What It Does

What's so brilliant about Splunk is the way you can search for anything in your IT data. Don't know what you're looking for? Just start typing and Splunk's typeahead suggestions will show you what's in your data. Use familiar Boolean operators, wildcards and quoted strings or search on a particular field like a user name, an IP address, a particular message ID.

Splunk also lets you interact with your search results. Zoom in and out on a time line of your results to quickly reveal trends, spikes and anomalies. Click to drill down into your results and eliminate noise to get to the needle in the haystack. Whether you're troubleshooting a customer problem or investigating a security alert, you'll get to the answer in seconds or minutes rather than hours or days.

Splunk takes search where it's never been before, by automatically extracting knowledge from your IT data and letting users add their own knowledge on-the-fly. Knowledge about events, fields, transactions, patterns and statistics can be added to your data. You can identify, name and tag this data as well. Go from finding all events with a particular username, to instantly getting statistics on specific user activities. Splunk marries the flexibility of unstructured search, with the power of working with structured data, in a way you've never experienced before.

Any search can be saved and scheduled for continual monitoring and can trigger alerts via email or RSS. You can even kick off a script to take remedial actions, send an SNMP trap to your system management console or generate a ticket at a service desk. Alerts can be based on a variety of threshold and trend-based conditions. And because Splunk goes beyond simple Boolean searches into fielded searches, statistical searches and sub-searches, you can correlate on anything you want and alert on complex patterns such as abandoned shopping carts, brute force attacks, and fraud scenarios.

If you've ever wanted to generate a report on-the-fly from hard to understand IT data, you'll love Splunk. Splunk's amazing ability to extract fields, patterns and transactions in your IT data lets you summarize any search results as a visual report. Easy-to-use interactive tables and charts as well as powerful statistical search commands make it simple to trend metrics over time, summarize the top values and report on the most and least frequent types of conditions. Reports can be scheduled, saved and exported, or added to your own dashboards.

Why does it take 10 people on a conference call to troubleshoot an application problem or investigate a security incident? Sharing and collaboration has empowered everyone in the enterprise except IT, until now. With Splunk you can control shared access to your IT data by role, group or user. Operations, networking, development, system administration, service desk, security and compliance can work together sharing searches, knowledge, alerts, reports and custom dashboards. Ever wondered what a particular event or message means or wanted to add your own information to a critical error? Now you and your co-workers can work together without being in the same place at the same time and Splunk's robust access control and authentication lets you control what you share and who you share it with.