What It Does

What's so brilliant about Splunk is the way you can search for anything in your IT data. Don't know what you're looking for? Just start typing and Splunk's Search Assistant will offer typeahead suggestions based on what’s in your data. You’ll also see suggested searches based on your search history and contextual help so that you can leverage the full power of Splunk’s search language.

Splunk also lets you interact with your search results. Zoom in and out on a time line of your results to quickly reveal trends, spikes and anomalies. Click to drill down into your results and eliminate noise to get to the needle in the haystack. Whether you're troubleshooting a customer problem or investigating a security alert, you'll get to the answer in seconds or minutes rather than hours or days.

Splunk takes search where it's never been before, by automatically extracting knowledge from your IT data and letting users add their own knowledge on-the-fly. Knowledge about events, fields, transactions, patterns and statistics can be added to your data. You can identify, name and tag this data as well. Go from finding all events with a particular username, to instantly getting statistics on specific user activities. Splunk marries the flexibility of unstructured search, with the power of working with structured data, in a way you've never experienced before.

Splunk avoids the problems caused by traditional approaches, by mapping knowledge to IT data at search time, rather than attempting to normalize the data into a brittle database schema up front. And there's no more need for the complex management of custom parsers and connectors. Easily enrich your IT data with information from external asset management databases, configuration management systems and user directories. Now you have a flexible way to manage your IT data, so as the data changes, you don't have to.

Any search can be saved and scheduled for continual monitoring and can trigger alerts via email or RSS. You can even kick off a script to take remedial actions, send an SNMP trap to your system management console or generate a ticket at a service desk. Alerts can be based on a variety of threshold and trend-based conditions. And because Splunk goes beyond simple Boolean searches into fielded searches, statistical searches and sub-searches, you can correlate on anything you want and alert on complex patterns such as abandoned shopping carts, brute force attacks and fraud scenarios.

If you've ever wanted to generate a report on-the-fly from hard to understand IT data, you'll love Splunk. Splunk's amazing ability to extract fields, patterns and transactions in your IT data lets you summarize any search results as a visual report. Splunk’s Report Builder helps you easily build advanced graphs and charts and visualize important trends, see highs and lows, summarize top values and report on the most and least frequent types of conditions. You can create robust, information-rich reports from scratch without an advanced knowledge of search commands. You can save reports, integrate them into dashboards and share them with management or other colleagues in secure, read-only formats such as PDF.

Create custom dashboards in minutes and extend the power of IT Search to every desktop. Splunk's Dashboard Editor lets you combine pre-defined searches, charts, alerts and reports into a powerful dashboard to help you make more sense of the huge volumes of data at your disposal. Or create mashups with other Web-based Apps, such as Tivoli, SAP, security consoles and more. Now management, security analysts, auditors, developers and sysadmins are all empowered to get more from your IT Data.