Splunk to Extend Analytics Reach Across Multiple Data Sources


Among Splunk’s latest offerings, debuted at their .conf18 event in Orlando, they’re moving beyond analytics of log data alone.

Splunk this week moved beyond log data as the basis for driving operational analytics to embrace multiple types of data sources that can be analyzed in near real-time.

Announced at the .conf18 conference, Splunk is now beta-testing a Splunk Data Stream Processor through which data can be analyzed before landing in a log file and a Splunk Data Fabric Search offering that will enable IT operations teams to analyze data residing in multiple Splunk repositories.

See also: Splunk wants to tackle complex Industrial IoT data

Splunk president and CEO Doug Merritt at the conference made it clear Splunk intends to extend that capability out to non-Splunk data sources as well. Merritt says Splunk plans to be able to support indexes created on any data repository rather than requiring all data be moved into a Splunk repository to be searched and analyzed.

“Our architecture principle is to embrace the mess, embrace the chaos,” says Merritt. “We want to bring compute to the data as much as data to the compute.”

As proof of that philosophy, Splunk also revealed it plans to expand its reach into the realm of Internet of Things (IoT). A Splunk for Industrial IoT framework for searching and applying analytics to data created by both sensor and machines is now in beta.

Other capabilities Splunk is beta testing as part of an overall “Splunk Next” initiative include a Splunk mobile application and a Splunk Cloud Gateway that enables Splunk data to be stored on a lower cost public cloud such as Amazon Web Services (AWS), a voice and text-enabled natural language interface for querying Splunk without having to master a query language, and a repository for sharing live dashboards dubbed Splunk TV.

In addition, Splunk showed beta version of Splunk Business Flow, a graphical tool for constructing process flow, and an ability to embed analytics within augmented reality applications using QR codes and near-field communications, a container-based application development platform dubbed Splunk Developer Cloud, and tools for analyzing mobile and Web applications christened Splunk Insights for Web and Mobile Apps

Splunk also announced general availability of version 7.2 of Splunk Enterprise, which adds a graphical tool for onboarding data based on a methodology created by Splunk and the ability to convert log events into human-readable metrics.

Splunk is also making available an open-source Machine Learning Toolkit (MLTK) Algorithms framework, a Splunk MLTK Container for TensorFlow tool for building artificial intelligence (AI) applications and a machine learning-based connector to the open source Apache Spark in-memory computing framework.

In addition, Splunk also unveiled version 4.0 of IT Service Intelligence, which is now integrated with the incident management tools Splunk gained by acquiring VictorOps earlier this year, and Splunk Security, which adds a security, automation, orchestration, and response (SOAR) framework.

Splunk is clearly moving to expand the reach of its platform by not only delivering applications in addition to enabling developers to build applications, but also make the core analytics capability available to a much broader range of users. Rather than being dependent on an IT administrator to master the nuances of querying Splunk, natural language capability will make it possible for end users to query Splunk without any intervention on the part of IT necessarily required.

Leave a Reply

Your email address will not be published. Required fields are marked *