Splunk for IT Operations
•
2 recomendaciones•954 vistas
The document is an agenda for a Splunk conference session on using Splunk for IT operations. The agenda includes an introduction to Splunk for IT operations, a discussion of Splunk apps to accelerate insights, and a presentation on Splunk IT Service Intelligence. It outlines the growing complexity faced by IT operations and how Splunk provides a platform to index and investigate machine data from any source, in order to improve troubleshooting, monitoring, and gaining operational visibility and insights.
Recomendados
Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (20)
Similar a Splunk for IT Operations
Similar a Splunk for IT Operations (20)
Más de Splunk
Más de Splunk (20)
Último
Último (20)
Splunk for IT Operations
- 1. Copyright © 2014 Splunk Inc. Splunk for IT Opera=ons Bill Babilon IT Specialists, Splunk Public Sector Columbus, OH
- 2. Copyright © 2014 Splunk Inc. Name: Sheraton Mee=ng Rooms Access Code: AWS2015
- 3. Thanks to Our Sponsors
- 4. Session Agenda • Splunk for ITOps -‐ Introduc=on • Splunk Apps • Introducing Splunk IT Service Intelligence • Customer Stories • Wrap Up
- 5. Splunk for IT Ops -‐ Intro
- 6. Escala=ng IT Complexity… SERVERS STORAGE NETWORKING VITUALIZATION INFRASTRUCTURE APPLICATIONS PACKAGED APPLICATIONS CUSTOM APPLICATIONS Iden=ty VPN IP Phone HR Email Finance App Svr DB Web Svr SaaS/PaaS IaaS
- 7. … Plaguing IT Opera=ons SERVERS STORAGE NETWORKING VITUALIZATION INFRASTRUCTURE APPLICATIONS PACKAGED APPLICATIONS CUSTOM APPLICATIONS Iden=ty VPN IP Phone HR Email Finance App Svr DB Web Svr SaaS/PaaS IaaS Complex, silo-‐based technologies Disconnected and outdated point solu=ons Reac=ve brute-‐force problem resolu=on Over 80% of =me on maintaining not innova=ng
- 8. Industry Leading Pla]orm for Machine Data Any Machine Data Online Services Web Services Servers Security GPS Loca=on Storage Desktops Networks Packaged Applica=ons Custom Applica=ons Messaging Telecoms Online Shopping Cart Web Clickstreams Databases Energy Meters Call Detail Records Smartphones and Devices RFID Datacenter Private Cloud Public Cloud Enterprise Scalability Search and Inves<ga<on Proac<ve Monitoring Opera<onal Visibility Real-‐<me Business Insights Opera<onal Intelligence
- 9. Industry Leading Pla]orm for Machine Data Any Machine Data Online Services Web Services Servers Security GPS Loca=on Storage Desktops Networks Packaged Applica=ons Custom Applica=ons Messaging Telecoms Online Shopping Cart Web Clickstreams Databases Energy Meters Call Detail Records Smartphones and Devices RFID Datacenter Private Cloud Public Cloud Enterprise Scalability Search and Inves<ga<on Proac<ve Monitoring Opera<onal Visibility Real-‐<me Business Insights Opera<onal Intelligence Any amount, any loca=on, any source Schema-‐ on-‐the-‐fly Universal indexing No back-‐end RDBMS No need to filter data
- 10. Developer Pla]orm (REST API, SDKs) The Focus 10 Applica=on Delivery IT Opera=ons Security, Compliance, and Fraud Business Analy=cs Industrial Data and the Internet of Things
- 11. Turning Machine Data Into Opera=onal Intelligence Reac<ve Search and Inves=gate Proac=ve Monitoring and Aler=ng Opera=onal Visibility Proac<ve Real-‐=me Business Insight 11
- 12. Troubleshoo=ng Find and fix problems faster 12 Reduce MTTR Improve End User Experience Reduce Costs Greater IT produc=vity
- 13. Troubleshoo=ng Find and fix problems faster 13 Reduced MTTR Improve End User Experience Reduce Costs Greater IT produc=vity No more grepping through logs End-‐to-‐end correla=on
- 14. Monitoring Find and fix problem before it becomes a problem Increased up=me Trends in real =me and Historical Data Powerful Visualiza=ons Aler=ng and no=fica=ons
- 15. Splunk Apps Accelerate Insights
- 16. Splunk Apps 16 Plug-‐Ins, Templates and Apps Accelerate Value From Machine Data No rigid schemas– Add in data from any other source. API SDKs UI Server, Storage, Network Server Virtualization Operating Systems Custom Applications Business Applications Cloud Services App Performance Monitoring Ticketing/ and Other Web Intelligence Mobile Applications Stream
- 17. Apps Provide Deep Insights By Role Find and resolve problems fast in individual technology areas Exchange Admin Service Health Performance Message tracking VMware/Win/ Linux Admin Infrastructure Health Performance Anomalies/Outliers Storage Admin Infrastructure Health Performance Anomalies/Outliers
- 18. Splunk IT Service Intelligence
- 19. What We Hear From Our Customers! 19 “My CIO is demanding we look at IT from a business service perspec=ve.” “Splunk is great for break-‐fix, but I need to show we’re mee=ng SLAs.” “I need everyone to be able to see the same thing at the same =me.” “I just want to throw data at Splunk and have it find problems for me.” “Show me what my data can do for me!”
