems and breaches.
– Enterprise Security Framework allows customers, vendors and third parties to create, access and extend ES functionality with apps that can run within ES and access functionality such as the alert management, risk, threat intelligence, and the identity and asset frameworks.

Splunk Enterprise Security 4.0 requires Splunk Cloud or version 6.3 of Splunk Enterprise.

Splunk UBA Adds a New Layer of Cyber Defense

Building upon technology recently acquired with Splunk’s purchase of Caspida, Inc., Splunk UBA uses machine learning, behavior baseline, peer group analytics and advanced correlations to improve breach detection. Benefits include:

– Improve detection of cyberattacks and insider threats.
– Increase security analysts’ effectiveness by helping them to focus upon meaningful threats with malicious activities using a kill chain visualization.
– Operationalize security by rapidly getting data into Splunk UBA and streamlining incident response by leveraging the proven power of Splunk solutions.

Go to the Splunk website to learn more about Splunk UBA.

Splunk Introduces Splunk IT Service Intelligence

New IT Monitoring and Analytics Solution Delivers Immediate Value to IT with Advanced Analytics and Powerful Visualizations; Available as Software or a Cloud Service

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced Splunk IT Service Intelligence (ITSI). Splunk ITSI builds upon Splunk’s deep product expertise and recognized customer value in IT Operations by introducing a solution that provides breakthrough visibility into the health and key performance indicators of IT services. This new solution delivers a central, unified view of critical IT services and leverages advanced analytics driven by machine learning to highlight anomalies, detect root cause and pinpoint areas of impact. Experience the power and innovation of Splunk solutions and try the Splunk ITSI online sandbox today.

“With Splunk ITSI, we wanted to build on how customers were already using the Splunk platform for IT troubleshooting and monitoring and deliver a complete solution for IT professionals,” said Rick Fitz, senior vice president of IT markets, Splunk. “IT teams now have an innovative data-driven approach to more effectively manage the new world of hybrid, cloud and software-defined everything in the data center. Splunk ITSI is in a class of its own because it provides both high-level monitoring and deep-dive troubleshooting and analytics in one solution, available as either software or a cloud service.”

“Traditionally, the end-to-end performance of systems and apps supporting digital strategies is difficult for the business team to monitor against SLAs and KPIs they have established without bolting this view together with a variety of products,” according to Maureen Fleming, vice president of BPM and middleware research, IDC. “Being able to track, monitor and produce a business view of performance from a single offering is critical in today’s world of technology-enabled innovation.”

Splunk Customers Unlock Insights On Business-Critical Services

More than a dozen Splunk customers have run Splunk ITSI over several months in production environments. Splunk ITSI customers report having greater insight into their IT services, less downtime and disruption to their customers, and improved service levels.

“AdvancedMD has more than 13,000 daily global users who initiate claims, and Splunk IT Service Intelligence enables us to both know there is a problem at a high level and also see the depths of all of these interactions and fix issues immediately,” said Tyler Germer, director of information technology, AdvancedMD. “Splunk IT Service Intelligence was delivering insights days after installing, instead of the months it can take with legacy monitoring solutions. Splunk ITSI helps us ensure that the claims service stays up and running at all times.”

“Splunk IT Service Intelligence gives us the actionable insights we need to keep our business-critical services running smoothly and it was up and running in days instead of months,” said Daniel Nye, chief technology officer, Surrey Satellite Technology. “By mapping KPIs to critical service components, we have discovered and resolved problems that we did not know we had. For example, by identifying a previously undetected issue with our document management system, we have significantly sped up the document checkout process, delivering real-time savings to the business.”

“Splunk IT Service Intelligence gives Vodafone a real-time understanding of how our services are performing overall and at the more granular level,” said Andre Casper, solution owner operational analytics, Vodafone. “We have KPIs mapped to critical service components and can provide relevant insights to stakeholders across the business, including management, service owners and the security team. The glass table visualizations in Splunk ITSI make it quick and easy to identify and resolve any issues, preventing any impact on our users. Now we can be much more proactive about our services.”

Read more about Vodafone’s success with Splunk ITSI in the Vodafone case study on the Splunk website.

Empowering IT to Uncover and Act on Data-Driven Intelligence

Splunk ITSI is a patented, enterprise-class monitoring and analytics solution that provides new levels of visibility into the health and key performance indicators of IT services. Built on the powerful Splunk platform, Splunk ITSI scales to collect and index terabytes of real-time and historical events and metrics, across multi-datacenter and cloud-based infrastructures. Splunk IT Service Intelligence:

– Delivers a central, unified view of critical IT services for powerful, data-driven monitoring.
– Maps critical services with KPIs to easily pinpoint what matters most.
– Utilizes advanced analytics powered by machine learning to highlight anomalies, detect root cause and pinpoint areas of impact.
– Supports drill down into the data for rapid issue investigation and resolution.

Learn more about Splunk ITSI or sign up for an online sandbox trial on the Splunk website.

Splunk Continues Innovation with Splunk MINT, Splunk Light and Hunk Updates

Splunk Kicks Off Day Two of .conf2015: 6th Annual Splunk Worldwide Users’ Conference with Major Mobile, Cloud and Big Data Enhancements

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced updates to several products including Splunk MINT™, Splunk Light™ and Hunk®.

“At .conf2015, we are showcasing innovations across our entire portfolio of software and cloud solutions, and Hunk, Splunk Light and Splunk MINT are important pillars of our customers’ overall data strategy,” said Shay Mowlem, vice president product management and product marketing, Splunk. “Splunk MINT and Hunk help organizations gain value from two of the fastest-growing sources of data, mobile data and historical data in Hadoop. Small IT teams can also now utilize Splunk Light as a cloud service.”

