Splunk today extended the reach of its machine data analytics platform into the realm of networking.
With the general availability of Splunk App for Stream, Leena Joshi, senior director of solutions marketing for Splunk, says the company’s search and indexing engine can now capture real-time streaming wire data as it moves across a network.
Based on technology that Splunk gained with the acquisition of Cloudmeter late last year, Joshi says that Splunk App for Stream will enable IT organizations to create a repository through which they can analyze different classes of machine data. For example, network traffic could be correlated against machine data being generated by other IT infrastructure elements to present a much clearer picture of how different IT events are related to each other, says Joshi.
Rather than relying on specialized appliances that can capture only a limited amount of real-time data, Joshi says Splunk App for Stream allows IT organizations to index all that data in a way that makes it truly discoverable.
The Splunk App for Stream can collect, aggregate and filter wire data from network endpoints as well as routers, switches and other devices deployed on the network perimeter. Using filters and aggregation rules defined through the app interface, IT organizations can control data volumes or opt to capture only the wire data that is relevant for a specific task.
After first extending its reach beyond systems and into the realm of security, the release of Splunk App for Stream represents a new class of machine data added to the Splunk portfolio. From an IT perspective, that means that Splunk is evolving into a central data repository for capturing all IT events. Having that data on hand may not prevent every IT problem. But when it comes time to address an IT issue, Splunk is emerging as one of the best places to get started.