Revealed: Splunk's latest game-changer in data tech
Splunk has revealed its latest ground-breaking data management innovations aimed at providing customers with a richer sense of visibility across their enterprises.
The new Splunk Data Management portfolio is designed to help organisations achieve more comprehensive data ownership and control, offering an end-to-end data management experience that integrates with Splunk Cloud Platform and Splunk Observability Cloud.
It comes as IT environments are becoming increasingly complex with the rapid growth of data on-premises and in the cloud.
Organisations are tasked with capturing, storing, and protecting more data while managing sprawling and often siloed services and tools. This fragmentation can be costly; downtime alone is estimated to cost 2000 global companies $400 billion annually, with stock values potentially dropping by up to 9 percent following a single incident.
To mitigate these risks, Splunk believes having complete visibility across the enterprise is essential for optimising investments, improving data economics, and enhancing digital resilience.
Splunk's new Data Management capabilities aim to address these challenges by enabling organisations to preprocess data through a single pipeline, providing end-to-end visibility. This centralised approach allows SecOps, ITOps, and engineering teams to exert greater control over the shape, volume, and destination of their data, thereby unifying the collection of metrics and logs.
"Not all data is created equally, and its value changes over time. Organisations need solutions that simplify the data management experience while enabling them to retain control and ownership of their data," SVP and GM, Products & Technology, Tom Casey said.
"That's why we are thrilled to launch these new Data Management capabilities so organisations can harness true control over their data pipeline."
The Splunk Data Management portfolio includes several new and upcoming innovations:
- Pipeline Builders, powered by SPL2, allow customers to filter, mask, transform, and enrich their data. This helps simplify data processing and reduce costs. Customers can choose between the Edge Processor, a customer-managed offering for more control over data before it leaves their network, and the Ingest Processor, a Splunk-hosted offering for those fully committed to the cloud.
- Ingest Processor unifies data management across the Splunk Platform and Splunk Observability Cloud. This innovation introduces the ability to convert logs to metrics and route them to the Splunk Observability Cloud, Splunk Cloud Platform, or Amazon S3, improving volume control and response times.
- Federated Analytics, announced at AWS re2024, enables customers to analyse data across Splunk and certain external data lakes, starting with Amazon Security Lake. This feature will be available in private preview starting July 2024.
Director of Engineering at Travelport, Ashok Uppalapati, commented on the benefits of the new features.
"At Travelport, we currently use multiple tools to monitor and generate usage reports of our application," he said. "With Ingest Processor, we will be able to consolidate reports into Splunk Observability Cloud, leveraging Logs2Metrics functionality powered by Splunk Data Management Ingest Processor."
Uppalapati believes the new innovations will enable Travelport's teams to use a "unified reporting and monitoring platform and empower stronger cross-team collaboration."
The Data Management pipeline builder, Edge Processor, is now available worldwide.