Splunk 4.2 Overview

You must have Flash installed and Javascript
enabled to view this video.

Click here if you need to download the free Flash Player.

Description:

The essential overview of our latest release Splunk 4.2. New capabilities include: real-time alerting, new Universal Forwarder, better visualizations, a range of ease-of-use capabilities, centralized Splunk monitoring and license management, faster search experience, and more.

Download video to your computer (mp4 105 Meg)

Date: Mar 09, 2011 

Permalink

http://www.splunk.com/view/SP-CAAAF2G

Transcript

Jake : Hi, I'm Jake Flomenberg, product manager for the Splunk User Interface and Search Technology.
John : And I'm John Cervelli, director of product management for the Splunk server. We're here today to introduce you to Splunk 4.2. Splunk 4.2 features a variety of new search and enterprise management functionality, as well as the constant improvements to performance you've come to expect from us.
Jake : Traditionally, Splunk has provided alerting by polling and running searches on a scheduled basis. <start RT alerting demo> In Splunk 4.2 we've gone a step further to tie our alerting architecture together with our real-time search infrastructure. Real-time alerting allows you to take immediate action when an incident or attack occurs by triggering automatic emails, running scripts, or posting to an RSS feed. Real time alerting takes advantage of all of the flexibility that the Splunk search language affords so that you can perform advanced correlation and statistical operations and get the insight that you need to run you business better. You can even throttle alerts to avoid redundant notifications and view your alerts in the Alerting Management interface where you can search through your alerts and drill down into the original results that triggered them.
<start Gauge demo> We're also excited to introduce our new gauge visualizations that help summarize and visualize real-time business data and thresholds for management consumption. It's a great way to put the data that you need to run your business better at your fingertips.
We're also making it easier than ever before to get started with Splunk. <start Quickstart demo> Our new quickstart recipes take the uncertainty out of data ingestion by guiding you through best practice for how to get data into Splunk. <start App demo> It's also easier to find and install apps on splunkbase and we let you know whenever an update becomes available. <start workflow demo> And our new workflows make common tasks easy. In addition to saving searches, you can now easily create and share real-time dashboards without having to manually configure permissions and step through the process of crafting alerts to send email notifications or take programmatic action.
And, as always, we maintain our commitment to getting you search results faster than ever before. Splunk 4.2 is no exception - page render time is up to 2.5x faster, single server reporting is up to twice as fast, and reporting over distributed indexers up to 10x faster. If you know precisely what you are searching for, you can also turn off automatic field discovery for dramatic performance improvements.
John : Thanks Jake. Installing and managing distributed Splunk instances also gets much easier in 4.2. The first new distributed enhancement is the Universal Forwarder. <start UF demo> It's always been possible to deploy Splunk effectively on remote hosts for data collection, but this starts to get more complex when you have a large number of remote hosts. The Universal Forwarder is a new, dedicated Splunk package specially designed for collecting and sending data to Splunk. It's super light on resources, easy to install, but still includes all the current Splunk inputs, without requiring python.
Of course, once you have Splunk deployed everywhere, now you have to manage it. <start DM demo> To help with that, we've created a new app that monitors Splunk forwarders and indexers. Once you enable the Deployment Monitor app, shipping in with the product, you can see information about the health of your forwarders, your indexers and the use of your license. You can even drill down into specific indexers and forwarders for troubleshooting.
Finally, we're also introducing a new distributed license manager. <start license demo> This new manager makes it easy to combine and distribute your Enterprise licenses across a multi-index deployment. You can stack multiple Enterprise licenses, including a Sales Trial if you need more capacity while you work with our sales team. You can stack your legacy Splunk licenses as well, so you don't have to re-key to upgrade to 4.2.
Once you have installed your licenses, 4.2 makes it easy to distribute that license to multiple indexers. A Splunk license master will automatically accept other instances into a single, shared license pool. However, if you want more control, you can create multiple license pools for one or more instances and assign exactly what you need to each indexer or group of indexers.
But that's just the overview. There's much more to Splunk 4.2 that makes it easier to get started, get data in and scale to extreme, big data proportions.
Jake : Be sure to check out the What's New section of the documentation and read about all that 4.2 has to offer as well as Splunkbase and SplunkAnswers where you can learn about Splunk apps and find answers to many of your questions. Thanks and happy Splunking.