- 20. Data-‐driven service insights for root-‐cause isola=on and improved service opera=ons INTRODUCING
- 21. Splunk IT Service Intelligence 21
- 22. Key Concepts
- 23. What is a Service? Service Requests Responses In Splunk ITSI, a Service is a logical group of technology components that a user deems need to be monitored together. It can onen be generalized as a “black box” which we send requests and expect responses
- 24. What is a Service? DNS Requests Responses Technical Services Auth Requests Responses Web Requests Responses Services can be technology-‐centric…
- 25. What is a Service? DNS Requests Responses Technical Services Customer Transac<ons Requests Responses Business Services Auth Requests Responses Web Requests Responses Support Desk Requests Responses … and business-‐centric
- 26. What is a Service? Packet Network Hypervisor and Hosts RBMDBs Storage Tier API Services Web Services Customer Transac<ons Mobile API/ Middleware Partner Portal DNS Services can encompass mul=ple =ers of the IT domain and may also depend upon other services/micro-‐services
- 27. What is a KPI? DNS Requests Responses KPI: Number of requests KPI: Error rate KPI: Average response =me KPI: Servicer CPU load KPI: Server network I/F errors Customer Transac<ons Requests Responses KPI: Number of transac=ons KPI: Error rate KPI: Average response =me KPI: Count of Incident Tickets KPI: Synthe=c Transx Health KPIs and Health scores cons=tute the means by which Services are monitored.
- 28. Key Performance Indicators (KPIs) 28 KPI: A Splunk saved search defined in Splunk ITSI that helps monitor a specific field like CPU, Memory and so on. KPIs are contained within Services.
- 29. Service Health Scores 29 A Health score is a score from 0-‐100 that helps determine the health of a Service. It is calculated based on all KPIs importance and its status once every minute.
- 31. Service Analyzer, Glass Tables, Deep Dives 31 Service Analyzer: Auto generated filterable and =led view of Service health scores and KPIs Glass Tables: Customizable free form drawing dashboards to view health scores and KPIs of choice with visual tools to create context Deep Dives: Swim lane analysis dashboard to show all those indicators over =me for inves=ga=ons
- 32. Mul= KPI Alerts, Notable Events 32 Mul< KPI Alerts: Correla<on searches on service degrada<on Notable Events: Event framework for Mul< KPI Alerts
- 33. ITSI Demo
- 34. What Makes Splunk ITSI Different! 34 Search-‐Based KPIs • Easy to write, manage and change both services and KPIs • Reflects business and technology priori=es • Benefit: Rapidly generate and change KPIs to align service health with business • Fiserv – 1000s in just weeks Full Fidelity Service Health • Adaptable and flexible defini=ons of service health • One solu=on to go seamlessly from service reports to root cause, including raw data • Remains adaptable and yet s=ll maintains complete historical context Universal Data Pla]orm • Data driven: All IT data including events, metrics and logs • Schema on-‐the-‐Fly • Ask any ques=on of the data • Fast =me to value • Data fidelity
- 35. Customers Leading The Way
- 36. Why Enterprises Use Splunk for IT Opera<ons Increased Up<me to 99.9% Availability Reduced MTTR from 2-‐3 days to few minutes Improved Margins by protec=ng millions in ad-‐revenue Consolidated Tools by re=ring 27 monitoring solu=ons Op<mized Capacity by saving $500K in SW, HW & licenses Drives Innova<on with usage analy=cs on product features
- 37. 37 Unified insights: data integra=ons from other tools 11,000 to 100s Reduced incident =ckets Aler<ng on service KPI’s instead of server performance Usage baselines to iden=fy anomalies Splunk IT Service Intelligence at
- 38. 38 Server-‐based to Services-‐based monitoring Top-‐down and deep-‐ dive service insights 200+ services and 1500+ KPIs monitored Flexible crea=on and modifica=on of services and KPIs Aler<ng on service KPIs instead of server performance Real-‐=me, holis=c and proac=ve “client” view Splunk IT Service Intelligence at
- 39. Splunk IT Service Intelligence at 39 Replaced home-‐ grown tools Real-‐<me service insights to LOBs Reduced <me to resolu<on
- 40. Wrap Up
- 41. Troubleshooting Continuous Deployment Application Management Service Monitoring Splunk is the Backbone of Modern IT Pla]orm for Machine Data
- 42. AVAILABLE NOW! Try it: SPLUNK.COM/ITSI Free. In Splunk Cloud.
- 43. THANK YOU