News

Splunk and Kepware Alliance Accelerates New Insights from Industrial Data

Breakthrough Integration Enables Organizations to Realize Greater Value from Industrial Systems Including SCADA Systems

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, and Kepware Technologies, developer of software solutions for Industrial Automation and Controls, today announced the availability of Kepware’s Industrial Data Forwarder (IDF) for Splunk. The forwarder, a plug-in for the widely deployed KEPServerEX® platform, enables customers to send industrial data from sensors, devices and control systems to Splunk® Enterprise and Splunk Cloud™.

Splunk users can easily collect, search and analyze industrial data to improve operations, accelerate troubleshooting, perform preventative maintenance, strengthen security posture and improve productivity. The integration between Splunk Enterprise and KEPServerEX breaks down the industrial data and IT data silos to deliver new real-time insights that were previously unavailable. The solution enables easily configured access to the data produced by devices including PLCs, RTUs, PACs, DAQs and legacy controllers, communicating via more than 150 proprietary industrial protocols.

“The combination of Splunk’s machine data platform and Kepware’s Industrial Data Forwarder opens up a new frontier in analyzing industrial data,” said Tapan Bhatt, vice president of business analytics, Splunk. “Industrial data holds great promise for a diverse range of industries including automotive, manufacturing and oil and gas. With Splunk and Kepware, these organizations have a new way to easily collect, correlate and explore industrial data at scale.”

“Kepware’s solutions represent the backbone of industrial data collection across a variety of industries,” said Brett Austin, president, Kepware Technologies. “As customers demand deeper insights from this data, our alliance with Splunk provides a unique and turnkey big data analytics solution to address their growing needs.”
“Given the diversity of devices and the variety of protocols in the Internet of Things market, getting insights from industrial systems has historically been a challenge to scale,” said Vernon Turner, senior vice president, IDC. “The combination of Splunk and Kepware creates an interesting alliance that ties industrial systems communications expertise together with a secure and scalable data collection, storage and analytics platform.”

To learn more about how to integrate Splunk Enterprise or Splunk Cloud with industrial data and the Internet of Things, please visit http://www.splunk.com/iot. To download Kepware’s Industrial Data Forwarder (IDF) for Splunk Plug-In, please visit http://info.kepware.com/idf-for-splunk.

Splunk MINT Extends Operational Intelligence to Mobile Apps

Splunk MINT Express Enables High Performing and Reliable Mobile Apps, Splunk MINT Enterprise Now in Beta

Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, today announced the general availability of Splunk® MINT Express and the beta of Splunk MINT Enterprise. The two new offerings empower Splunk customers to gain greater Operational Intelligence from mobile apps. Splunk MINT Express, a cloud service, gives mobile application developers a fast path to application intelligence with analytics on app quality, usage and performance. Splunk MINT Enterprise further extends this capability by integrating mobile application data with data in Splunk Enterprise or Splunk Cloud so customers can gain end-to-end visibility and perform real-time, omni-channel application analytics. Watch the video to see Splunk MINT Express and Splunk MINT Enterprise in action, sign up for a 15-day free trial of Splunk MINT Express and join the Splunk MINT Enterprise beta program.

“Splunk MINT Enterprise and Splunk MINT Express, the first new products from our Bugsense acquisition, not only help our customers build more reliable, better performing mobile apps but also harness mobile app data for new, strategic IT and business insights,” said Guido Schroeder, senior vice president of products, Splunk. “In a mobile-first world, mobile app performance and quality are mission-critical. At the same time, data from mobile apps that provides insights into user behavior and usage characteristics becomes even more valuable when combined with data from other channels, including web and laptop applications, to provide full visibility of user interactions across multiple channels.”

“Mobile applications have become increasingly critical to business success, but approaches to monitoring performance, usage and effectiveness tend to focus on developers or IT,” said Julie Craig, research director, Application Management, Enterprise Management Associates. “Splunk, with its mobile intelligence offerings, offers a unique approach that can support the cross channel insights needed by developers, IT operations and the business.”

