What is Splunk Enterprise?
The Industry-leading Platform for Operational Intelligence
Your IT systems and technology infrastructure—websites, applications, servers, networks, sensors, mobile devices and the like—generate massive amounts of machine data.
By monitoring and analyzing everything from customer clickstreams and transactions to network activity and call records, Splunk Enterprise turns your machine data into valuable insights.
Troubleshoot problems and investigate security incidents in minutes, not hours or days. Monitor your end-to-end infrastructure to avoid service degradation or outages. Gain real-time visibility into customer experience, transactions and behavior.
It's Software—Download and Install in Minutes
Try Splunk Enterprise on your laptop and then deploy it to your datacenter or cloud environment. It's a self-contained software package that runs on all major operating systems—just pick your platform, download and install. You'll be up and running with an easy-to-use web interface and a powerful enterprise platform for analyzing your machine data.
Any Data From Any Source
Collect and index any machine-generated data from virtually any source or location in real time. This includes data streaming from packaged and custom applications, application servers, web servers, databases, networks, virtual machines, telecoms equipment, operating systems, sensors and much more. Just point Splunk Enterprise at your data, and it immediately starts collecting and indexing—so you can start searching and analyzing.
Collect Data From Remote Sources
Splunk Forwarders deliver reliable, secure, real-time data collection from up to tens of thousands of sources. They can monitor local data sources—applications, sensors, endpoint devices; collect the output of status commands on a schedule; grab performance metrics from virtual or non-virtual sources; or watch the file system for configuration, permissions and attribute changes. Forwarders are centrally managed, lightweight and can be deployed quickly at no additional cost.
Correlates Complex Events
With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations:
- Time-based correlations identify relationships based on time, proximity or distance
- Transaction-based correlations track a series of related events as a single transaction to measure duration, status or other analysis
- Sub-searches take the results of one search and use them in another
- Lookups correlate machine data with external data sources outside of Splunk Enterprise
- Joins support SQL-like inner and outer joins
Correlating events enables richer analysis and insight from your machine data. Read the Event Correlation Technical Brief to learn more.
Enterprise-class Scale, Resilience and Interoperability
Splunk Enterprise scales to collect and index tens of terabytes of data per day. And because the insights from your data are mission critical, Splunk Enterprise's clustering technology provides the availability you need, even as you scale out your low-cost, distributed computing environment.
Automatic load balancing optimizes workloads and response times and provides built-in failover support. Out-of-the-box reporting and analytics capabilities deliver rapid insights from your data.
Splunk DB Connect delivers reliable, scalable, real-time integration between Splunk and traditional relational databases.
Splunk Hadoop Connect provides bi-directional integration to easily and reliably move data between Splunk Enterprise and Hadoop.Big Data Video Big Data Solution Page
Scales from Datacenter to Cloud
The Splunk Enterprise distributed architecture lets your search and reports span multiple Splunk Enterprise deployments within a single datacenter or globally across multiple datacenters and cloud infrastructures. With role-based access you can control how far a given user's search will span—wherever your data resides. Get the visibility and intelligence you need from your data, all from one place. Securely connecting your Splunk Enterprise installation takes just minutes, allowing you to design a manageable enterprise data fabric.
Provides Granular, Role-based Security
Underlying everything Splunk Enterprise does is a robust security model, providing secure data handling, role-based access controls, auditability and assurance of data integrity. Every Splunk Enterprise transaction is authenticated, including user activities through the web user interface, command line interface and system activities through the Splunk Enterprise API. User roles and functionality by user type can easily be defined and integrated with LDAP-compliant directories like Microsoft® Active Directory to adhere to enterprise-wide security policies and support single sign-on. Granular role-based access controls protect access to sensitive machine data.
A Platform for Enterprise Developers