By Guest August 16, 2011
(This post is from Dan Woods, CTO and Editor of www.CITOResearch.com, who is working on a book to help Explain the Splunk Search Language using Recipes.)
While talking to all sorts of Splunkers, Splunk devotees, and hangers on during the first day of Splunk Conf 2011, I had a fun idea. How could you explain Splunk in one sentence? This is a challenge of course because Splunk is both wide and deep in its capabilities and the applications there of. Another challenge comes from the fact that Splunk is being crafted to meet the needs of many different types of users, from the braniac early adopters on Wall Street, in universities, or at research organizations, to system administrators who are monitoring hundreds of systems, to business analysts and marketers who are focused on gaining business insights through operational intelligence.
Here goes. When asked how do you explain Splunk in one sentence, here are the answers I got, and my commentary in parentheses:
“Google for IT data.” (Kudos to Splunk marketing team for getting this meme across. It was the most common response.)
“Unlike any other other tools or databases or existing systems, Splunk has the unique ability to correlate sources of data from anywhere across your infrastructure, which can give you one view into what’s really happening so that you can start to plan, make better informed decisions, and then ask more intelligent questions about what is happening in your business.” (This response from a Splunk marketing person shows how a view of Splunk as a tool for IT and business analysis is taking hold.)
“Splunk gives you the power to starting asking the questions that you want to ask, the answers to which are important to driving your business becuause you can really correlate all your information from a bunch of different sources.”
“Splunk allows you for good or for bad to see everything about your data, which is kind of a scary thought because of often after using Splunk, people realize how much was happening under the radar.”
“Splunk allows people to see things they kind of didn’t want to see. Then they can see them and fix them and save themselves a lot of money.”
“An engine for machine data.” (Too short for my taste and only the IT insiders will get this.)
“A relational-less backend for ingesting large amounts of machine data and making that available for search, alerting, and reporting with a rich UI.” (A solid explanation for the IT crowd.)
“Splunk effectively processes real time data faster than anything else out there on the market today”
“Splunk is a map-reduce implementation that takes unstructured data, any kind of data you want to put into it, and process it faster than anything else available today, provide analytics, transform the data, and kick off events on other applications.” (This approach shows how Splunk can act as a real time brain to understand what is important and take action, not just display data.)
“Splunk is a Swiss Army Knife that we use for everything, to analyze every bit of our data on the business side and the operations side, from operations to inventory to alerting.” (From a Splunk customer who is considering replacing their monitoring software with Splunk.)
“Super grep.” (A good analogy to begin a discussion, but one that leaves a lot out.)
“Splunk actually makes your logs useful.” (A good practical IT-focused value message.)
“An IT search engine that allows you to collect, index, analyze, and monitor all of your machine data from across your entire environment.” (A strong message for the IT user.)
“Search engine for all your business data.” (Expands the scope of the data addressed in the search engine.)
“An engine for all your operational data that helps you get intelligence to drive all kinds of business decisions.”
“Log aggregation and visualization.”
“Order from machine data chaos.”
“Splunk is an analytics engine for machine data”
“Splunk unlocks the value of the vast majority of the data out there.”
“An expert tool for experts.”
“Splunk is the tool that can enable you to really understand what is happening in your environment with regard to your infrastructure, network, databases, middleware, you name it.”
“Splunk is a transactional, non-structured, data analysis tool.”
“Splunk is search and analysis software for unstructured machine data.”
“Splunk lets you search and analyze all of your time series data.”
These responses show the way that Splunk has a personality that is commonly understood, but also means different things to different people. In part 2 I will try to boil these messages down and look to what Splunk will for specific audiences as the product evolves over the next year.