Turn Machine Data Into Powerful Insights
Splunk Enterprise is the industry-leading platform for operational intelligence. Collect and index any machine data from virtually any source in real time. Search, monitor, analyze and visualize your data to gain new insights and intelligence. Index everything for deep visibility, forensics and troubleshooting. Work smarter as you and your team share searches and add knowledge specific to your organization. Create ad hoc reports to identify trends or prove compliance controls. Create interactive dashboards to monitor for security incidents, service levels and other key performance metrics. Analyze user transactions, customer behavior, machine behavior, security threats and fraudulent activity, all in real time.
Index Any Data
Index any machine data regardless of format or location--logs, clickstream data, configurations, sensor data, wire data from networks, traps and alerts, change events, the output of diagnostic commands, data from APIs and message queues, and even multi-line logs from custom applications. With no predefined schema, data can be indexed from virtually any source, format or location. Point Splunk Enterprise at your data and intuitive interfaces guide you through previewing, onboarding and preparing your data for search and analysis. Then it's available for troubleshooting, security incident investigations, network monitoring, compliance reporting, business analytics and other valuables uses.
Search and Investigate
Search real-time and historical data using the same interface. Use familiar search commands to define, limit or widen your search, and correlate events across multiple data sources to reveal new insights. Search doesn't stop there. Use statistical reporting commands, update transaction counts and calculate metrics, look for specific conditions within a rolling time window, and automatically detect patterns across massive sets of data. The search assistant offers type-ahead suggestions and contextual help so that you can leverage the full power of the Search Processing Language (SPL™).
Interact with Search Results
Interact with your search results in real time. Zoom in and out on a timeline of your results to quickly reveal trends, spikes and anomalies. Click to drill down immediately into your results and eliminate noise to get to the needle in the haystack. Whether you're troubleshooting a ticket, investigating a security alert or simply discovering your data, you'll get to the answer in minutes rather than hours or days and avoid the need to escalate to other groups to get the data you need.
Make Data More Meaningful
Splunk Enterprise automatically extracts knowledge from your machine data. You can add more knowledge and meaning by identifying, naming and tagging fields and data points. Extract fields with a simple highlight and click, or apply filters, view diverse and rare events, and specify required text for extractions. You can even add information from external asset management databases, configuration management systems and user directories. The Pivot interface enables any user to automatically discover relationships in the data and build powerful reports, without mastering the search language.
Correlate Complex Events
Splunk Enterprise search makes it easy to establish or find relationships between seemingly unrelated events or activity. Use Splunk Enterprise to correlate machine data based on time, external data, location, sub-searches or joins across multiple data sources and massive sets of data. Identify related events as a transaction or session. Visualize trends and characteristics in reports and dashboards.
Monitor and Alert
Turn searches into real-time alerts and automatically trigger notifications via email or RSS, execute remedial actions, send an SNMP trap to your system management console or generate a ticket at a service desk. Alerts can be triggered based on a variety of thresholds, trend-based conditions and other complex searches. Gain additional information at the time of the alert to assist with faster root cause analysis and problem resolution.
Report and Analyze
Empower every user in your organization to rapidly analyze machine data and turn it into powerful insights. Build reports, advanced graphs and charts to understand important trends, create advanced visualizations, summarize top values and view the frequency of conditions. Forecast highs and lows, plan systems resources and anticipate workloads with new predictive visualizations. The Pivot interface allows users to manipulate and interact with machine data to create robust, information-rich reports from scratch without learning the search language. Save reports, integrate them into dashboards and or share them with management or other colleagues via PDF. Embed your important charts and reports in other third-party business applications so that insights from your data are available wherever they're needed. Built-in performance technology delivers your mission-critical insights at blazingly fast speeds, all at the check of a box.
Custom Dashboards and Views
Create custom dashboards in a few clicks with the dashboard editor or leverage shared-panels as dashboard building blocks. Dashboards integrate multiple charts and views of your real-time data for the needs of different users—technical and non-technical. Analyze your data further with chart overlay and pan and zoom controls. You can personalize dashboards for anyone and allow users to access them from desktops or mobile devices.
The Splunk Mobile App
The Splunk Mobile App lets you experience Splunk Enterprise and gain mission critical Operational Intelligence anywhere. Access your dashboards, easily share insights, receive real-time alerts at any time from any location, and always stay connected to your Splunk Enterprise deployment. The Splunk Mobile App connects to your Splunk Enterprise deployment through the Splunk Mobile Access Server, which provides seamless and secure access to your Splunk Enterprise deployment. Download the Splunk Mobile Access Server for free. Download the free Splunk Mobile App from the app store.
Do more by taking advantage of hundreds of apps and other content that run on top of Splunk Enterprise. These apps deliver a targeted user experience for different roles and use cases. There are a growing number of apps, built by our community, partners and Splunk—browse what's out there or even create and post your own, all through the Splunk apps website.