SplunkLive! makes for revealing IT management showcase

Splunk users share frustrations, victories at SplunkLive! Boston

1 2 Page 2
Page 2 of 2

EMC hardware despite assurances from both vendors, and that took about six months to sort out (Kadakia wishes that Splunk’s cloud-based offerings were further along a couple of years back when his group adopted Splunk, but instead Partners went with an on-premises version better able to handle its processing needs.). Kadakia also urged Splunk to rethink its licensing model to accommodate realistic enterprise use of the software given exploding data growth (“the more you consume, the more you pay approach is frustrating for me”); he suggested a tiered model based on the number of users.

splunklive tweet Twitter

Attendees reacted to Kadakia's SplunkLive! talk via social media, at the urging of show organizers who held a contest for the best #splunklive tweets

A more general piece of advice shared by Kadakia regarding tools like those from Splunk that collect oodles of machine data for the analyzing pleasure of employees is that certain skills are really needed to make sense of the data regardless of how nice the dashboards look. “People can’t sit around all day and look at dashboards,” he said, noting that what often happens is that employees have to squeeze the data analysis in between their real job duties. Hiring dedicated statisticians or people with true analytical capabilities is worth considering as part of any such project – not that such people are easy to find, he said. 

Dunkin’ Brands: Index Everything

Dunkin’ Brands’ Matt Kraft, director of application development and consumer technology, said regular proclamations by the coffee and donut company’s CEO about the next big mobile app capability keep the IT team on its toes. Dunkin’, which this week went live with mobile ordering, now has 4.5 million Perks Rewards loyalty members – and that adds up to loads of data that that the company uses to make important decisions.

Matt Kraft, Dunkin' Brands: "We do take an approach of index everything"

Dunkin’, which installed an on-prem version of Splunk at the urging of its security team, takes an approach of “index everything” when it comes to the data it collects under the assumption you never know what you might need it for, Kraft says (Dunkin’s enterprise license supports 100GB of ingested data). The company started using Splunk for basic IT operations data, such as server health and application monitoring, but has come to rely on the software increasingly for gaining visibility into consumer behavior, ranging from loyalty program password problems to marketing campaign adoption to fraud. One example: Keeping an eye on how many customers were using Apple Pay under one promotion that gave them bonus rewards from a finite pool of money.

More business-facing dashboards will be developed using Splunk going forward, and this includes tracking how online ordering goes, Kraft said. Doing so with traditional BI tools would be much more challenging, he said. While Dunkin’ has already seen data research requests to engineers drop to nearly zero, the company is giving even more thought now to how it actually logs data so that queries are easier to build in Splunk, Kraft added.

Athenahealth: Splunk security supporter

A recurring theme among Splunk customers is the product’s flexibility. Jake McAleer, senior manager for IT security at Athenahealth, says flexibility is key for the Watertown, Mass.-based provider of web-based portals for doctors’ offices and hospitals because so much of what it does is customized.

“Because we’re a custom-developed application we don’t necessarily have a framework for consuming logs,” he said. “A lot of the stuff that’s out there is specifically designed to say ‘I’m looking for a domain controller log, I know specifically what to look for’.” 

Furthermore, he said Splunk makes it easy to give users access without giving them carte blanche, and he said the software is forgiving when DevOps makes changes to apps. "It's not the end of the world" to rejigger things, he said.

athenahealth Bob Brown/NetworkWorld

Jake McAleer, Athenahealth: With Splunk, not the end of the world if DevOps makes app changes

Athenahealth uses Splunk Enterprise Security regularly to consume anti-malware, anti-virus and other logs, and users employ the tool to check for patterns and craft alerts related to high value targets. The company consumes just below 400GB of data a day under its license, and has a goal of keeping 2 years’ worth of data searchable by Splunk.

A Splunk rep boasted in an event warm-up video that "There’s no place to have more fun in Las Vegas than the Splunk conference, am I right?" That sounds like a stretch, but based on the mini-Boston edition, the company's next big customer event in Orlando in September could be worth the trip.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2016 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2