What is Splunk Enterprise?
The Industry-leading Platform for Operational Intelligence
Your IT systems and technology infrastructure—websites, applications, servers, networks, sensors, mobile devices and the like—generate massive amounts of machine data.
By monitoring and analyzing everything from customer clickstreams and transactions to network activity and call records, Splunk Enterprise turns your machine data into valuable insights.
Troubleshoot problems and investigate security incidents in minutes, not hours or days. Monitor your end-to-end infrastructure to avoid service degradation or outages. Gain real-time visibility into customer experience, transactions and behavior.
Get Started - Try Splunk today
Splunk Enterprise is available as a free download. Try it on your laptop and then deploy it to your datacenter or cloud environment. Or try our free online sandbox - your personal online environment. Either way, you'll be up and running with an easy-to-use web interface and powerful enterprise platform for analyzing your machine data.
Any Data From Any Source
Collect and index any machine-generated data from virtually any source or location in real time. This includes data streaming from packaged and custom applications, application servers, web servers, databases, networks, virtual machines, telecoms equipment, operating systems, sensors and much more. Just point Splunk Enterprise at your data and it will immediately start collecting and indexing--so you can start searching and analyzing.
Collect Data From Remote Sources
Splunk Forwarders deliver reliable, secure, real-time data collection from tens of thousands of sources. They can monitor local data sources—applications, sensors, endpoint devices; collect the output of status commands on a schedule; grab performance metrics from virtual or non-virtual sources; or watch the file system for configuration, permissions and attribute changes. Forwarders are centrally managed, lightweight and can be deployed quickly at no additional cost.
Correlates Complex Events
With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations:
- Time-based correlations identify relationships based on time, proximity or distance
- Transaction-based correlations track a series of related events as a single transaction to measure duration, status or other analysis
- Sub-searches take the results of one search and use them in another
- Lookups correlate machine data with external data sources outside of Splunk Enterprise
- Joins support SQL-like inner and outer joins
Correlating events enables richer analysis and insight from your machine data. Read the Event Correlation Technical Brief to learn more.
Enterprise-class Availability and Scale
Splunk Enterprise scales to collect and index hundreds of terabytes of data per day. And because insights from your data are mission critical Splunk Enterprise clustering and multi-site clustering technology provides continuous availability. Whether it's a single server or a site that goes down, the critical insights you rely on from your machine data are still available.
Automatic load balancing optimizes workloads and response times and provides built-in failover support. Out-of-the-box reporting and analytics capabilities deliver rapid insights from your data.
A True Data Platform
Whether your data lives in a traditional database or data warehouse, or Hadoop, Splunk Enterprise connects to all your data stores enabling you to combine machine data with other data in your organization delivering more powerful insights.
Splunk DB Connect delivers reliable, scalable, real-time integration between Splunk and traditional relational databases.
Splunk Hadoop Connect provides bi-directional integration to easily and reliably move data between Splunk Enterprise and Hadoop.
ODBC Driver provides industry-standard connectivity between Splunk Enterprise and third-party visualization tools, such as Microsoft Excel or Tableau Desktop.
Visibility from Datacenter to Cloud
The Splunk Enterprise distributed architecture lets your searches and reports span multiple Splunk Enterprise deployments whether on premises at a single site or multiple sites, or in the cloud. With role-based access you can control how far a given user's search will span--wherever your data resides. Get the visibility and intelligence you need from your data, all from one place. Securely connecting your Splunk Enterprise installation takes just minutes, allowing you to design a manageable enterprise data fabric.
Provides Granular, Role-based Security
Underlying everything Splunk Enterprise does is a robust security model, providing secure data handling, role-based access controls, auditability and assurance of data integrity. Every Splunk Enterprise transaction is authenticated, including user activities through the web user interface, command line interface and system activities through the Splunk Enterprise API. User roles and functionality by user type can easily be defined and integrated with LDAP-compliant directories like Microsoft(r) Active Directory to adhere to enterprise-wide security policies and support single sign-on. Granular role-based access controls protect access to sensitive machine data.
A Platform for Enterprise Developers