Splunk MINT Express

Splunk MINT Express offers developers a fast path to mobile application intelligence. Mobile app developers can quickly instrument mobile apps and view performance and usage information in an easy-to-use cloud-based console. MINT Express enables customers to:

-Instrument mobile apps with a single line of code.
-Gain real-time insight into the performance, quality and usage of mobile apps.
-Find and fix network and transaction performance issues.

“Splunk MINT Express will help ensure that our customers obtain the best performance from our mobile offerings including, CloudCompass by Cvent, CrowdTorch by Cvent and OnArrival mobile apps,” said Al Funk, director of mobile product development, Cvent. “Splunk MINT Express will help us identify unusual app performance issues before they impact our mobile users and gain new insights into user engagement, so we can continuously improve the customer experience.”

Splunk MINT Enterprise

Splunk MINT Enterprise (beta) combines mobile application data with other data in Splunk Enterprise or Splunk Cloud to provide end-to-end visibility and correlation to enable customers to:

– Identify availability and performance issues across mobile apps, networks (LTE or Wi-Fi) and back-end systems.
– Gain additional insight into how, where and when mobile apps are being utilized.
– Compare and contrast app performance and usage with web or client-based performance and usage.
– Correlate application usage across mobile, web and other channels to identify business opportunities and patterns.
– Present new insights in real time to IT and business stakeholders using a single platform.

Splunk Introduces Splunk Enterprise 6.2

New Release Extends Powerful Splunk Analytics to a Broader Number of Users and Delivers Improved Scalability

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced Splunk® Enterprise 6.2, the latest version of the award-winning platform for machine data. Splunk Enterprise 6.2 delivers simplified analysis and powerful pattern detection that enables more users across IT and the business to discover relationships in their data and build advanced analytics. The new release also reduces total cost of ownership by improving scalability of concurrent searches and eliminating shared storage requirements. Splunk Enterprise 6.2 will be generally available as software for on premises, cloud or hybrid deployments, and as a cloud service through Splunk Cloud on Tuesday, October 28. Sign up for the Splunk Online Sandbox to get a free private workspace in the cloud.

“Splunk Enterprise 6.2 gives easier, more intuitive analysis to casual and less technical users, through enhanced automated discovery of valuable patterns in the machine data. It is the latest advancement in our focus to deliver stronger IT and business insights through powerful, yet easy-to-use, analytics that can be created and used across the organization,” said Guido Schroeder, senior vice president of products, Splunk. “With improved scalability, elimination of shared storage requirements, and a new Distributed Management Console, Splunk Enterprise 6.2 will also drive greater efficiency for the thousands of organizations that rely on Splunk to gain operational intelligence.”

“As the complexity of deploying and managing IT infrastructures continues to intensify, there is a growing demand for analytics platforms that enhance visibility and extend insights,” said Tim Grieser, program vice president, Enterprise System Management Software, IDC. “The latest Splunk Enterprise release, featuring analytics creation for non-specialist users and unique pattern detection capabilities, builds on past successes to focus on these requirements.”

Customers Expect to Add New Users with Improved Scalability

Customers say Splunk Enterprise 6.2 will enhance the return on investment they already experience with the Splunk platform by putting analytics in the hands of even more users, both Splunk power users and non-technical employees. New features including instant pivot, enhanced event pattern detection and improved scalability are key to driving more use across the enterprise:

“Splunk Enterprise 6.2 introduces blockbuster features that will enable us to achieve even deeper levels of operational intelligence across our entire global network for IT ops, security, compliance and business analytics,” said Abdallah Mohammed, data architect, Intuit. “The search head, multi-site clustering and instant pivot in Splunk Enterprise 6.2 will allow us to provide a broader set of users with the ability to perform machine data analytics.”

“Data-driven insights are critical to delivering the outstanding level of service that our customers expect, and the new features in Splunk Enterprise 6.2 will help us gain these insights faster and more easily,” said Mathias Herzog, system engineer, PostFinance. “Improved event pattern detection makes it even simpler for non-technical users to discover meaningful patterns in our data, while the enhancements to search head clustering will enable us to gain more from our investment in Splunk Enterprise by putting it in the hands of even more users.”

