The session was led by the director of global value... talking about what values splunk's customers got in terms of money, personnel and time, mostly in savings. It's a great talk peppered with various use cases by the customers. I made a daring comment that it might be also interesting to show how much the customers gained in sales and profit. Some people like to hear from those dimensions.
Machine data intelligence for operational insights
Splunk distinguishes itself by being the pacesetter in machine data intelligence. Machine data mainly includes logs produced by systems, applications and devices. Now, it expands to include those real time data on the wire, the packets and payloads etc. A lot of the intelligence is about IT and security. But I can see that Splunk's ambition is way beyond that. After all, they claim to be the Google for Enterprise.
Unheralded visibility and transparency
It is almost scary that the new Splunk App for Stream allows enterprises to visualize literally every bit of information (packets, payloads) on the wire. This gives enterprises not only total control over its network defense against intrusion, but also over its own intellectual properties and employees' misuse of the network. So, don't look up porn or post inappropriate statements on social media, not when you are at work.
Schema at Write vs Schema at Read
We used to design data model first before recording data. Nowadays, it's too dynamic that we just can't wait till we have a perfect data model. We need to record first and model second. Data model is not static and we need to tweak it often. Basically Splunk allows us to write freely and read with structure. It is quite liberating!
Freely? Not exactly. But it's close. Enterprises can just log everything in key-value pairs and save them in flat files. At logging time, one doesn't have to worry about data model. Just log everything in whatever way one can imagine. Splunk can collect the logs and index them for search and data modeling later. We don't need an OLTP database there. It makes logging a lot easier and a lot more useful.
Search is the ultimate query language
Yes it is. Every query language such as SQL is about search. Splunk's search language is still off limit to non technical people. The nice thing about Splunk is it allows us to search a broad collection of data beyond regular relational databases. Its query language is much like Unix command with pipes and Regex. Not unfamiliar with the UNIX commands, I can appreciate its flexibility that is much more than SQL. But it is not for everyone.
Business Analytics
Splunk started as a log analysis tool for IT infrastructure. Nowadays, it piggybacks into the arena of business analytics. How come? I learnt that, because IT has all the data and the business people need to ask IT for data. IT got a chance to show them what Splunk can do for data collection and visualization, without extra tools. It is so that business people got converted.
Splunk vs Tableau
Having used Splunk for some time, I feel that Splunk's charting and visualization capacity are getting better. But Tableau still has the better hand in advanced visualization and ease of use. I can imagine that a lot of business analysts can learn to use Tableau for data analysis with little IT support. And I don't see that Splunk can achieve the same. There is still a possibility that Splunk will eat into Tableau's market share. That's not something I need to worry about. I feel that Splunk is great for data collection and shaping, saving the traditional ETL. Then I can use the dataset for further visualization in Tableau.
Customer use cases
Splunk has invited representatives from Zoosk, Wells Fargo and Autodesk to share their use cases. It's not too hard to imagine how Zoosk and Wells Fargo can benefit from the data processing power of Splunk. I didn't imagine Autodesk has much to do in this big data arena. Actually they have a lot of data, including software tracking and reporting data. They found a lot of pirated software being used. The traditional software maker has become an internet company, doing a lot of business through the wire.
Meet friends
By posting one picture of Splunk>Live to my internet group, some friends replied I am here too. I didn't know they would come. Quite a pleasant surprise! This capped a great day.
No comments:
Post a Comment