All You Need is a Browser and Your Imagination

Splunk has the unique ability to make sense of all types of machine data, structured or unstructured, and mash it up with other traditional business data for complete real-time visibility and operational intelligence

Splunk is being used to solve an incredible range of problems. At its heart, Splunk is a massively scalable engine for machine data. Data generated by your applications, servers and network devices, but also web or clickstream analytics, telecoms call detail records, even earthquake data and electricity generation from wind turbines. With Splunk you can index, search, alert and report on all your machine-generated machine data. We call this virtually unlimited use of Splunk the "long tail." Here are just a few examples.


Perform eDiscovery when required. With Splunk find in minutes what you need - database access logs, transaction tracking and history, email records, VPN logs and more.

Big Data

Solve the analytics and data warehouse problems you might have tried to solve with traditional relational database technologies. With Splunk, there are no databases to limit scalability and no rigid database schemas to limit flexibility. Index whatever unstructured time-series machine data you have and scale Splunk as needed across low-cost commodity servers. Index terabytes per day and search on months or even years of data in seconds.

Green IT

Correlate power usage with other machine data from your IT infrastructure to make your operation more green and cost-effective. Use Splunk to provide a view of your physical and virtual infrastructures and the power consumed by various applications and servers.

Scientific Data

Use Splunk to analyze scientific data, proteins, pharmaceutical data. Set up alerts based on thresholds. Identify earthquake patterns and anomalies.


Astronomy records a lot of data that needs to be indexed for search and aggregated for reports. Optical telescopes, radio telescopes, and spectrometers can generate over a 1 TB of computer data per day. Much of this data is photo related for trend analysis of observed readings, but the rest is time-series data that requires searching, analytical investigation, and reporting. Since this is unstructured, time-series data generated by software, it's ideal for Splunk.

For instance, take a look at the following astrometry data:

Fri May 21 22:34:40 EDT 2010 star=n14532 1.01
Fri May 21 22:35:40 EDT 2010 star=n14532 1.00
Fri May 21 22:35:40 EDT 2010 star=n32344 1.62
Fri May 21 22:36:40 EDT 2010 star=n14532 0.99

Fri May 21 22:37:40 EDT 2010 star=n32344 1.60

In this example, the last number in each series represents the observed magnitude (an object's brightness) of different stars. Indexing this data in Splunk enables you to plot the relative average observed magnitude by star using a simple search command.

sourcetype=starlog timechart avg(observed_magnitude) by star

With two stars and very few events, this isn't terribly exciting. However, from real calculations, with billions of galaxies and trillions of stars, the chart becomes more compelling. Fortunately, Splunk is designed for extremely large data volumes and includes features like 'summary indexing' to deliver results quickly when computing across large data sets.

What Are You Doing With Splunk?

We love to hear about new ways people are using Splunk, and share the ideas with the community. Send us an email with a brief description on how you're using Splunk in a "long tail" way, and we'll add it the website. Let us know if you'd like it to be anonymous or if it's okay to mention your name and company.