SCALE in Review

By all measurements, the Southern California Linux Expo was an unparalleled success this year. SCALE is the first-of-the-year Linux show. For 2010, attendance was on the rise, talks were packed, the expo floor often saturated.

Being at SCALE got me thinking about how much Splunk has grown as a technology and a company. This year, we added two new members to the booth and the Splunk Southwest Team–Jason Stein and Ron Naken. Jason is our Regional Sales Manager and Ron our Senior Sales Engineer. Jason and Ron are well-connected so you may already know them from their previous posts prior to joining Splunk. I can’t think of a better welcome to the southwest than to meet local customers already using and loving it.

This was our third time participating in SCALE. During the first run, we presented Splunk 3.0 with new reporting features. The top 2 questions were “What is Splunk” and “Is it open source?” The top comment was “We can build this ourselves.” On the second run, we showcased a faster, more polished Splunk. More people were coming by the booth to ask questions about setting up and using Splunk since they’ve already downloaded it. This year, Splunk 4.0 was in the limelight with an even more responsive interface, dashboards and Splunk Apps. More people stopped by to tell us they are already using Splunk and how it has changed the way they work.

This timeline holds true for BB, a Splunker at a large Southern California energy company. He is responsible for securing and investigating abuse across a network serving well over 20,000 internal users. Two years ago, BB thought Splunk was an open source tool, requiring lots of consulting to implement and scale. He made a quick pit stop at the booth for a demo and agreed to download Splunk. The second time we ran into BB at SCALE, he hadn’t yet downloaded Splunk, but agreed to do so. After a short, successful evaluation, BB became a customer. This year at SCALE, BB was back to tell us Splunk has been invaluable in helping him troubleshoot problems.

When a user calls in with a problem, BB simply looks at the name of the caller on his phone, executes a Splunk search on the user name, and can immediately determine whether the problem is originating from the desktop or the network. In the past, troubleshooting sessions like these would require him to first prioritize the problem based on its impact on the caller’s productivity, then schedule a web meeting to reproduce it collaboratively with multiple terminals open. These web meetings would typically take 30 to 45 minutes from initiation to resolution of the problem.

Now with Splunk, when a user calls, BB is able to diagnose and repair in a matter of minutes with the user still on the phone. This is just one of the ways Splunk has made his life easier. He has also been able to investigate interesting behavior across the network to detect abuse without relying so heavily on custom scripts which can take hours to complete.

This year, I didn’t hear a single person say they could build a tool like Splunk internally. Several people did share they attempted a similar solution in-house, but it was not nearly as flexible or scalable. There were still plenty of people asking “What is Splunk?” and “Is it open source?” One can start to feel like a robot answering these questions in repetition, but when a BB comes along to share his triumphs with Splunk I am reminded that it’s not just about the cool T-shirts. Splunk’s impact on people’s lives is positive and tangible.

Thank you to everyone who stopped by to tell us how much they appreciate Splunk and to those who came by for an introduction. Keep Splunking, and see you next year at SCALE!

Vi Ly

Posted by