Splunk Launches New Version Of IT Search Engine

Splunk 4 improves search technology's speed, scale, usability, and manageability, company says

July 22, 2009

7 Min Read


SAN FRANCISCO " July 21, 2009 " Splunk, the IT Search company, today announced Splunk 4, the next generation of IT Search. In 2006 Splunk changed the game with its release of the "by IT for IT" Splunk IT Search technology. Since then, the success of Splunk and IT Search is well chronicled, consistently winning awards and recently having passed the 1,000-licensed customer mark. Utilizing input from customers and a community of passionate users, Splunk IT Search built its reputation with powerful capabilities to troubleshoot outages, investigate security incidents, and demonstrate compliance, providing a new and vastly better approach to helping IT professionals get their jobs done. Today, with the release of Splunk 4, the company continues to innovate by dramatically improving the speed, scale, usability and manageability of this pioneering IT Search technology.

Founded by experienced IT pros to overcome the limits presented by manual processes, point solutions and proprietary technologies, the Splunk vision remains unchanged. Customer IT management and security challenges will always be at the forefront of Splunk innovation. Building on the success of its predecessor release, Splunk 4 significantly improves an organization's ability to manage, secure and audit their entire IT infrastructure. Re-architected and supercharged, Splunk 4 has infused IT Search with lightning-fast speed and a highly customizable user interface that enables everyone from sysadmins to execs to realize the benefits of Splunk. Significant usability enhancements, combined with the Splunk track record of fast deployment, help ensure Splunk 4 users will be up and productive quickly to deliver a fast return on their investment.

"Splunk 4 unleashes the massive potential of IT Search," said Erik Swan, CTO and co-founder, Splunk. "Since day one, we've been in awe by the groundswell Splunk has created. As more and more users came aboard we learned about the power of IT Search over 'IT dark matter' [the world of unintelligible, unstructured IT data]," said Swan, adding "in Splunk 4 we absorbed extensive feedback from users and re-architected the product to support unlimited scalability, complex Splunk deployments and an increasingly diverse user base, and created a framework to develop and deploy IT apps that leverage the Splunk engine." Swan concluded, "Our loyal users and new customers will love Splunk 4, and they will be able to extend the power of IT Search to anyone in their organization " with this release, there is innovation for everyone."

In addition to substantial scalability and manageability improvements, Splunk 4 offers users the ability to create custom dashboards for anyone in fewer than five clicks. The release also shatters the speed of previous releases with up to 10x faster search and 2x faster indexing, radically enhancing IT issue resolution times and incident investigations, giving users the power to index terabytes per day and search on massive amounts of IT data to deliver results in seconds on low-cost commodity server hardware.

"We are seeing dramatically faster search and indexing rates--in the range of roughly 10x faster searches and 2x faster indexing speeds," said Sean Delaney of VeriSign. "With Splunk 4 we were easily able to build rolebased, custom dashboards to give our service desk views into the data needed to resolve issues the first time and avoid escalations. We plan to introduce Splunk to other groups in the Authentication business unit to accomplish similar productivity gains."

Splunk understands how customer needs are diverse and constantly changing, and through this new release, users now have the power to easily develop and deploy IT Apps running on the Splunk engine. In addition to customers developing their own IT apps and dashboards running on Splunk, an increasingly broad set of apps are becoming available for use from Splunk and Splunk technology partners: examples include Enterprise Security, PCI Compliance, and Change Management from Splunk, and partner Apps for use with F5, VMware, and BlueCoat. These IT apps dramatically expand the utility and value the Splunk engine delivers to customers. In addition, with Splunk 4, users can easily navigate from one installed App to another, for instance, while managing a security incident a user can move from the Enterprise Security Suite App to the Change Management App to see if a configuration change has impacted an investigation, saving them valuable time. "Using the same set of data, Splunk 4 provides sysadmins, security analysts, auditors, and CISOs the ability to leverage the custom dashboards, views, or apps they need to get their jobs done. Based on their role, Splunk 4 makes it much easier for them to troubleshoot IT issues, investigate incidents, identify fraud, report on compliance and correlate trends," said Michael Montecillo, principal analyst, Enterprise Management Associates. Additional Splunk 4 Beta Customer Feedback: "I want to congratulate Splunk on a wonderful job; we are always surprised at how the product gets better with each release and is developing in the way we'd like to see for use within our organization." Vodafone

