What is Splunk? – A Summary for UK Public Sector

To quote the UK National Data Strategy:

Splunk is an advanced data platform that delivers right-time analytics from diverse data sets and that enables organisations to ask questions of all their data. It can be used to mitigate cyber security risk, improve performance, increase reliability and observe what is happening in the cloud. If a problem has data, then it's likely Splunk can help, for example Splunk has been used to fight modern slavery, combat wild fires and help run international airports.

Splunk’s EMEA Headquarters is located in the UK, and we have two offices, in London and Reading. We provide solutions to organisations such as Porsche, Zoom, McLaren Racing, Intel, Coca-Cola as well as the UK Government. In the UK Public Sector, Splunk is used in many different use cases including cyber security, IT and business operations.

Why Does the Public Sector Need Splunk?

Public sector, industry and our citizens are moving into a new data age. To quote the recent Declaration on Government Reform:

This means as citizen demand for digital-enabled services increase, the public sector will need to be more curious and creative with their data and utilise platforms that enable them to bring data to every question, decision and action.

What Does Splunk Do?

The Splunk platform provides insights from data generated by digital systems. Digital data is typically ‘messy’ in nature, meaning it is sometimes structured and easy to find, but very often it is unstructured, in silos and machine-readable only. This data contains a comprehensive, authoritative record of operations, interactions, and transactions. But typically this data is ignored and untapped and is in effect dark data, meaning that we could be missing an opportunity to turn this data into positive outcomes or using it for multiple other purposes.

If data sets are combined together, tangible value and outcomes can be delivered and this is what Splunk allows you to do. You can bring data of any structure, any source and any time scale together and turn it into insights and actions. Splunk allows you to investigate, monitor, analyse and act on data and put this data at the heart of government decision making.

The Splunk Portfolio

Splunk consists of three components:

1. The Splunk Platform. A broad set of configurable and extensible capabilities that can acquire and manage data and deliver insights from virtually any technology source. Splunk is currently offered as conventional software or as a cloud platform.
2. Splunk Products. Application offerings that leverage the Splunk Platform to provide deep, pre-built capabilities for Security, IT Operations, DevOps and Service Observability.
3. Ecosystem Solutions (Splunkbase). Content built by Splunk itself, partners, and customers that configures and extends the Splunk Platform and Splunk Solutions. The Splunkbase library has 1000+ applications and add-ons delivering a diverse range of functions and solutions from companies such as AWS, Google and Microsoft, but also from a significant number of SMEs.

You are not ‘locked in’ with Splunk, it can work with other systems and technologies and be a critical component of an organisation's data strategy.

This portfolio offers data-driven capability to Government Departments such as:

• Cloud deployment: The Splunk Software as a Service (SaaS) cloud offering is deployed and managed reliably as a service hosted with well-established cloud providers such as AWS and Google, both of which can be hosted in a UK Region. This can be achieved in a public cloud environment or through a hybrid approach that spans cloud and on-premise environments. Splunk is also flexible: it can be deployed in one cloud environment and observe another even if hosted by a different cloud service provider.
• Reducing costs and creating better outcomes for government: Through reducing data duplication, scaling investments across multiple functions and use cases, and enabling greater collaboration, common visibility, and tighter alignment across functions.
• Overcoming organisational and technology complexity and data growth: The scalability, flexibility, and power of the Splunk Platform enables complete solutions for very large and complex technology infrastructures and is proven across thousands of customers to be capable of ingesting and analysing petabytes of data per day.
• Operating and making decisions in real-time: Splunk allows the combination of real-time data stream observation and analytical processing with near-real time processing of large, complex structured and unstructured data sets collected over long time periods. Together these capabilities provide support for a broad range of use cases, including historical data analytics, forensic investigation, and real-time monitoring.

Much more detail can be found on our products via our website.

Examples of Splunk’s alignment to government policy and needs

Relevant Case Studies

The power of Splunk has been deployed in many different and innovative ways in Europe. Here are some relevant examples:

• Porsche: Using Splunk to improve performance.
• McLaren: Turning data into doing for McLaren Racing.
• Airbus: Airbus is using Splunk as a real-time monitoring platform for both IT and cyber security operations.
• Dutch Court System: Using Splunk to meet organisational needs for support, information, and performance metrics.
• London Gatwick Airport: Using Splunk to improve efficiency and lower costs.
• Derbyshire Fire & Rescue : Preventing security intrusions, quickly repairing system maintenance issues, and saving money.
• John Lewis: Improving troubleshooting and faster resolution of issues, preventing revenue loss.

Splunk Data Privacy, Security and Compliance

Splunk’s global privacy, security and compliance programmes are designed to meet our customers’ needs internationally and comply with global standards. Please see the following web page for more details on our security, privacy and compliance approaches.

Social Value

Splunk’s social impact team called Splunk for Good transforms the connective power of data into a strategic asset for non-profits, universities, organisations, and people working to do good in the world. Through our expertise, tools, training, and personalised support, we help simplify, demystify, and utilise data to drive action for good.

A good example of where Splunk has provided social value across the world is with the Global Emancipation Network when Splunk has helped reduce the impact of human trafficking by overcoming data siloes and hard to access data.

Splunk is also working with TechVets in the UK to train recent Armed Forces leavers and to help them transition into cyber and technology careers.

For more information, please contact pubsec_uk@splunk.com.