Key features in Splunk Enterprise 6.2 include:

Easier Data Onboarding and Preparation

– New intuitive wizard makes it easier to onboard any machine data. New interfaces guide users through previewing, onboarding and preparation of machine data for downstream analysis.
– Advanced Field Extractor delivers simplified identification, naming and tagging of fields in machine data for rapid analysis.

More Powerful Analytics for Everyone

-Instant Pivot allows anyone to pivot directly from any search, enabling powerful analysis and rapid creation of dashboards without knowledge of Splunk Search Processing Language.
-Enhanced event Pattern Detection speeds analysis by automatically discovering meaningful patterns in underlying machine data.
-Prebuilt Panels enable faster dashboard creation by providing the ability to create, package and share reusable dashboard building blocks.

Simplified Management at Scale

– Search head clustering advancement reduces total cost of ownership by increasing concurrent user capacity and eliminating shared storage requirements. Also improves redundancy and replication of search results.
– Distributed Management Console delivers a new interface to centrally monitor the health and performance of distributed Splunk Enterprise deployments.

Splunk Enterprise 6.2 can be downloaded starting at 5 a.m. PT, Tuesday, October 28 at the following link: http://www.splunk.com/download

Splunk your wire-level data with Splunk App for Streams

In December 2013 Splunk announced the acquisition of Cloudmeter, a company collecting data directly from network traffic. From that acquisition has arisen the new Splunk App for Streams, which allows the easy capturing, filtering, indexing and analysis of wire-level data in Splunk.

The Splunk App for Stream consists of two components. An agent sits inside of the network stack of the operating system. All network traffic for that operating system instance passes through this agent, and it can capture any portion of that traffic and forward it to the Splunk datastore. The second component is a user interface that allows the user to specify the application from which to collect data and the fields within that stream for that application to capture.

By using a software agent connected to physic and virtual switch SPAN ports you can also capture traffic from across the entire network.

The app includes a fine-grained way to control which network streams are being captured straight from the user interface so that license costs can be controlled and non-useful data discarded.

Rivium’s experienced Splunk engineers are available to assist you with installing and configuring this app, and then making use of this oft ignored source of security and operational data.

Press release

New Release of Splunk App for Enterprise Security Drives the Analytics-Enabled Security Operations Center

Splunk Executive Showcases Latest Version during Keynote at RSA Conference Asia Pacific & Japan 2014

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced the general availability of version 3.1 of the Splunk® App for Enterprise Security. Recently named a Leader in the 2014 Gartner Magic Quadrant for Security Information and Event Management, Splunk introduces a new risk scoring framework in the Splunk App for Enterprise Security to enable easier, faster threat detection and containment by empowering users to assign risk scores to any data. The app also includes new features to help users connect and visualize data on the fly and introduces guided search to make security analytics more accessible to a broad range of users without requiring knowledge of programming languages or command syntax. Splunk customers who have purchased the app can download version 3.1 of the Splunk App for Enterprise Security on Splunk Apps. New users are encouraged to contact Splunk sales.

Haiyan Song, vice president of security markets, Splunk, will highlight the important role the Splunk App for Enterprise Security plays within analytics-driven security teams in her keynote at RSA Conference Asia Pacific & Japan 2014. Song’s keynote, “The Analytics-enabled Security Operations Center – Best Practices for Improving Incident Response and Breach Investigation,” begins at 9:50 a.m. SGT, Wednesday, July 23 in the Grand Ballroom of the Marina Bay Sands in Singapore. Splunk experts will also be at booth #P2 throughout RSA Conference Asia Pacific & Japan 2014 with hands-on demonstrations of the Splunk App for Enterprise Security, Splunk Enterprise and some of the 150+ security-relevant apps available on Splunk Apps.

“Adapting quickly to new attack techniques is the key for modern cybersecurity warriors, and the new version of the Splunk App for Enterprise Security was built specifically to help organizations remain agile in this dynamic landscape of zero-day and previously unknown attacks,” said Song. “Risk scoring provides prioritization beyond just event data to help security teams transform security analytics by identifying the most critical threats from the massive streams of data surrounding them. We believe the app will have a profound impact on the threat detection capabilities of organizations around the world.”

