1
00:00:00,680 --> 00:00:08,010
First step as part of this module is to understand what really Splunk is.

2
00:00:08,030 --> 00:00:15,770
When you usually read about Splunk on Internet blog or speak about Splunk with your colleagues.

3
00:00:17,040 --> 00:00:19,660
You would have heard some of these points.

4
00:00:19,680 --> 00:00:21,870
The first point here is.

5
00:00:22,750 --> 00:00:25,060
That comes up when discussing about Splunk.

6
00:00:25,210 --> 00:00:29,980
Some people call it as a log management or a log collection tool.

7
00:00:30,010 --> 00:00:34,000
Yes, it can be a log management or log collection tool.

8
00:00:34,120 --> 00:00:39,430
It can collect logs and it can manage those logs as per organizational policy.

9
00:00:39,430 --> 00:00:41,110
But that is not a.

10
00:00:42,490 --> 00:00:48,400
And one more common point that comes up whenever a discussion on Splunk is going on, saying it as a

11
00:00:48,400 --> 00:00:53,560
IT monitoring tool or application performance monitoring tool, if you ask me.

12
00:00:53,560 --> 00:00:57,010
Yes, of course I will say it as a monitoring tool.

13
00:00:57,040 --> 00:01:04,990
It can monitor your CPU, RAM, hardware usage, etc., which all the typical monitoring tool does and

14
00:01:04,990 --> 00:01:11,740
also can alert you based on threshold conditions that you mention as part of your alerts.

15
00:01:12,070 --> 00:01:20,440
Also, as part of application monitoring is concerned, it can monitor or keep track of gvm heap size,

16
00:01:20,440 --> 00:01:28,900
response, time of your request, website status, threat logs and the thread usage by applications,

17
00:01:28,900 --> 00:01:30,370
etc. and so on.

18
00:01:30,610 --> 00:01:37,930
So to conclude, yes, Splunk can be used as a monitoring for it.

19
00:01:39,300 --> 00:01:43,560
Our infrastructure and also it can monitor your application performance.

20
00:01:44,370 --> 00:01:53,370
So the next point in our discussion is big data domain or where Splunk has been seen adding great values

21
00:01:53,370 --> 00:02:00,870
and getting the most out of the data available inside the organization in which it is projected as a

22
00:02:00,870 --> 00:02:02,940
big data analytical platform.

23
00:02:03,960 --> 00:02:10,740
And also it has been used to get inserts of business intelligence like cost per click views, per page

24
00:02:11,130 --> 00:02:17,070
advertisement, revenues and impacts from the campaigns that are run on social media like Facebook,

25
00:02:17,070 --> 00:02:18,750
Instagram or LinkedIn.

26
00:02:20,100 --> 00:02:26,820
And a few more points would be like identifying sources from where the traffic has been originated.

27
00:02:26,850 --> 00:02:32,910
It might be social media or search engines or other third party sites on the Internet.

28
00:02:35,240 --> 00:02:43,850
And now moving on to our next point, SIM, which stands for Security Information and Event Management,

29
00:02:44,000 --> 00:02:51,920
which is used as part of their SOC in most of the organization and plays a vital role in securing their

30
00:02:51,920 --> 00:03:00,290
organization since Splunk can be used in security also at its position as a next generation SIM solution,

31
00:03:00,290 --> 00:03:09,620
it is a major competitor for traditional Sims like IBM, Q Radar, SB, oxide, logarithm, etc. And

32
00:03:09,620 --> 00:03:13,340
this vertical is the most active as of now.

33
00:03:15,060 --> 00:03:22,050
When I say most active, it is most active in terms of growth, revenue improvements and the innovations

34
00:03:22,050 --> 00:03:23,640
that are happening in this domain.

35
00:03:24,150 --> 00:03:31,560
When you see us Splunk perspective and the next point, we can see that operational intelligence, which

36
00:03:31,560 --> 00:03:39,390
has been coined by Splunk itself as a tagline for its product, and it refers to all the points we have

37
00:03:39,390 --> 00:03:45,300
discussed before and many more in this discussion of how we can define Splunk.

38
00:03:45,330 --> 00:03:53,160
If you ask me basically what Splunk is, I would simply say it is like a Google for your organization,

39
00:03:53,160 --> 00:04:00,030
where all the data from your organization has been fed into Splunk, indexed, and it is stored inside

40
00:04:00,030 --> 00:04:00,480
Splunk.

41
00:04:00,480 --> 00:04:02,340
So that any time you need.

42
00:04:03,100 --> 00:04:10,690
You can just write a search like what you search in the Google or any other search engines.

43
00:04:11,200 --> 00:04:17,610
You will get information that is specific and related only to your organization.

44
00:04:17,620 --> 00:04:24,400
All the data that has been fed to Splunk in your organization and if you know how to search, it will

45
00:04:24,400 --> 00:04:30,850
be like a mini Google for your organization where you'll be able to find quick solution, get value

46
00:04:30,850 --> 00:04:37,840
out of what data is in your organization, and to troubleshoot any issues inside your organization.