Browse Videos

Splunk Enterprise Overview: Machine Data to Operational Intelligence
Date:Oct 23, 2014
Hunk 6.2: Unlocking the Power of Big Data
Date:Oct 23, 2014
Soar Higher with Splunk MINT!
Date:Oct 16, 2014
Splunk MINT: Mobile Intelligence Is Here
Date:Sep 30, 2014
Splunk Transforms DevOps Process
Date:Aug 11, 2014
Splunk Cloud
Date:Jul 30, 2014
Splunk App for NetApp Data ONTAP
Date:Jun 2, 2014
Why Splunk?
Date:May 20, 2014
Splunk Enterprise 6.1
Date:May 2, 2014
The Splunk App for VMware
Date:Apr 15, 2014
Splunk For Security Vs. SIEM
Date:Jan 17, 2014
Splunk App for Enterprise Security 3.0 Threat Lists
Date:Jan 16, 2014
Splunk App for Enterprise Security 3.0 Asset Investigator
Date:Jan 16, 2014
Splunk App for Enterprise Security 3.0 Security Indicators
Date:Jan 16, 2014
Why Splunk for Security?
Date:Jan 16, 2014
Splunk: What is Machine Data?
Date:Nov 19, 2013
Splunk App for AWS
Date:Nov 13, 2013
Splunk and the Internet of Things
Date:Aug 23, 2013
What's New in Splunk 5
Date:Oct 29, 2012
Splunk 4.3 Demo
Date:Jan 4, 2012
Splunk 4.3 Overview
Date:Jan 4, 2012
Splunk .conf 2012
Date:Dec 15, 2011
Splunking Big Data
Date:Sep 16, 2011
Splunk Founders Story
Date:Jun 16, 2011
Citrix Xen Desktop
Date:Mar 16, 2011
Splunk 4.2 Overview
Date:Mar 9, 2011
Splunk for Security
Date:Mar 1, 2011
Web Analytics
Date:Dec 5, 2010
IT Operations Management
Date:Dec 5, 2010
Application Management
Date:Dec 5, 2010
Real Time in Splunk 4.1
Date:Mar 29, 2010
Modular UI in Splunk 4
Date:Sep 29, 2009
Auto Load Balancing in Splunk 4
Date:Jul 23, 2009
Search Architecture Improvements in Splunk 4
Date:Jul 14, 2009
Trade Me: The Power of Splunk for Analytics
Date:Sep 14, 2014
MindTouch and Splunk Cloud
Date:Jul 24, 2014
Corporation Service Company Transforms User Experience with Splunk
Date:Jul 23, 2014
Splunk: Finding a Needle In Needles for John Lewis
Date:Jul 1, 2014
B2W: Splunk Is Big Data Revolution
Date:Jun 20, 2014
Splunk Helps Save $1Billion For U.S. Rail Industry
Date:Apr 22, 2014
Splunk and Healthcare: Middlesex Hospital
Date:Feb 18, 2014
Value of Higher Education and Splunk
Date:Jan 31, 2014
Connected Cars with Ford's OpenXC and Splunk
Date:Nov 11, 2013
Splunk and InstantCab
Date:Oct 21, 2013
Slicing Data For Domino's Pizza
Date:Sep 25, 2013
Splunk at Heart of iRhythm Operations
Date:Sep 5, 2013
Splunk Healthcare: Bosch "Health Buddy"
Date:May 17, 2013
Splunk Amazing Customer Stories
Date:May 13, 2013
Splunk at a Large Federal Agency
Date:Mar 22, 2013
Splunk at McKenney's
Date:Mar 22, 2013
Splunk at Ping Identity
Date:Mar 22, 2013
Swisslos Hits the Jackpot with Splunk
Date:Mar 15, 2013
Big Data Is Near a Critical Mass
Date:Feb 19, 2013
Big Data Means Digging Deeper
Date:Feb 19, 2013
Think Big Analytics on Splunk and Hadoop
Date:Feb 19, 2013
Hortonworks on Splunk and Hadoop
Date:Feb 19, 2013
Discovery Communications, Machine Data and Splunk
Date:Feb 19, 2013
Ping Identity Uses Splunk to Boost Business
Date:Feb 19, 2013
Apollo Group Expands Use of Splunk
Date:Feb 19, 2013
Message Bus Uses Splunk Across Clouds, Public and Private
Date:Feb 19, 2013
Swisslos Supports Online Gaming with Splunk
Date:Feb 15, 2013
CedarCrestone Improves Security with Splunk
Date:Feb 13, 2013
Splunk at Hurricane Labs
Date:Dec 20, 2012
Cars.com Revs up ROI with Splunk Software
Date:Dec 12, 2012
Splunk: Delivering Operational Intelligence (2011 Gartner ITxpo Symposium Intro)
Date:Jan 19, 2012
Splunk at Cricket Communications (2011 ITxpo Gartner Symposium)
Date:Jan 19, 2012