“Splunk’s Enterprise Security App Version 3.1 represents a great step forward in providing security analytics to more roles across the security team. The addition of risk-based analytics and more in-depth threat intelligence, combined with the ability to connect and visualize disparate data, are extremely valuable and well aligned with the requirements we are hearing from end users,” said David Monahan, security research director, Enterprise Management Associates. “The new Guided UI allows any user to build sophisticated queries without foreknowledge of the Splunk analytics language, advancing the capabilities of every level of user, improving effectiveness and accelerating the ROI gained from Splunk.”

New features in the Splunk App for Enterprise Security focus on delivering risk-based analytics, connecting and visualizing disparate data, and enriching security analysis with threat intelligence. Key features include:
Risk-based Analytics: Enhance decision-making by applying a risk score to any data through a new Risk Scoring Framework. Helps security and IT teams prioritize, triage and be alerted to threats based on risk score, while also exposing contributing factors of the risk score to all relevant teams.

Visual Investigation: Gain faster, deeper insights across all machine data by giving users the ability to visually discover relationships by creating event swim lanes that organize and correlate all data.

Guided Search Creation: Simplify complex correlation across disparate data sources by building advanced searches in a guided user interface with little or no knowledge of any programming language or command syntax.

Domain Name-based Threat Intelligence: Adding onto the integrated Threat Intelligence Framework, which deduplicates and assigns weights to threat intelligence feeds, security teams can now integrate high-fidelity and complex URLs and domain names.

Learn more about the Splunk App for Enterprise Security on the Splunk website. Version 3.1 of the Splunk App for Enterprise Security requires version 6.x of Splunk Enterprise.

Splunk Introduces the Splunk Mobile App

New App for iPhone and iPad Enables Anyone to Use Splunk Enterprise on the Go

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced the release of the Splunk® Mobile App for iPhone and iPad. The Splunk Mobile App gives Splunk Enterprise users a powerful new way to view, interact with and share Splunk Enterprise dashboards and reports, receive real-time alerts and leverage operational intelligence on the go through a fully optimized mobile user experience. Download the Splunk Mobile App for free from the Apple App Store or go to the Splunk website.

“The Splunk Mobile App has been designed to provide our users with an incredible experience when accessing Splunk Enterprise from their iPhone or iPad,” said Sanjay Mehta, vice president of product marketing, Splunk. “Splunk deployments have become increasingly critical for our users, who now can benefit from the universal access and collaboration provided by the Splunk Mobile App. It seamlessly and securely puts operational intelligence at our customers’ fingertips, whenever and wherever they need it.”

“The Splunk Mobile App allows us to enhance the value of our Splunk Enterprise deployment by breaking down barriers to data access,” said Ant Lefebvre, senior systems engineer, Middlesex Hospital. “The ability to query Splunk dashboards and receive alerts from an iPad or iPhone gives our mobile users a very intuitive user experience with complex data.”

With the Splunk Mobile App users can:
– Conveniently access and query their machine data.
– Easily view, annotate and share dashboards and reports.
– Receive real-time alert notifications.
– Export dashboards and reports as PDF files for offline viewing.

The Splunk Mobile App is available for free on the iPhone and iPad from the Apple App Store at https://itunes.apple.com/us/app/splunk-mobile-app/id848652190?ls=1&mt=8.

The app requires Splunk Enterprise 5.x or above and the Splunk Enterprise Mobile Access Server.

To learn more about Splunk Enterprise, please visit http://www.splunk.com/6.

Splunk Named a Leader in Gartner 2014 Magic Quadrant for SIEM

Splunk Security Intelligence Platform Powers the Analytics-enabled Security Operations Center

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, today announced that it has been named a leader in Gartner’s 2014 Magic Quadrant* for Security Information and Event Management (SIEM). Gartner evaluated Splunk® Enterprise and the Splunk App for Enterprise Security, award-winning products used for security by thousands of organizations around the world.

