IT Operations Analytics Forum

A5223938 eed9 42af 9f16 9a9bd1568f21 avatar
Content and Community Manager
IT Central Station
Recently, our user activity has shown that Splunk is the most commonly searched solution on our site.  3,643 of our community members follow Splunk, and it's listed in five of our product categories: Log Management, Data Visualization, IT Operations Analytics, and Security Information and Event Management (SIEM). What are some of the best features and use-cases of Splunk, and why are people explicitly searching for it to learn more?
Bdd785d9 4156 4288 b5a3 6ffdeb848ca9 avatar
Randall HindsI agree with Aaron & Tom on their points. Along their use cases, I have been able to show more than Log data in Splunk views. We tested several plug-ins during a small pilot, and we were able to bring O/S (Win/Unix/Linux) & APM data metrics into the same views as Logged data. I've seen others use it to visualize a wider range of data types, too. That said, Tom's point resonates with me. Their are better tools for visualization (ZoomData & Kibana come to mind), but as an aggregator Splunk has the most plug-in types out there. IF (big if) you have the $$ to support ingesting everything, you could theoretically pull data that lives in 40 or 400 source tools and thousands of hosts/systems into a single set of enterprise views. I am not fortunate enough to have that kind of budget though... After proving the concept in pilot, we had to dismantle our 'unified views' due to lack of funding.
Jean luc labbe li?1414333227
Jean-Luc LabbéGood log management solution you can use if you know what you ae looking for. Not a SIEM solution though even though customer should be aiming for solutions that go beyond what a SIEM does, that is, a Security Intelligence platform.
Anonymous avatar x30
Julio JimenezThe flexibility that it offers, One of the most powerful features of Splunk is its ability to extract fields from events when you search, creating structure out of unstructured data. It takes a small amount of “learning time” to start creating or getting searches that are meaningful to you. You can start “splunking” for free, which allows you to see the benefit. There is a ton of resources on the web, uses cases, and step by step instructions.
Bdd785d9 4156 4288 b5a3 6ffdeb848ca9 avatar
Program Manager - Enterprise Command Center at a financial services firm with 10,001+ employees
Looking for any comparative details for Event & Incident Analysis engines, such as Moogsoft's solution.De-duplication of Event messages and automated isolation to upstream incidents/events seems promising.
Membersh178113 li?1420470253
membersh178113Try Operations Manager I (OMi) from Hewlett Packard Enterprise. Differentiated product, scales from SMB to large Enterprise/xSP networks. Comes in a solution bundle with options to include industry leading ITOA (big data analytics capability). documented reference customers with more than 70% event consolidation/suppression.
Bdd785d9 4156 4288 b5a3 6ffdeb848ca9 avatar
Randall Hinds** Altug, Your note is very helpful; Thanks very much! The outline of capabilities and requirements is insightful and echoes personal experience. I can see even without product names, you've almost certainly work with and hit your share tooling challenges. The products in this space need to meet the bar you describe. ** Omar/Manish/Phillippe, CA SOI/TESM & CA UIM are capable in that they will deliver Service Modeling and Event Mgmt, but they are both expensive and labor intensive to implement and support for their core functionality. Moreover, a tool that merely presents or produces events should NOT be considered an Event Mgmt solution or an Event Analysis engine. ** Dan, I've haven't taken time to read up on BigPanda. Agreed on the importance of Altug's point. Care & feeding can get out of hand quick.... ** Philippe, You hit a point which started my question. Netcool Omnibus was an acquired product, originally by MicroMuse, whose founders have now created Moogsoft. How to compare NOI and Moog, when they are so similar... Real world implementation experience... better yet, a bake off, side by side implementations...? Having tested Netuitive, Prelert, CA ABA, Tivoli Predictive Insights (PI), and BMC BPPM for Predictive capabilities, no vendor product has been able to pass muster. Both Moog & NOI have predictive'ish functions. Moog's is built in as an 'extension' of Incident Analysis, but I fear it may only be predictive'ish. NOI is a collection of Tivoli tools that require a rather large Tivoli Framework to build on for full visibility. PI is one of those add-ons but will only analyze Event data as part of NOI. Unless additional PI metric feeds are licensed, NOI does not advertise to compete as a Predictive. What I want to achieve... Ideally?... Efficiency and focus for my staff that is manually handling (trending in source, correlating across in time and CI relation, and isolating business data flows to probable break point) of over a 1000+ events each in a single shift. The Holy Grail would be a tool accurately isolating to the earliest possible Event(s) and a specific Incident as far upstream as possible for a given issue or impact type that is the likely break point.
Img 4784763712168
User at a writing and editing position
1. Can Hitachi Data Center Analytics be used in OpenStack environments? 2. Is the Hitachi Data Center Analytics licensed on a per GB, per CPU or per Host (or VM) basis? Thanks in advance.
Bdd785d9 4156 4288 b5a3 6ffdeb848ca9 avatar
Randall HindsHitachi Data Center Analytics is designed to measure and report on Hitachi Storage, and there are products/drivers for OpenStack implementations to leverage Hitachi's block storage. Not having used Hitachi Data Center Analytics or Hitachi Storage personally, I am not aware of the costs involved or the license schema.
Rodolfo siqueira li?1428032744
Rodolfo Siqueira1. Can Hitachi Data Center Analytics be used in OpenStack environments? Yes, it can. All the metrics are gathered directly from the devices using their respective APIs and are kept in a very optimized and compressed way in the HDCA database. The database can be queried using HDCA specific SQL language and used for OpenStack management and provisioning. For example, the query could be executed as part of a Heat template. 2. Is the Hitachi Data Center Analytics licensed on a per GB, per CPU or per Host (or VM) basis? HDCA is licensed per usable capacity, using the same rules and price bands as Hitachi Tuning Manager.

Sign Up with Email