Splunk Enterprise Product Tour

Integrated, End-to-end, Real-time

Splunk Enterprise is fully featured, powerful platform that collects and indexes any machine data from virtually any source in real time. Search, monitor, analyze and visualize your data to gain new visibility, insight and intelligence. Index everything for deep visibility, forensics and troubleshooting. Work smarter as you and your team share searches and add knowledge specific to your organization. Create ad hoc reports to identify trends or prove compliance controls. Create interactive dashboards to monitor for security incidents, service levels and other KPIs. Analyze user transactions, customer behavior, machine behavior, security threats and fraudulent activity, all in real time.

Index Any Data

Index any machine data regardless of format or location—logs, clickstream data, configurations, traps and alerts, change events, the output of diagnostic commands, data from APIs and message queues and even multi-line logs from custom applications. With no predefined schema, data can be indexed from virtually any source, format or location. Then it's available for troubleshooting, security incident investigations, network monitoring, compliance reporting, business analytics and other valuables uses.

Search and Investigate

Search real-time and historical data using the same search interface. Use familiar search commands to define, limit or widen your search. Search doesn't stop there. Use statistical reporting commands, update transaction counts and calculate metrics and even look for specific conditions within a rolling time window. The search assistant offers type-ahead suggestions and contextual help so that you can leverage the full power of the search processing language.

Interact with Search Results

Interact with your search results in real time. Zoom in and out on a timeline of your results to quickly reveal trends, spikes and anomalies. Click to drill down immediately into your results and eliminate noise to get to the needle in the haystack. Whether you're troubleshooting a ticket, investigating a security alert, or simply discovering your data, you'll get to the answer in minutes rather than hours or days. And avoid the need to escalate to other groups to get the data you need.

Add Knowledge

Splunk automatically extracts knowledge from your machine data at search time. You can add more knowledge and meaning by identifying, naming and tagging fields and data points. You can even add information from external asset management databases, configuration management systems and user directories.

Correlate Complex Events

Splunk search makes it easy to establish or find relationships between seemingly unrelated events or activity. Use Splunk to correlate based on time, external data, sub-searches or joins. Identify related events as a transaction or session. Visualize trends and characteristics in reports and dashboards.

Monitor and Alert

Turn searches into real-time alerts and automatically trigger notifications via email or RSS, execute remedial actions, send an SNMP trap to your system management console or generate a ticket at a service desk. Alerts can trigger based on a variety of threshold, trend-based conditions and other complex searches.

Report and Analyze

Use the integrated report builder to quickly build advanced graphs and charts to visualize important trends, see highs and lows, create sparklines, summarize top values or the frequency of conditions. Create robust, information-rich reports from scratch without any advanced knowledge of search commands. Save reports, integrate them into dashboards and share them with management or other colleagues via PDF. Built-in acceleration technology delivers your mission-critical insights when it's needed.

Custom Dashboards and Views

Create live dashboards in a few clicks with the dashboard editor. Dashboards integrate multiple charts and views of your real-time data for the needs of different users—technical and non-technical. You can personalize dashboards for anyone and share them via PDF. Or view and edit them on tablets, smartphones and non-Flash browsers.

Splunk Apps

Do more by taking advantage of hundreds of apps and other content that run on top of the Splunk platform. These apps deliver a targeted user experience for different roles and use cases. There are a growing number of apps, built by our community, partners and Splunk—browse what's out there or even create and post your own, all through the Splunk community website (www.splunkbase.com).