As the report outlines, “We continue to see large companies that are re-evaluating SIEM vendors to replace SIEM technology associated with partial, marginal or failed deployments,” according to Gartner report authors Kelly Kavanagh, principal research analyst, Mark Nicolett, managing vice president, and Oliver Rochford, research director. “The greatest area of unmet need is effective targeted attack and breach detection. Organizations are failing at early breach detection, with more than 92% of breaches undetected by the breached organization. The situation can be improved with stronger threat intelligence, the addition of behavior profiling and better analytics. Most companies expand their initial SIEM deployments over a three-year period to include more event sources and greater use of real-time monitoring.”

“We believe Splunk’s position as a leader in the Magic Quadrant for SIEM reinforces the trend we are seeing that an analytics-enabled Security Operations Center (SOC) is essential and more effective at detecting and responding to today’s cyberthreats. Analytics provide the SOC and security team a holistic view by collecting, monitoring and analyzing all the data in an organization with rich enterprise and global threat context,” said Haiyan Song, vice president of security markets, Splunk. “Splunk customers are continuously transforming their operations by giving their SOC and security teams situational awareness and, more importantly, the ability to investigate and make determinations fast, which means more decisive and timely actions against attacks, advanced persistent threats, insider threats and other operational issues.”

Targeted, advanced attacks and insider threats can be detected and resolved using analytics of diverse data sets, but this data is challenging to bring into traditional SIEM deployments. Organizations use Splunk Enterprise and the Splunk App for Enterprise Security to create a security intelligence platform that leverages analytics to help find known and unknown, advanced threats. The Splunk App for Enterprise Security includes visualizations to identify anomalous behavior, a threat intelligence framework to organize and de-duplicate threat feed data and data models and a pivot interface to enable the fast creation of analytics. More than 175 security and compliance-specific apps are also available to help security teams quickly gain insights from industry-leading products from vendors including Cisco Systems, FireEye, Palo Alto Networks and more.

Gartner defines the SIEM Leaders quadrant as being, “composed of vendors that provide products that are a good functional match to general market requirements, have been the most successful in building an installed base and revenue stream within the SIEM market, and have a relatively high viability rating (due to SIEM revenue or SIEM revenue in combination with revenue from other sources). In addition to providing technology that is a good match to current customer requirements, Leaders also show evidence of superior vision and execution for anticipated requirements. They typically have relatively high market share and/or strong revenue growth, and have demonstrated positive customer feedback for effective SIEM capabilities and related service and support.”

Splunk and Syncsort Alliance Delivers Machine Data Insights from Mainframes

Alliance Unlocks Mainframe Data; Enables Collection and Analysis of IBM zOS Data

Splunk Inc., provider of the leading software platform for real-time Operational Intelligence, and Syncsort, a global leader in high-performance big data software, today announced a technical alliance to unlock insights from machine data generated by mainframe systems, a critical and major source of corporate data. The alliance enables organizations to search, analyze and visualize massive streams of mainframe data, with the simplicity, scalability and efficiency of Splunk® Enterprise and Splunk Cloud. This alliance also enables joint customers to correlate mainframe data with data across the enterprise to gain broader Operational Intelligence for the organization.

Joint customers include top Fortune 500 telcos, retailers, insurance, healthcare and financial organizations, which rely heavily on mainframes for critical business operations and have long been challenged to leverage mainframe data for valuable business insights. The alliance between Syncsort and Splunk solves this problem and enables our joint customers to get immediate visibility into mainframe data for the first time. Syncsort makes it simple to collect, transform and forward mainframe log data, such as Systems Management Facilities (SMF) records and mainframe application data into Splunk Enterprise and Splunk Cloud platforms for correlation and analysis.

“Mainframes still play a key role in many organizations’ IT infrastructures and produce a substantial amount of corporate data,” said Sanjay Mehta, vice president of product marketing, Splunk. “Our alliance with Syncsort enables organizations to more easily monitor and quickly identify potential security risks, operational or system failures, and customer financial transaction activities from all systems.”

“Many organizations rely on Big Iron for critical business applications and need to unlock operational intelligence hidden in mainframe records to gain valuable insights into the customer experience, security and other key business metrics,” said Bryan Ashley, vice president, business development, Syncsort. “This alliance will allow customers to use Syncsort’s powerful engine to efficiently collect and transform targeted mainframe data, without disrupting the mainframe operating environment, and load it into Splunk Enterprise or Splunk Cloud for real-time analytics.”

