Splunk .conf2014 was a massive and exciting gathering of Splunk users, customers, and partners that offered a diverse opportunity for everyone to learn about some of the most unique use cases of Splunk, all the while benefitting from a broad array of existing and new networking opportunities across the industry. As a Splunk partner and certified training center, GTRI benefitted the most from this perfect networking opportunity, even potentially bringing in future business with our already well-established Splunk professional services as well as the new and forthcoming managed services offering. The fact that the event was in Vegas may have assisted in some of our conversations…but as they say, what happens there stays there.
Not surprisingly, Splunk made several announcements at .conf this year, ranging from personnel and direction shifts to new product releases and upgrades. Out of the three days of session breakouts, two major announcements stood out above the rest. The first of these is the announcement of Splunk Enterprise version 6.2. It may not seem to be a major shift going from 6.1 to 6.2, but given Splunk’s recent strong push toward their mission (a universal machine data platform that is usable and valuable for EVERYONE), this enterprise upgrade may be the closest they can get without crossing the line into a major version upgrade to Splunk 7.
While Splunk is a relatively simple tool to use, with many people across the business being able to reap the benefits with minimal training, a majority of the searching and reporting features are still reserved for experienced administrators. Splunk 6.2 will facilitate the use of the software for a broader array of users. Many of Splunk’s searching and Pivot functions have received a major makeover, in that the user is given a simple point and click graphical interface that extracts the pertinent data with ease. This should open the door to more potential use cases for every customer and business.
Splunk’s second major announcement is the release of a new app called Splunk>MINT. (No, it’s not a financial application like the Mint mobile app from Intuit you may have heard of.) At Splunk, Mint stands for Mobile INTelligence, and is the birth child of Splunk’s acquisition of Bugsense, which was announced at .conf last year.
In short, Mint will be a single source for all mobile user transactions that are fed into a Splunk instance. And when I say “all” I mean ALL. It will have the ability to monitor as fine a detail as when a user clicks the “Back” button in their mobile web browser, or when they take a screenshot while on the network. Though it may seem a little concerning and perhaps overkill to monitor that closely, the app will really shine in its true use case and ability to monitor and troubleshoot mobile application issues, tracking when an application crashes and getting the details as to “why.”
Especially with users of internal or proprietary business applications, this tool will reduce quite a bit of troubleshooting issues that always creep up on mobile versions. And maybe your customer is really interested in the detailed mobile logs that are generated by the individual user activities on their devices. This functionality gives Splunk>MINT an out-of-the box mobile auditing tool, a solution that many customers will find quite beneficial to their businesses.
Like all other Splunk apps, Mint is packaged with some amazing pre-configured reports and dashboards to give the users immediate benefits and fast time to value. One more thing to mention, Mint will be another of only a few of Splunk’s paid apps.
Dominos use case panel.
While I could keep writing about the dozens of customers and use cases we saw, I think the fact that seeing and meeting so many of these customers with unique use cases was the true benefit of attending Splunk .conf2014. We saw examples from Dominos using Splunk to monitor sales trends and make marketing decisions, to Comcast monitoring and troubleshooting their customer’s X1 home DVR devices, to Coca-Cola monitoring thirst trends from the touch screen drink dispensers you see in restaurants (those dispensers are nothing short of magic to me). We even learned that the Hospital Corporation of America (HCA) uses terabytes of indexed data per day to not only optimize their IT infrastructures, but to aid in nursing and checkup efficiency by monitoring when mobile nursing stations will need battery replacement well before a power loss would happen.
Splunk partners and practitioners are fully aware of the fact that Splunk can handle practically any use case your brain can whip up, actually seeing and talking to the customers that have implemented such interesting and unique use cases is where .conf really shines.
To end in a two word cliché, Happy Splunking!