"We believe that Splunk 4's massive performance and scale enhancements will be instrumental in helping Edmunds to improve the indexing and management of our ever-increasing log volume." Edmunds.com

"We've been able to build a series of apps that run on top of the Splunk 4 engine that use IT Search to provide F5 customers greater visibility and reporting." F5

"The new reporting capabilities are very powerful. The wizard makes it easy for Tier 1 support or marketing folks to build the reports they need. The new customizable UI is a huge improvement—it opens up many more use cases for us." Vodafone

"In addition to the obvious speed and scalability enhancements in Splunk 4, the release also has hundreds of cool new improvements that will make my team more productive and help us to expand the benefits of Splunk to many different users." Swisscom

About Splunk 4 Eighteen months, over 1,800 enhancements and 50+ features are included in Splunk 4. These enhancements cover four key areas:

Enterprise Speed and Scale

  • Splunk 4 obliterates its past performance with up to 10x faster search and 2x faster indexing.

    • Splunk 4 is the industry's highest performance search engine for unstructured IT data and based on a MapReduce implementation. Enterprise-wide Usability

    • Splunk 4 provides the power to easily build custom dashboards for any user, from hardcore techies to mid-level IT and senior management, expanding the footprint of Splunk throughout the organization.

    • Splunk 4 has new features such as a new Search Assistant and a Getting Started app to speed the learning curve for novice users.

      Enterprise Management

    • Splunk 4 offers enterprise-grade manageability for customers having single Splunk servers or complex geographically distributed implementations with thousands of Splunk servers and forwarders. Now, with Splunk Manager, administrators can now manage their Splunk installations centrally and delegate management of Splunk to departments and users.

    • The Splunk Manager also provides more comprehensive role-based access controls. Permissions can be set to restrict user access to specific data sources, apps, dashboards, management configurations and other system parameters. From Search Engine to IT App Engine

    • Splunk 4 App Framework offers users the ability to create or leverage existing Apps running on the IT Search engine, for the growing universe of out-of-the-box solutions from Splunk, Partners, and the Splunk User Community.

    • A partial list of Apps includes: Splunk for PCI, Splunk Enterprise Security Suite, Splunk for Change Management, Splunk for Windows, Splunk for *nix, Splunk for use with F5 Solutions, Splunk for Blue Coat, Splunk for VMware, Splunk 2 Nagios.

    • Splunk 4 Apps can be seen at: www.splunk.com/apps, where customers can browse and download Splunk Apps and updates, including Partner Apps, Free Splunk Apps, and Community Apps. Splunk users can also browse apps from the product itself, using the new Splunk Launcher interface.

      Splunk 4 is available immediately. Pricing starts at $7,500 USD. Free trial downloads are also available immediately. To learn more, please visit: www.splunk.com/download.

      About Splunk Splunk is the IT Search company radically changing the way organizations manage, secure and audit their IT infrastructures. Only Splunk enables you to search, analyze, monitor and report on data from any application, server or network device in real time to troubleshoot outages, investigate security incidents, meet compliance requirements, and more, in minutes instead of hours or days. Over 1,100 enterprises, government organizations and service providers, and more than 350,000 users, use Splunk to achieve higher availability, investigate security incidents in record time, and realize new levels of IT operational efficiency. Partners such as Cisco, F5 and over 50 OEM, System Integrator, Value Added Reseller, and Managed Service Provider partners are driving new business and fueling their offerings with IT Search. Download your own free copy of Splunk today at http://www.splunk.com For more information, please contact: Media Contacts: Joe Fitzpatrick Splunk Inc. 415.848.8553 [email protected]

      Katie Watson Voce Communications 408.439.2002 [email protected]

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights