The document discusses Splunk, a software platform used for searching, analyzing, and visualizing machine-generated data. It provides an example use case of Domino's Pizza using Splunk to gain insights from data from various systems like mobile orders, website orders, and offline orders. This helped Domino's track the impact of various promotions, compare performance metrics, and analyze factors like payment methods. The document also outlines Splunk's components like forwarders, indexers, and search heads and how they allow users to index, store, search and visualize data.

1. www.edureka.co/splunkEdureka’s Splunk Certification Training
Splunk Tutorial

2. www.edureka.co/splunkEdureka’s Splunk Certification Training
What Are We Going To Learn Today?
Need For Analyzing
Machine Data
Splunk As A Data
Analytics Tool
Use Case: Dominos
Splunk Components
& Architecture
1 2
43

3. www.edureka.co/splunkEdureka’s Splunk Certification Training
Need For Data Management & Analytics
Data-Driven Decision Making
Understand customer needs to
provide better service
Alert the SysAdmins about
any security threats
Network Security
Report any failure
condition in the systems
System Failure
Improve Functionality
Analyze the data to improve
machine functionality
1
2
3
4

4. www.edureka.co/splunkEdureka’s Splunk Certification Training
But It Is Not Easy To Deal With Data Because..

5. www.edureka.co/splunkEdureka’s Splunk Certification Training
Machine Data Comes In This Form

6. www.edureka.co/splunkEdureka’s Splunk Certification Training
And It Has Many Challenges
This machine generated data is:
 Complex to understand
 In an unstructured format
 Not suitable for Analysis /
Visualization

7. www.edureka.co/splunkEdureka’s Splunk Certification Training
But Machine Data Is Valuable!
How Do We Make Use Of It?

8. www.edureka.co/splunkEdureka’s Splunk Certification Training
Splunk Can Be Used To Leverage Machine Data
Store and retrieve data for
later use
Search & Investigate a
particular outcome
Create Dashboards to visualize
& analyze results
Analyze system performance
Index Data
Data Analysis Search & Investigate
Dashboards
Troubleshoot any failure
condition
Troubleshoot
Monitor business metrics
Monitor
1
3
5
2
4
6

9. www.edureka.co/splunkEdureka’s Splunk Certification Training
Splunk For Data Analytics
Splunk is a software platform to search, analyze and visualize the machine-generated data gathered from
the websites, applications, sensors, devices etc which make up your IT infrastructure and business.
 Splunk automatically collects the data in Real-time from multiple systems
 Splunk can accept any data type like .csv, json, log formats, etc
 Splunk can give Alerts / Event notifications
 Splunk satisfies industry needs like Horizontal scalability (using many systems in parallel)
 Splunk can create Knowledge objects for Operational Intelligence
Advantages Of Using Splunk
Pull data from multiple systems in real time

10. www.edureka.co/splunkEdureka’s Splunk Certification Training
Splunk vs. Other Tools
Features Splunk Sumo Logic ELK
Searching Only possible with Integrations
Analysis Only possible with Integrations
Visualization Dashboard Only possible with Integrations
SaaS Setup
On Premise Setup
Input any data type Needs plugins
Plugins & Integration
Customer Support Available; but not proficient Available; but not proficient
Documentation & Community

11. www.edureka.co/splunkEdureka’s Splunk Certification Training
Use Case: Domino’s Pizza

12. www.edureka.co/splunkEdureka’s Splunk Certification Training
Use Case: Dominos
Omni-channel
presence
Several touch points
Multiple systems
For delivery
Huge customer
database
Less Visibility
Reactive mode
Splunk
Manual search, error
prone

13. www.edureka.co/splunkEdureka’s Splunk Certification Training
Dominos use-case
Real-time Feedback DashboardInteractive map
Promotional Support Performance MonitorPayment Process

14. www.edureka.co/splunkEdureka’s Splunk Certification Training
Dominos use-case
Real-time Feedback DashboardInteractive map
Promotional Support Performance MonitorPayment Process
• Shows all the orders coming
from across US in real time
• Brought employee satisfaction