Splunk Customers, from .conf 2011
Date:Dec 15, 2011
Gartner Security Summit: Large Federal Agency
Date:Sep 23, 2011
Gartner Security Summit: Hughes Network Systems
Date:Sep 23, 2011
Gartner Security Summit: CedarCrestone / Q&A
Date:Sep 23, 2011
Gartner Security Summit: Intro/ Splunk Overview
Date:Sep 23, 2011
Securing Large Federal Agencies with Splunk
Date:Sep 19, 2011
Making Intelligent Decisions at Federal Agencies with Splunk
Date:Sep 19, 2011
Driving Business Intelligence for Car Town
Date:Sep 19, 2011
Intuit Financial Services Stop Fraudsters with Splunk
Date:Sep 19, 2011
Edmunds.com has the Inside Line on User Experience with Splunk
Date:Aug 30, 2011
Splunk Customers Present at the Gartner Security Summit
Date:Jul 1, 2011
Splunk at a Large Federal Agency
Date:Sep 17, 2010
Splunk at T-Mobile
Date:Dec 16, 2009
Splunk at Avelle, The Business Case with Shawn Swistack
Date:Dec 16, 2009
Splunk at Avelle, The Technical Case, with Andrew Nutter-Upham
Date:Dec 16, 2009
Splunk on Wall Street
Date:Apr 2, 2008
Splunk at Rhythm New Media
Date:Mar 26, 2008
Don't Run Your Datacenter Without It: Splunk at Epsilon Data Management
Date:Feb 27, 2008
Splunk at Nexa Technologies
Date:Feb 26, 2008
Splunk Education: Administering the Splunk MINT App and Data Collector
Date:Feb 10, 2016
Splunk Education: Using the Splunk MINT SDK for iOS
Date:Feb 10, 2016
Splunk Education: Using the Splunk MINT SDK for Android
Date:Feb 10, 2016
Splunk Education: Splunk Cloud Tutorial
Date:Jan 26, 2016
Splunk eLearning Demo Video
Date:Dec 11, 2015
Splunk Education: Getting Data In with Forwarders
Date:Dec 11, 2015
Splunk Light Product Tour
Date:Jun 12, 2015
Splunk Education: Create Alerts in Splunk Light
Date:Apr 17, 2015
Splunk Education: Create Dashboards in Splunk Light
Date:Apr 17, 2015
Splunk Education: Create Reports in Splunk Light
Date:Apr 6, 2015
Splunk Education: Basic Search in Splunk Light
Date:Mar 9, 2015
Splunk Education: Create a Dashboard in Splunk Enterprise
Date:Oct 28, 2014
Splunk Education: Getting Data In (Windows)
Date:Oct 28, 2014
Splunk Education: Installing Splunk Enterprise 6 on Windows
Date:Oct 28, 2014
Splunk Education: Getting Data In to Splunk Enterprise (Linux)
Date:Oct 28, 2014
Splunk Education: Installing Splunk Enterprise 6 on Linux
Date:Oct 28, 2014
Splunk Education: Basic Search in Splunk Enterprise 6.3
Date:Oct 28, 2014
Splunk Light 6.2 Product Tour
Date:Sep 4, 2014
Hunk 6.1 Update
Date:Aug 6, 2014
Get Started with Hunk
Date:Aug 5, 2014
Splunk Weekly Web Demo
Date:Apr 4, 2014
Splunk DBConnect
Date:Feb 1, 2013
Running the Splunk SDK for JavaScript Examples
Date:Dec 19, 2012
Installing the Splunk SDK for JavaScript
Date:Dec 19, 2012
Installing the Splunk SDK for Python
Date:Dec 19, 2012
Connecting the Splunk SDK for Java
Date:Dec 19, 2012
Installing the Splunk SDK for Java
Date:Dec 19, 2012
Logging Splunk Java SDK
Date:Dec 19, 2012
Searching Splunk Java SDK
Date:Dec 19, 2012
Splunk Hadoop Connect - Kerberos Configuration
Date:Nov 1, 2012
Splunk Hadoop Connect - Install and Configure
Date:Oct 22, 2012
Business and Technical Insights with the Transaction Command
Date:Oct 5, 2012
Splunk Education: Creating and Using Event Types
Date:May 3, 2012
Splunk Education: Using Tags
Date:May 3, 2012
Splunk Education: Saving and Sharing Searches
Date:May 3, 2012
Splunk Education: Creating Alerts in Splunk Enterprise
Date:May 3, 2012
Splunk Education: Using Fields
Date:Apr 19, 2012
Dashboarding in 4.3
Date:Jan 18, 2012
Data preview in 4.3
Date:Jan 18, 2012
