Splunk(x): Splunking the Enterprise

Hi there! My name is Paul and I manage Splunk’s (the company) use of Splunk (the product). I come from a background of web development, web analytics, and Linux administration so I’m no stranger to digging through logfiles when things go wrong. With Splunk, I can do this more quickly and elegantly.

Splunk(x) is our internal, enterprise deployment of Splunk. Splunk consists of 10 virtualized indexers, 3 virtualized search heads, a deployment server, a couple of heavy forwarders, and dozens of light and universal forwarders. We’re splunking our website, firewalls switches, F5 load balancers, *NIX and Windows OS logs, Active Directory, and objects.

The first major goal with Splunk(x) was getting it deployed, onboarding data sources, and gaining operational intelligence from our own machine data. Now that we’re staving off web disasters before they happen with real-time alerting, we move on to the second major goal – sharing our own success story.

More to come…

Paul Stout

Posted by