To learn more about how to integrate Splunk Enterprise or Splunk Cloud with Syncsort, please contact Splunk sales. To learn more about Syncsort, please visit www.syncsort.com/splunk. For more information about Splunk, please visit www.splunk.com.

Splunk Launches Open Data Analytics for Regulations.gov

Dashboards Shed Light on Public Sentiment; Project in Response to White House Office of Science and Technology Policy’s ‘Data to Knowledge to Action’ Initiative

SAN FRANCISCO – June 3, 2014 – Splunk Inc. (NASDAQ: SPLK), the leading software platform for real-time operational intelligence, today announced eRegulations Insights, a Splunk4Good project utilizing federal open data to collect and analyze data on public comments submitted through Regulations.gov, the portal for Federal rulemaking. eRegulations Insights was developed in response to President Obama’s Open Government Initiative and his call for technology leaders to help harness the power of open data. eRegulations Insights is a set of online public dashboards and visualizations designed to help decipher the tone of public response to regulations and legislative proposals, recognize issues of concern within public responses and identify primary influencers who are mobilizing public engagement around proposals. eRegulations Insights was developed on Splunk® Enterprise and is available now at http://eregulations.splunk4good.com.

“The cutting edge data technologies developed by innovative American companies are enabling citizens to better understand and manage the tidal wave of digital data now available to them,” said Suzanne Iacono, Deputy Assistant Director of Computer and Information Science and Engineering (CISE) at the National Science Foundation and co-Chair of the NITRD Big Data Senior Steering Group. “We are pleased that companies are leveraging open government data sources such as Regulations.gov to further promote the civic process. The innovative tools they develop can help improve access for citizens, thereby strengthening the dialogue between government and citizen.”

Splunk4Good, the social responsibility initiative at Splunk, developed eRegulations Insights in response to the Data to Knowledge to Action initiative led by the White House Office of Science and Technology Policy (OSTP). eRegulations Insights includes visualizations for specific agencies, regulatory proposals, volume of public comment by agency and significant influencers. Many of these metrics have never before been easily available to the public or regulators. eRegulations Insights includes more than 1.1 million public comments gathered from January 1, 2012 onward and is updated daily as new comments are made available.

Splunk Brings Big Data Approach to Security, Network Monitoring and the Internet of Things

SAN FRANCISCO – May 19, 2014 – Today at Cisco Live, Cisco’s annual IT and communications conference, Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence, will showcase more than two dozen sessions about how Splunk® software can make it easier to correlate machine data from the Cisco infrastructure with data across the rest of the enterprise. Demonstrations and sessions at booth #2011 include integration with Cisco® Application-Centric Infrastructure™ (ACI), security use cases with Cisco products and operational analytics for networking. Cisco Live is being held at the Moscone Center in San Francisco, CA today through May 22.

“Splunk and Cisco have a rich history of working together to help organizations maintain a stronger security posture and faster, more reliable networks,” said Colin Savage, vice president of business development, Splunk. “Our presentations at Cisco Live will explain how Splunk software and Cisco products can work together to address a wide range of use cases including network and IT operations, security, big data, application performance management and the Internet of Things.”

Splunk’s security, virtualization, storage, networking and big data experts will host a variety of sessions at the Splunk booth #2011. Click here for a full schedule. Sessions include:

Splunk for Cisco ACI: Learn how Cisco ACI brings an exciting new approach to the data center ecosystem. Splunk software and Cisco ACI integration can help to drastically reduce troubleshooting times and exceed applications and network SLAs.

The Analytics-Enabled SOC: Discover how companies are improving incident response and breach investigations by empowering every member of the SOC with analytics to combat modern attacks.

Machine Data Analytics with Splunk Enterprise: Introduces the powerful analytics capabilities of Splunk Enterprise and shows how anyone can use Splunk software to get answers to the most complex questions.

Operational Intelligence for the Internet of Things: Learn how Splunk software is being used to provide comprehensive visibility into data from all types of connected machines, including connected transportation, medical devices and other mechanical or industrial systems.