By Steve Sommer October 29, 2010
Splunk users and prospects gathered in midtown Manhattan this week to hear presentations by A Large Media Corporation, Computer Services Corporation, and RiskFocus, as well as the latest from Splunk. This is the third year we’ve done a SplunkLive in Manhattan, and it’s been fun watching the event grow year after year.
A Large Media Corporation
This organization’s IT environment is fairly substantial: 6,000 servers worldwide, 1,700 network devices, almost 14,000 sourcetypes, 16 Splunk indexers and 100 GB of data per day.
At SplunkLive their Technical Architect explained how his company was looking for a better monitoring solution. Their existing Patrol-based monitoring software wasn’t giving them the visibility they needed and was prohibitively expensive to maintain.
Discussing the challenge, he explained how Splunk, along with Cacti, would fit their needs versus what Patrol offered:
After adopting Splunk, the company experienced immediate cost benefits and greatly improved monitoring performance.
The Technical Architect also said he loves the Splunk pricing model—unlike Patrol, there is no need to pay fees per agent or per user.
They really know how to take advantage of Splunk’s ability to monitor large amounts of data. For example, their IT organization now runs 100-200 saved searches every three minutes as part of their monitoring infrastructure. Interesting, they are also using Splunk as an “uber dashboard” for their EMC SMARTS data since Splunk makes it easier to consolidate and drill down into the data. They said it took only a couple of hours to create this dashboard.
This Large Media Company also uses Splunk to better understand and monitor their entire infrastructure. As a publisher and distributor of sensitive investor information, they want to make sure the information is available simultaneously worldwide. Splunk is used to detect any network latency problems that interfere with that goal. Splunk also monitors the performance of their trading apps.
Last week they decided to participate in the Splunk 4.2 beta program and report that they’re really excited about the new capabilities included in this upcoming release.