May the 4th Be With You: The Data Awakens.

SW_AWAKENSI’m sure, like a lot of you, the recent trailer for the new Star Wars film made you feel like a kid again. My first cinematic memory was going to watch a double bill of Empire Strikes Back and Return of the Jedi when I was about nine. Times have changed and last year I wrote a blog post about Splunking Star Wars Data with my 8 year old son (he’s pretty excited about the new Star Wars film but maybe not quite as much as me!). We used Splunk to investigate planets, lightsabers, Luke Skywalker etc.

To celebrate this year’s May the 4th, I’ve been investigating what Star Wars would have been like if a long time ago, in a galaxy far far away, they’d had Splunk and data analytics. The results are quite interesting and would have made a very different set of stories (I’m only talking about the original trilogy – let’s forget that the prequels were ever made).



R2D2R2D2 clearly was running Splunk software. Think of the number of times R2 plugged into a machine, read some data and made something happen – the Death Star, Endor’s shield generator, Cloud City to name just a couple. Clearly he was getting insight from machine data and making a decision to open a door, find out where Princess Leia was or open the trash compactor. He was definitely running Splunk (maybe the Splunk mobile app on An-Droid?).




“No Small Moon” Security

The whole Star Wars film series would have been over after episode IV if The Empire had been using Splunk. Quite simply, Splunk for security would have stopped the Death Star ever being destroyed, the Rebels would have been blown up and that would be the end. Splunk’s ability to give security intelligence would have clearly highlighted the potential for breach defence through an exhaust port. The potential weakness would have been highlighted long before there was any risk of attack. Also, someone leaked those Death Star plans to the Rebels – Splunk would have spotted that insider threat and told Gran Moff Tarkin to go and sort it out. Finally, the Empire would have been given a real time security posture which would have highlighted the pattern of attack the Rebels were taking and based on a real time risk score would have shown they were going after the exhaust port. Should have listened to your data Darth Vader – we even made the Splunk t-shirts in black so they would have gone with your armour.


Death Star Operational Intelligence and ITOA

It got a bit better with the second Death Star. Clearly Boba Fett mentioned Splunk to The Emperor in Empire Strikes Back because by the time of the second Death Star in Return of the Jedi, they’d made a fully operational battle station without the Rebels knowing. I’m pretty sure they’d learnt their lesson from the first Death Star and had started to get real-time Operational Intelligence thanks to better use of their data. They’d got the infrastructure and application up and running properly and had probably built out some form of ITOA (in this case Imperial Tyranny Operational Analytics) dashboard to allow them to be fully operational.


Social Media Monitoring throughout the Galaxy

Once you’d got past the trolling from all the Jawas on Twitter, both the Rebels and The Empire could have made more from social media and Splunk.

The Empire could have crushed the whole rebellion if they’d just made better use of monitoring Twitter, LinkedIn and Facebook. Someone must have tweeted about the old guy with a laser sword chopping an arm off a grumpy alien in a bar. That video would have gone viral very quickly.


Vader would have found Ben and Luke on Tatooine, had a nice visit home, met up with his long lost son, turned him to the dark side before Yoda got his little green claws into him and the rebellion would have been quashed before it got going. He’d have seen that in Splunk. Another opportunity missed by Darth Vader.

The Rebels missed a trick here as well. Someone on the second Death Star must have mentioned something on social media about how well the tests were going or the hard work having to work for a boss like The Emperor. If only Admiral Ackbar had been monitoring social media using the Splunk Twitter app – he’d have realised what was up and would have found out “IT’S A #TRAP!”


The Internet of Spaceships

If the Rebels had bothered to spend some time looking at the data from the Internet of Things, everything could have been much easier. This is perfectly illustrated with the Millennium Falcon. For a start, by making the most of IoT data the hyperdrive would have worked. Han or Chewie would have put together a sensor driven dashboard in Splunk that they could have displayed in the cockpit of the Falcon. This would have showed them, in advance, that a power convertor wasn’t working, someone had tampered with something or the different components in the hyperdrive weren’t operating effectively. This would have saved embarrassing moments in front of Princess Leia and having to escape through an asteroid field. Likewise, Han or Chewie might have spotted something had changed from the norm and The Empire had put a homing beacon on the Millennium Falcon. This means that The Empire wouldn’t have found the secret Rebel base on Yavin 4 and Biggs wouldn’t have died in the attack on the Death Star.


Yoda is a sham

After a bit of investigation, I’m pretty sure Yoda was using big data and analytics. Forget his alleged mastery of the Force and his mystical powers. He was just ahead of the game with big data and predictive analytics. He’d clearly just been around a bit longer than everyone else, collected more data and was using Splunk’s predictive analytics to help him predict the future, alert him when there was pattern of events in the data (a “disturbance in the Force”) and help him make the right decision.


Have a very happy Star Wars Day and “May The 4th Be With You!”

Posted by