15. www.edureka.co/splunkEdureka’s Splunk Certification Training
Dominos use-case
Real-time Feedback DashboardInteractive map
Promotional Support Performance MonitorPayment Process
• Shows all the orders coming
from across US in real time
• Brought employee satisfaction
• Employees constantly see what
customers are saying
• Helped them understand customer
expectations

16. www.edureka.co/splunkEdureka’s Splunk Certification Training
Dominos use-case
Real-time Feedback DashboardInteractive map
Promotional Support Performance MonitorPayment Process
• Shows all the orders coming
from across US in real time
• Brought employee satisfaction
• Employees constantly see what
customers are saying
• Helped them understand customer
expectations
• Used to keep score and set targets
• Compare performance with
previous week

17. www.edureka.co/splunkEdureka’s Splunk Certification Training
Dominos use-case
Real-time Feedback DashboardInteractive map
Promotional Support Performance MonitorPayment Process
• Shows all the orders coming
from across US in real time
• Brought employee satisfaction
• Employees constantly see what
customers are saying
• Helped them understand customer
expectations
• Used to keep score and set targets
• Compare performance with
previous week
• Analysed the speed of different
payment modes
• Determine error free payment
modes

18. www.edureka.co/splunkEdureka’s Splunk Certification Training
Dominos use-case
Real-time Feedback DashboardInteractive map
Promotional Support Performance MonitorPayment Process
• Track how various promotional
offers are impacting in real-time
• Initially, determining the impact of
promotions took almost a day
• Shows all the orders coming
from across US in real time
• Brought employee satisfaction
• Employees constantly see what
customers are saying
• Helped them understand customer
expectations
• Used to keep score and set targets
• Compare performance with
previous week
• Analysed the speed of different
payment modes
• Determine error free payments
modes

19. www.edureka.co/splunkEdureka’s Splunk Certification Training
Dominos use-case
Real-time Feedback DashboardInteractive map
Promotional Support Performance MonitorPayment Process
• Track how various promotional
offers are impacting in real-time
• Initially, determining the impact of
promotions took almost a day
• Shows all the orders coming
from across US in real time
• Brought employee satisfaction
• Employees constantly see what
customers are saying
• Helped them understand customer
expectations
• Used to keep score and set targets
• Compare performance with
previous week
• Analysed the speed of different
payment modes
• Determine error free payments
modes
• Monitor the performance of
Domino’s in-house developed
point of sales systems

20. www.edureka.co/splunkEdureka’s Splunk Certification Training
Companies Using Splunk
IoT devices are a major source of data. Companies dealing with IoT devices & other companies using Splunk are:

21. www.edureka.co/splunkEdureka’s Splunk Certification Training
Now Lets See How Splunk Works

22. www.edureka.co/splunkEdureka’s Splunk Certification Training
Splunk Components
 Collects the data from
remote machines
 Forwards the data to the
Indexer in real-time
 Processes the incoming data in real-
time
 Stores & Indexes the data on disk
 End users interact with
Splunk through Search Head
 Allows users to do searching,
analysis & visualization
DATA INPUT
Forwarder Indexer
SEARCHINGPARSING INDEXING
Search Head

23. www.edureka.co/splunkEdureka’s Splunk Certification Training
Lets Learn The Splunk Architecture
By Understanding How Dominos Implemented It

24. www.edureka.co/splunkEdureka’s Splunk Certification Training
Use Case: Dominos
Problem Statement
 Dominos had no clear visibility into what offer works the best – in terms of
 Offer type (for eg 10% off or $2 off)
 Cultural differences at a region level
 Device used
 Time of Purchase
 Order revenue
 They required insights on consumer behavior and customer response to offers
* The details mentioned in this slide are representative in nature and data present might not be accurate.

25. www.edureka.co/splunkEdureka’s Splunk Certification Training
Data Source For Dominos
OFFLINE ORDERS
MOBILE ORDERS
WEBSITE ORDERS
Remote Forwarder
Indexers
Search Head
PromotionalData
* The details mentioned in this slide are representative in nature and data present might not be accurate.

