Splunk Adds Real-Time Search, Analysis, Monitoring For Live Streaming Data

Combines real-time, unlimited historical search

Note: ESJ’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.

Splunk, a company specializing in IT search, has released Splunk 4.1, allowing users to search, monitor, and analyze live streaming IT data as well as terabytes of historical data, all from the same interface.

The ability to search, analyze, and create live dashboards with streaming data from the IT infrastructure delivers immediate visibility to operational, application, security, and compliance issues. Users can see incidents and attacks as they occur, monitor application service-level agreements in real time, correlate and analyze events on streaming data, and track live transactions and online activity.

“Traditional technologies direct users down two separate paths: either data warehouses for big data historical analysis or tools specifically for real-time monitoring, resulting in serious tradeoffs due to separate systems with fundamentally different technology architectures,” said Erik Swan, Splunk’s co-founder and chief technology officer.

Last year, Splunk introduced Splunk 4.0, re-architected to improve speed and scale, as well as enable the creation of custom views and dashboards, extending the benefits of Splunk to business users and IT professionals alike. Splunk 4.1 is based on an implementation of real-time search using MapReduce techniques, which delivers extreme scalability and enables the new real-time capabilities to scale linearly across commodity hardware.

In addition to new real-time capabilities, Splunk 4.1 includes new features designed to support enterprise deployments and individual user productivity, including:

  • Single Sign-on (SSO): Integrates with enterprise single sign-on solutions for transparent authentication of third-party credentials and simplifies credential management

  • Event-level Workflows: Create workflows directly from data in search results and automate required next steps, such as opening a trouble ticket, blocking an IP address, or looking up a product ID in an external database

  • Automatic and Configurable Data Drill-down: Drill down from charts to original events and determine root causes faster; click on sections of charts to automatically refine searches

  • Scheduled PDF Report Delivery: Create, schedule, and deliver PDFs of any Splunk dashboard, view, search, or report and share meaningful information across the organization, even with non-Splunk users

  • Event Type Finder and Builder: Automatically identify new event types based on recurring patterns in the data

More information and a free downloadable copy of the software are available at www.splunk.com.