Splunk began as an IT search tool used to isolate and solve software problems, but it now has use cases across cyber security and business intelligence
Data analytics tends to follow a common path of taking in information, structuring it into a numerical format and using it to gain insight and take action. Splunk is a technology firm that bucks this trend by “embracing data chaos”. Peter Littlejohns spends time with one of its senior staff members at the annual Splunk .Conf event in Las Vegas, Nevada, to find out how it started and where it’s heading.
Embracing the chaos may not sound like a productive strategy for any business, but one company’s entire value proposition rests on the idea.
Splunk is a technology company based in San Francisco that builds software products to collect data from a range of sources and give users insights on it – a practice that’s had numerous applications, including recording the flushes of an airport toilet and detecting hackers.
Rather than relying on structured data to draw insights – a common practice in the world of data analytics – the tech firm’s software ingests data based on parameters set by each user and finds patterns within it.
The range of possible software applications makes it difficult to define exactly what Splunk is, which is something Josh Klahr, vice president of core services product management – itself a tricky title to decipher – says is both a blessing and a curse.
“The blessing is that it is a Swiss army knife for solving software and machine data problems, meaning customers can do virtually anything,” he says.
“When we speak to Splunk customers to find out what they’re doing with the product, it’s often things we never imagined.
“But it’s also a curse, because it makes it hard to describe — there’s not a one-sentence answer to the question ‘what is Splunk?’”
Splunk’s quirky origins and continuing plight to be different
Founded by serial tech entrepreneurs Erik Swan, Michael Baum and Rob Das in 2002, Splunk was originally a tool created to investigate files logged on the performance of software and machines.
The name Splunk is meant as an amusing derivation of the longer term ‘spelunking’ – meaning to go searching through caves.
The company has kept its quirky appeal despite the departure of each founder from the core management of the business – which is now headed up by CEO Doug Merritt – by creating t-shirts emblazoned with parodies of common IT and security terms like “the end of meh-trics”, and “take the sh out of IT”.
The silliness really hits its peak among the super users known as the Splunk Trust, a community of experts recognised for their work helping other users of the software in a variety of ways, both inside and out of their own businesses.
These individuals proudly wear a fez with the Splunk logo, as if they were tech-savvy Tommy Coopers, at the annual conference — some even opt to wear a cape with a logo, too.
In its early iteration, Das and Swan referred to the product in a YouTube video as “Google for log files” – because it allowed IT departments to expedite the search for errors in their logging history.
At the time, Splunk had 300 employees. The tech firm is now more than 5000 strong and its software is used by 92 of the top 100 wealthiest companies in the United States – otherwise known as the Fortune 100.
Evolving from an IT tool into real-time business and cyber security monitoring
After seeing its customers begin to apply Splunk software in the cyber security space, with many setting up alerts for suspicious activity based on changes occurring on their networks, it chose to side-step into the industry with its own cyber-specific products.
“It was an evolution,” says Klahr.
“Our customers really took us there as they started to realise ‘hey, I have a security problem that Splunk solves really well’ – and they started to solve it.
“We saw that enough times that we decided to start building and packaging up products specifically for security users.
“And that’s honestly how I’d say we’ve evolved the company. As we look at the areas our customers are applying Splunk and see patterns emerging, we build products to do the things our customers are jumping through hoops to do.”
One of the more interesting ways Splunk has been used is in the bathrooms of Dubai’s biggest airport, Dubai International.
Sensors were placed around the bathroom stalls, with the data they recorded plugged straight into the Splunk Enterprise platform – the company’s main business-focused offering – allowing cleaning staff to receive alerts and prioritise the toilets with the highest traffic.
This was just one of the ways the airport integrated Splunk, another being analysing baggage data and using machine learning to predict the next baggage load and allocate staff and carousel space accordingly.
Repositioning as the ‘data-to-everything’ company
There are many creative use cases that span several industries, which is what led Splunk to begin a shift towards creating products that track the flow of operations throughout a business.
This allows companies to get service updates when something goes wrong or monitor the general health of an area and be proactive in preventing an issue before it causes widespread problems.
The company announced a new suite of product capabilities for Splunk Enterprise at this year’s conference that enhance the business value of real-time data analytics, continuing efforts to position itself as the “data-to-everything” platform – the marketing tagline behind this year’s event.
Splunk Enterprise 8.0, which was released on 22 October, includes a “Data Stream Processor” – allowing businesses to create a pipeline of data that delivers insights based on different metrics depending on the department.
The move away from solely IT and cyber security applications began earlier this year, and Klahr says IT and security use cases still form “close to half” of the core business.