26. www.edureka.co/splunkEdureka’s Splunk Certification Training
Indexer For Data Storage & Processing
Parsing
(Event Parsing)
Input
(Data Input)
Indexing
(Writing to Disk)
Searching
Disk/Index
Indexer Stages
In the Parsing stage, only relevant
data is converted into events:
 Customer Region
 Order revenue
 Time of purchase
 Device used by customers
 Coupons/ Offers used
In the Indexing stage, events are sorted
and indexed for storage based on:
 Sales by Geography
 Order revenue
 Time of purchase
 Device preferred by customers
 Coupons/ Offers used
* The details mentioned in this slide are representative in nature and data present might not be accurate.

27. www.edureka.co/splunkEdureka’s Splunk Certification Training
Search Head For Analysis & Visualization
Search Head, is used to gain intelligence and perform reporting.
Dominos used it to get the following insights:
i. Which offer works in which geography?
ii. How does the customer behavior change w.r.t changes in order revenue?
iii. What time of the day is most appropriate for the offers?
India
USA
Europe
$2 offer 10% Discount
5 10 15 20
CouponUsed
Order Revenue ($)
10% Discount $2 Offer
Mobile
App
Website Offline
Timeofday
10AM - 2 PM 2PM - 7 PM 7PM - 11 PM
* The details mentioned in this slide are representative in nature and data present might not be accurate.

28. www.edureka.co/splunkEdureka’s Splunk Certification Training
Splunk’s Working Architecture
Management Console Host:
 It is a centralized configuration manager
 Can distribute configurations, apps, and content
updates to Deployment clients
Forwarders
Indexers
Search Head
Data
Input
Data
Input
Data
Input
Forwarders

29. www.edureka.co/splunkEdureka’s Splunk Certification Training
Wait!
Splunk Can Do Even Better!

30. www.edureka.co/splunkEdureka’s Splunk Certification Training
Limitations Of Universal Forwarders
There are so many
challenges in data
movement/
transfer
My machines are
generating many
TBs of Data…
Time
Cost
Bandwidth

31. www.edureka.co/splunkEdureka’s Splunk Certification Training
Limitations Of Universal Forwarders
There are so many
challenges in data
movement/
transfer
My machines are
generating many
TBs of Data…
If only I could Parse and
Index the data in the
forwarder itself and
only pass relevant data
Time
Cost
Bandwidth

32. www.edureka.co/splunkEdureka’s Splunk Certification Training
Heavy Forwarders To The Rescue
There are so many
challenges in data
movement/
transfer
My machines are
generating many
TBs of Data…
If only I could Parse and
Index the data in the
forwarder itself and
only pass relevant data
Time
Cost
Bandwidth
IndexingParsing Routing
Heavy Forwarder
Indexer
DATA

33. www.edureka.co/splunkEdureka’s Splunk Certification Training
Splunk Architecture

34. www.edureka.co/splunkEdureka’s Splunk Certification Training
Architecture Of Splunk
Splunk CLI Splunk Web Interface Other Interfaces
Scheduling / Alerting Reporting Knowledge
Splunk Engine
Search
Index
Data Routing, Cloning & Load Balancing
Deployment
Server
User & Access
Controls
Distributed Search Distributed Search
Monitor Files Detect File Changes Listen To Network Ports Run Scripts
Rest API

35. www.edureka.co/splunkEdureka’s Splunk Certification Training
Splunk Is The Most Wanted Data Management Tool,
And So Are Splunk Professionals

36. www.edureka.co/splunkEdureka’s Splunk Certification Training
Splunk Rising Job Opportunities
Primary Job Roles:
 Splunk Architect
 Splunk Administrator
 Splunk Developer
Promising Domains For Practice:
 Finance & Insurance
 Manufacturing
 Information Technology
 Retail Trade
 Technical Services
Source: www.indeed.com/jobtrends

37. www.edureka.co/splunkEdureka’s Splunk Certification Training
Course Details
Go to www.edureka.co/splunk
Get Edureka Certified in Splunk Today!
What our learners have to say about us!
Ken, Splunk Certified Admin says, “The Splunk instructor's
way of training is beyond expectation. Very detail oriented
and helpful”
Tejaswini, Senior Software Engineer says, “Splunk course
was absolutely great. Enjoyed the course, good hands on
as well which was very helpful.”
Nancy, Student at Pittsburgh University says, “Love
the Splunk professor. Informative and fun class!”

38. www.edureka.co/splunkEdureka’s Splunk Certification Training