It’s 2018, a new year with new data analytics trends. Machine Learning, Artificial Intelligence, Blockchain and IoT are all leading contenders that have been talked about a lot, but I would still argue that machine generated data analytics is still just as relevant in 2018. Machine data makes up about 80%-90% of the data that’s out there and can help drive critical use cases around security, IT Ops, App Delivery and much more. When it comes to machine data analytics, Splunk immediately comes to mind. They are by far the leader in this space and have been making moves to incorporate things like Machine Learning and IoT into their platform. I have written a couple other blogs about Splunk here and on Big Data Beard and suggest you check them out too. Most of them are about what Dell EMC is doing with Splunk, the optimal solutions for Splunk and the apps we have for Splunk. The one thing we never had, however, were Splunk services… until now.
I’m pretty excited that Dell EMC has begun to develop pre-deployment and post-deployment services that help customers get the most out of their Splunk deployment and truly be able to “Ask any question” from their data. Prior to this, Dell EMC focused on developing solutions that comprised of optimal hardware and Splunk software. With our new services capabilities, our tripod is complete. I am reminded of the 30 Rock episode that talks about the “Third Heat” convection oven— cue Tracy Morgan yelling “I am the third heat”!
Why Are Services Important?
Splunk is the easy button for analyzing machine generated data. Deployment is a lot less complicated than other data analytics tools like Hadoop and users can quickly get access to data, create searches, reports and dashboard. However, this is just scratching the surface and we have seen organizations struggle to fully optimize their Splunk deployments and get the most out of their data. I spend a good amount of my time talking to Splunk customers and one trend I’ve noticed is that as organizations grow with Splunk, issues start to arise. Initially, the deployment might have worked but as more users within the company adopt Splunk, searches become more complicated and ingestion grows, the initial deployment model might not be ideal. To solve their scaling issues, admins add more resources hoping that will solve user issues, which might not be optimal. Here is where services can really help! Whether it’s before the initial deployment or after, our services professionals can set organizations up for success or pinpoint the pains and make recommendations to fully optimize Splunk.
What Can We Do?
Here are some of our pre- and post- Splunk offerings:
- Health Checks: Define and Assess gaps and provide recommendation and best practices. This includes perform optimization and efficiency tests.
- Pre-deployment site check: Support Strategic Initiatives: Use-Case development, capacity planning. Architecture validation to meet the client needs.
- Splunk Deployment: Install and configure components (Indexer, forwarder, search head etc..). Assist in configuration of custom apps as needed.
- Implementation: Assist in development of Custom Dashboards, Reports for visualization of data. Develop policy for data retention and governance.
- Optimization: Validate High availability, check on configuration, Indexer/Query performance issues in the deployment.
I would be remiss not to mention the great things Secureworks is doing in the area of Splunk. Secureworks is a part of the Dell Technologies family and our brothers and sisters over there have created an all-encompassing portfolio of managed services for Splunk security use cases. Security accounts for probably half, if not more of customer uses for Splunk. Splunk has wonderful products for this space like Enterprise Security but it can still be difficult for some organizations to achieve their goals. This is Securework’s bread and butter. Their abilities range from helping set up dashboards to setting up and running your SOC with Splunk and everything in between.
2018 is already shaping up to be a great year. Dell EMC is now a one-stop shop for customers looking to deploy Splunk and get the most out of it. If you want to learn more about our services reach out to your Dell EMC account rep and they can set up a meeting with our Splunk services team or email us at [email protected]