Splunk^® Enterprise Product Features

Show the beauty in your data

Choose from a wide range of charts and other visualizations to tell a data story that is compelling and actionable. Intuitive and interactive tools make sense of complex data, empowering you to identify issues and opportunities.

Greater visibility into your operations

Continuous monitoring of events, conditions, and critical KPIs helps keep your operations running smoothly. With scheduled searches you can create real-time dashboards and visualizations that keep your team and management informed. Out-of-the box monitoring dashboards for common IT, security, and application environments are also available in the Splunkbase app store.

Get your critical alerts in real-time

Reports can be created in real time, scheduled to run at any interval and used in your dashboards. They can also be saved and shared in secure, read-only formats like PDFs via ODBC.

Quickly and visually analyze your metrics and events data

Splunk allows for complete utilization of metrics data to boost search performance and save in data storage costs. And now with Analytics Workspace, you don't need to know SPL to browse, analyze and transform large (or small) metrics data sets or compare them with other events or non-metrics data. Accelerate time to action with easy-to-use, visual data analysis capabilities of the Analytics Workspace.

Logs to Metrics. Metrics data are numerical data points captured over time that can be compressed, stored, processed and retrieved more efficiently than logs. Scale your ability to use this data type by converting your logs into metrics.

Analytics Workspace. The Analytics Workspace is the place to quickly visually analyze metrics and events data, and take action. Technical and non-technical users can now analyze metrics as well as non-time series data with charts and visualizations such as bar charts, column charts, reference lines, and scatter plots in a visual-friendly environment. Create better performing alerts in a few quick steps directly from visual analysis results.

Incorporate AI and Machine Learning into your data strategy

Use pre-built Splunk machine learning analytics for idenfitied use cases or create your own custom machine learning models to tackle impactful issues or opportunities in your company. Splunk Machine Learning Toolkit supports custom machine learning model development through guided assistants, providing flexibility if you want to go beyond configuring a pre-built solution. The MLTK extends the Splunk platform with outlier and anomaly detection, predictive analytics and clustering to filter out the noise. Leverage pre-packaged and open source algorithms to operationalize your data with machine learning in your production environment. New, smart assistants have an easier-to-use, GUI-based approach that guide you through each step of the process, writing SPL in the background that you can review later for insight into further customization.

Bold next-generation architecture

SmartStore maximizes data management flexibility while maintaining search performance by allowing compute (CPUs) and data storage to be independently scaled up or down based on business demands. It automatically evaluates users’ data access patterns via an application-aware cache and places actively accessed data in local storage for real-time analytics and unused/inactive data in lower-cost, remote storage.

This maximizes scalability and data availability by expanding data retention capabilities while significantly lowering cost of ownership and increasing flexibility with built-in applications and an index-aware cache. Additionally, it simplifies indexer maintenance as all data gets pushed to remote storage to assist with patching, upgrading or replacing indexes without impacting data integrity.

Operational visibility for your on-prem lifestyle

The Splunk Monitoring Console for Splunk Enterprise provides a complete system and feature monitoring interface — including topology views and alerting of system status and health — for all components of on-premises deployments. The console creates a single interface to view the status, performance, capacity and interconnectivity of these components, allowing the admin to optimize their system.

Continued advancements in Splunk Enterprise speed

Splunk's Workload Management feature provides a policy-based mechanism that enables you to reserve system resources (e.g. CPU and memory) for ingestion and search workloads based on your organization’s priorities. This enables administrators to classify workloads into different groups and then reserve system resources for higher-priority workload groups.

Embed everywhere and bring you workstreams together

Embed Splunk reports in any application or use our ODBC integrations to access Splunk data in applications such as Microsoft Excel or Tableau. And with Splunk alerts, you can automatically trigger actions in ticketing or other task assignment systems. Additionally, rich SDKs let your team integrate Splunk data and functionality in ways we may not have even thought of yet.

A secure, transportable identity system

Splunk Enterprise supports SAML integration for single sign-on through most popular identity providers like Okta, PingFederate, Azure AD, CA SiteMinder, OneLogin and Optimal IdM. Splunk Enterprise can also integrate with other authentication systems, including LDAP, Active Directory, and e-Directory.

Keep it in Splunk or export it out

Data retention costs are a significant part of your analytics budget, so Splunk Enterprise offers two options to reduce historical data storage costs by up to 80 percent while retaining Splunk search capabilities. Keep historical data within Splunk and reduce the data footprint of seldom-analyzed, cold data or roll your data to an existing Hadoop or Amazon Simple Storage Service (Amazon S3) data lake.