I had a briefing with Splunk the week before Citrix Synergy, but when I sat down to write about it, I wasn't sure that I could do it justice. The general idea is that Splunk can take any data, any log, from anywhere in your infrastructure and add it to a searchable, intelligent index through which you can extract all sorts of meaningful data about what's happening. By default, the system will watch all the logged events and return slices of interesting data. For instance, from the dashboard you can see that a specific server name or event type is occurring at a higher than normal frequency. From there, you can drill down and chase the cause of the error from the hypervisor to the storage, networking, and even the VM.
To help make sense of the ridiculous amount of information captured by the system (I mean that in a good way), Splunk also has "apps" that they make freely available to focus on specific information and format it in an instantly-useable way. These apps can also be customized, and there is a large community of users that also contribute their own apps.
Rather than try to dig much deeper, I tracked down BriForum speaker and all-around-great-guy Jason Conger to give the full demo on camera. The 25 minute video made Justin's arms tired, but at the end, even he understood what Splunk was all about. So grab a coffee and spend the next half hour getting a view of one of the more unique products in our space:
(Note: You must be logged in to post a comment.)
If you log in and nothing happens, delete your cookies from BrianMadden.com and try again. Sorry about that, but we had to make a one-time change to the cookie path when we migrated web servers.