Running a Service in financial services is tough. Not only is there the burden of ensuring your service is 100% available to avoid a financial meltdown but you also need to find ways of optimizing every available CPU clock or KB of memory to stay competitive (check out long-time Splunker Finnbar Cunningham’s Credit Suisse .conf Presentation). All whilst having regulators breathing down your neck ready to slap a multi-million (or billion) dollar fine on you.
Maybe you do deserve those bonuses.
What do I mean by a Service? A system or application that allows a business to operate or trade. This could be an online retail site, an ERP platform and so on. For financial services, and capital markets in particular, this might be a Foreign Exchange (FX) platform that allows organisations to trade foreign currencies in the market.
It’s not surprising that these customers are big users of Splunk and have been for many years. Our ability to collect and store high-velocity machine-data and our “schema on the fly” are major reasons. Collect all raw data without knowing what question you will have to ask and then apply a schema the moment you need an answer. If you need to ask a different question, you change your search-time schema accordingly and apply it the same data. A dream in any fast-changing world, especially if you don’t know what regulation you might need to comply with in the future.
So performance, availability and compliance. Having visibility into these three components in a simplified fashion in real time is invaluable.
A few evenings ago we held an event in Canary Wharf in London, invited a load of our loyal capital markets customers in the area, and provided each of them with a Splunk instance with various sources of raw data including:
- Network Time Protocol (NTP) data
- Financial Information eXchange (FIX) data of FX trades (Inspired by Duncan’s .conf presentation)
- System Performance (CPU, Memory, etc)
The challenge was, over a few beers and pizzas, to deconstruct the components that make up an FX trading platform service, map that into Splunk IT Service Intelligence and create analytics-based KPIs as well as a Glass Table showing:
- Availability and performance of underlying infrastructure (for the ops guys)
- MIFID II compliance – identifying trades whilst hosts had NTP drift (for the auditors) (http://tabbforum.com/opinions/mifid-ii-10-things-you-need-to-know-about-time-synchronization)
- Execution time of FX trades and exposure (for traders, sales & risk)
Why did we do this with Splunk IT Service Intelligence rather than just on core Splunk? Well, as services evolve to become more agile, so does the need to accelerate the ability to deliver data-driven insights of those services. ITSI extends the goodness of the Splunk platform to accelerate any type of user in applying advanced analytics to raw data and present it as a business service in a fashion that makes sense to all stakeholders.
If you want to see the environment and how we did it, drop me a comment below. Happy to share.
And if you want to come to one of these types of events, they are free and open to anyone. Check out #Splunk4Rookies and #Splunk4Ninjas. If you’re interested in more FSI usecases, register for our upcoming webinar on Feb 15 where ING Bank will talk through how they gain business insights from machine data.
Thanks for reading,