Windows Search
Date:Apr 11, 2011
Windows Reporting
Date:Apr 11, 2011
Windows Data Inputs
Date:Apr 11, 2011
Adding Inputs to Your Windows Installation
Date:Dec 16, 2010
Quick Tip: Making Sense of Tabular Data (multikv)
Date:Oct 7, 2010
Quick Tip: Using the Transaction Command to Identify Session Spoofing
Date:Sep 21, 2010
Using Lookups in Splunk
Date:Aug 6, 2009
Splunk Search Assistant
Date:Aug 5, 2009
Splunk Interactive Field Extractor
Date:Jul 14, 2009
Life at Splunk
Date:Mar 20, 2012
.conf2014 Wrap-Up
Date:Nov 18, 2014
Don't Miss .conf2014 "Your Data Adventure" !
Date:Aug 11, 2014
Splunk Opens the Door for Innovative Business Analytics
Date:Jan 19, 2014
JouleBug: Using Machine Data to Benefit Society
Date:Jan 19, 2014
The Security Benefits of Splunk Enterprise
Date:Jan 19, 2014
Wipro: The Many Ways Splunk Improves Business
Date:Jan 19, 2014
A Healthy Dose of Splunk at Middlesex Hospital
Date:Jan 19, 2014
Splunk’s User-Friendliness and Expanded Cloud Presence
Date:Jan 19, 2014
Business Intelligence Fueled by Splunk
Date:Jan 19, 2014
Human Capital Management and ADP’s Innovation Lab
Date:Jan 19, 2014
Vello Systems’ Use of Splunk to Develop Applications
Date:Jan 19, 2014
Clint Sharp Highlights Innovative Splunk Capabilities
Date:Jan 19, 2014
John Lewis Transforms Customer Experience Through Splunk
Date:Jan 19, 2014
The Back-End Evolution of Splunk
Date:Jan 18, 2014
Datastax discusses Cassandra and the Age of Big Data
Date:Jan 18, 2014
Ping Identity’s Growth Through Use of Splunk
Date:Jan 18, 2014
BugSense: Splunk’s First Acquisition
Date:Jan 18, 2014
Homes.com Finds Scalability Through Splunk
Date:Jan 18, 2014
The New Interface of Splunk Enterprise 6
Date:Jan 18, 2014
Splunk’s Expansion Into Brazil and South America
Date:Jan 18, 2014
Using Splunk to Address Customers’ Challenges
Date:Jan 18, 2014
Neustar: Solving Growing Pangs With Splunk
Date:Jan 18, 2014
Trade Me: Trading Up With Splunk
Date:Jan 18, 2014
Splunk: The Perfect Choice For Prelert
Date:Jan 18, 2014
Using Splunk to Enhance Cybersecurity
Date:Jan 18, 2014
Hands-On With Splunk Enterprise 6
Date:Jan 18, 2014
Cloudera’s Co-Founder on Hunk and the Future of Big Data
Date:Jan 18, 2014
The Growth of Splunk Enterprise at WorldPay
Date:Jan 18, 2014
Oak Ridge National Laboratory’s Use of Splunk Enterprise for Cybersecurity and Beyond
Date:Jan 18, 2014
The Impact of Splunk Enterprise 6, Hunk and BugSense
Date:Jan 18, 2014
.conf2013 Show Wrap
Date:Nov 13, 2013
Ponies in Space!
Date:Jul 8, 2013
Creativity and Imagination Important for Big Data in Security
Date:Feb 19, 2013
Increasing Splunk’s Reach
Date:Feb 19, 2013
Splunk Co-founders on the Early Days at Splunk
Date:Feb 15, 2013
You Don’t Need To Be a Data Scientist
Date:Feb 15, 2013
Splunk’s Chief Mind on Splunk’s Culture and Company Beginnings
Date:Feb 13, 2013
Splunk, Big Data, Operational Intelligence and .conf
Date:Feb 13, 2013
Splunk CEO Godfrey Sullivan on New Big Data Analytics Use Cases by Innovative Customers
Date:Feb 13, 2013
SJSU Big Data class project: Splunking 100 years of earthquake data
Date:Jan 7, 2013
SJSU Big Data class project: A Day on Twitter, Splunked
Date:Jan 7, 2013
SJSU Big Data class project: Splunking Neverwinter Nights
Date:Jan 7, 2013
Hackathon at .conf2012
Date:Dec 13, 2012
.conf 2012
Date:Nov 19, 2012
.Conf 2012 Promo: Splunk on Splunk App
Date:Aug 29, 2012
.Conf 2012 Promo: Outputlookup or Conditional Statements?
Date:Aug 29, 2012
.Conf 2012 Promo: Splunkd and Custom REST Endpoints
Date:Aug 29, 2012