Hunk: Splunk Analytics for Hadoop

Hunk 6.3 is a full-featured, integrated analytics platform used to interactively explore, analyze and visualize big data in Hadoop and Amazon S3. Go to the Hunk page on the Splunk website to download the Hunk sandbox or to sign up for a free trial. Benefits include:

– Drive down total cost of ownership for Splunk users who can archive historical data from Splunk Enterprise to HDFS and Amazon S3 on commodity hardware for low-cost long-term storage and use Hunk to perform analytics on the historical data transferred to Hadoop.
– Splunk users can leverage the advanced analytics and visualization capabilities they know and love in Splunk Enterprise on the data stored in Hadoop without needing to learn a new solution.
– Analyze data transferred from Splunk Enterprise to Hadoop using third-party Hadoop tools such as Hive and Pig without needing to transform or replicate data.

Splunk Light

Splunk Light is now available as a cloud service, starting at just $90 per month, and delivers the power of Splunk to small IT environments. This full-featured log search and analysis solution makes harnessing machine data even more accessible to small IT environments by eliminating the time and expense of server purchasing, setup and maintenance. Try the free trial of Splunk Light as a cloud service. Benefits include:

– Gain real-time log search and analysis for tactical troubleshooting by collecting, indexing, monitoring, searching, alerting and analyzing any log data in real time from one place.
– Priced for small IT environments, with access to global support and a passionate community of users.
– Easily upgrade to the full Splunk Enterprise or Splunk Cloud for seamless transition to the platform for real-time Operational Intelligence.

Splunk MINT

Splunk MINT runs as an application on top of Splunk Enterprise and now, Splunk Cloud, to deliver enhanced Operational Intelligence with mobile data for developers, operations and product management. Splunk MINT delivers Mobile Intelligence to improve the mobile app user experience. Learn more about Splunk MINT on the Splunk website. Benefits include:

– More developer insight with Stacktrace graphs and screen tracking that offers real-time insight into how users are engaging your app and how many users are affected by performance problems.
– Detailed user analytics including events, screen tracking and user flows that provide powerful feedback to Splunk MINT users.
– Additional mobile app support for hybrid mobile applications that integrate HTML5 web browsers with native mobile OS capabilities.

Splunk Accelerates Momentum in Industrial Data and Internet of Things

New Product Capabilities, Customer Success and Growth in Partner Ecosystem Fuel Continued Expansion into Growing, New Market

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced accelerated momentum in Industrial Data and Internet of Things (IoT). The trend is driven by Splunk’s continued investment in its products and partner ecosystem as well as the creativity of customers and the flexibility to deploy Splunk IoT solutions as software, cloud services or in a hybrid environment. Customers are using Splunk® solutions to collect and correlate data from control systems, sensors, mobile devices and IT systems for a variety of Industrial Data and IoT use cases. These use cases include operational efficiency, predictive maintenance, industrial cybersecurity and asset analytics.

“It has been great to see the success our manufacturing teams are achieving with Splunk solutions,” said Saul Llamas, manufacturing test engineering manager, Zebra Technologies. “Our teams have been able to bring value to their own operations by using Splunk Enterprise and its powerful data collection, analytics and visualization capabilities to improve manufacturing quality, customer experience and ultimately our products.”

New Splunk Enterprise 6.3 features and community and partner apps further expand the applicability of Splunk solutions for Industrial and IoT use cases. New features include the HTTP event collector to collect IoT data at scale, new customer alert actions to trigger custom data-driven actions in third-party applications and the Machine Learning Toolkit and Showcase (preview) for advanced analytics. Splunk also has a wide-ranging ecosystem of partners in the Internet of Things including Bluvision, Carvoyant, Citrix Octoblu, CQCloud, DGLogik, Falkonry, Kepware, N3N, Wizcore and Xively by LogMeIn, all of which are demonstrating technology or solutions at .conf2015.

“From trains, planes and automobiles to manufacturing floors, our customers are leading the way with their innovative use of Splunk solutions for Industrial Data and Internet of Things,” said Snehal Antani, chief technology officer, Splunk. “The Internet of Things transforms the way organizations leverage machine data and gain insights from it. The product investments that we have made along with our growing IoT ecosystem will further expand Splunk’s role in these use cases and accelerate the value realized from Splunk solutions.”

For more information about using Splunk for Industrial Data and the Internet of Things, visit the Internet of Things solution page of the Splunk website.

Sydney’s Splunk User Group

When: Wednesday, 16 September 2015
Time: 5.00pm-7.00pm
Location : Level 1 @ Angel Hotel, 125 Pitt Street, Sydney

The next meet up for the Sydney Splunk User Group is coming up.

Get along to the meet up and hear how a leading ISP uses Splunk to ingest machine data from telco systems and provide business information to various business teams.

Here’s the agenda:

5:00 PM Welcome & Networking
5:30 PM ISP use case
6:00 PM Q & A
6:30 PM Close – Pizza/Beer

Click the link to join the Sydney Splunk User Group, and RSVP to this event:

http://www.meetup.com/Splunk-Meetups/events/225002318/

Looking forward to seeing you there.

Canberra Splunk User Group Meetup

When: Thursday, 17 September 2015
Time: 4.30pm-6.30pm

The next meet up for the Canberra Splunk User Group is coming up.

At this meet up we will hear from Ashley Hartage, Senior Network Security Engineer at Verizon Enterprise Solutions. Ashley will be presenting on using SNMP for polling devices to track signature updates and versions.

Click the link to join the Canberra Splunk User Group, and RSVP to this event:

https://usergroups.splunk.com/group/canberra-splunk-user-group.html

Looking forward to seeing you there.