Why Machine Data Matters for Online Services
Software as a service (SaaS) providers, online gaming companies and social media companies run their entire business on the web. For these providers, timely operational visibility across their IT infrastructure is a top strategic priority. With IT systems that include thousands of servers, custom and packaged applications and third-party system integrations, online services companies have a complex infrastructure that spans across physical, virtual and cloud environments.
All of these systems generate terabytes of machine data every day - data that comprises application logs, mobile device logs, server logs, virtual machine logs, message queues, web proxy logs, IPS/IDS logs and syslog. This machine data can provide important insights into key metrics relevant to both IT and the business.
Increasing website uptime, enabling DevOps approach, enhancing product features, managing datacenter capacity and improving security posture are just some of the key areas that can be directly impacted by gaining operational intelligence from machine data.
Splunk Delivers Insight from Any Machine Data
Splunk is the engine for machine data - Splunk can read data from just about any source imaginable, such as application servers, mobile devices, web servers, custom applications, virtualized servers and pre-existing structured databases.
Splunk delivers real-time understanding of what's happening and deep analysis of what's happened across IT systems and infrastructure. It uses untapped machine data to identify problems, risks and opportunities and drive better decisions for IT and the business.
Typical uses cases for Splunk include application management, IT operations management, security and compliance and business analytics. Examples of different ways in which Online Service providers are using Splunk to gain new levels of visibility into IT and the business are described here.
Improving Website Performance and Uptime
For an online services company, any downtime or performance issues on the website can easily mean lost revenues, customer churn and negative impact on profits. Troubleshooting such issues involves getting insight across machine data coming from sources such as Linux servers, Apache web servers, databases, and numerous applications - this entire infrastructure could be deployed in a physical, virtual or hybrid environment.
Splunk indexes data across all tiers of the IT environment and helps users rapidly perform root cause analysis to determine the source of the problem. Ongame, a leading online gaming company has reduced their downtime by over 30% by using Splunk to gain visibility across 3 production environments including over 70 applications - resulting in quantified savings of over $1.9 million.
Enabling DevOps and Enhancing Product Quality
Online services companies have very short product development cycles and developers are delivering new capabilities at a very rapid pace. As customers start using these new capabilities, it is important for developers to identify, in real-time, causes of performance issues, functionality bugs or user experience issues. The raw machine data to identify such problems comes from many different tiers of the IT infrastructure - visibility into such data across groups is critical in driving a DevOps approach.
Splunk enables DevOps oriented processes by providing real-time insight into machine data to both operations and development. For example, Edmunds.com is using Splunk to close the DevOps gap by providing both teams visibility across web and application tiers. The teams are monitoring key metrics and identifying root causes to help them meet short release cycles and ensure that most errors are captured in pre-production.
Enabling Product Innovation
Every customer interaction with an online service provides valuable insight to improve product functionality. Machine data such as clickstream data, web server logs, application server logs and mobile logs can provide product managers the visibility to improve their product, guide their roadmap and build new features that differentiate it from the competition.
A leading SaaS company has created dashboards in Splunk to provide product managers real-time visibility into how their product features are being used, by whom, how frequently and from what devices. Such timely insight is helping product managers enhance existing features and develop innovative capabilities to deliver a better customer experience and drive higher revenues.
Effectively Managing Cloud and Virtualized Infrastructure
Online service providers are some of the biggest users of the cloud - whether within a public, private or hybrid environment. With Splunk, online service providers have cross-environment visibility in addition to environment-specific visibility across applications, OS and hypervisor layers through to the underlying server, storage and network hardware. This operational insight is vital to helping enhance service delivery to customers and deliver a superior experience.
Ping Identity, a leading security solutions provider, is using Splunk to gain visibility across their infrastructure - which is 95% virtualized. Their system health dashboard, built using Splunk, provides IT and operations managers real-time view into performance metrics across the virtualized infrastructure. Such insights are enabling the company to rapidly troubleshoot problems across tiers and perform faster root-cause analysis - helping them to effectively manage and scale their virtual environment.
Mitigating Security Risks and Ensuring Compliance
Security is a major concern for online service providers as any security breaches directly lead to customer attrition and lost revenues. Security incidents can start anywhere across the IT infrastructure and inability to gain visibility across machine data exposes companies to increased attacks. A leading social gaming company is using Splunk for security incident response by indexing machine data generated by IPS, IDS, Firewalls, Proxy Servers and applications - enabling them to search and correlate the data across systems to determine the exact source of the threat.
Regulations such as Sarbanes-Oxley and PCI mandate data collection, audit trails, data storage and visibility across applications, devices and servers. Splunk indexes data generated by all technologies that need to be monitored for regulatory compliance. It enables rapid retrieval of any log data requested by IT auditors. With its easy to use interface, Splunk improves the effectiveness of daily log review controls - ensuring compliance and mitigating operational and security risks.
Looking for More on Splunk for Online Services?
These use cases highlight just a handful of areas where Splunk can help online services companies harness their machine data.