Post on 19-Apr-2020
Splunk> Juergen Magiera jmagiera@splunk.com
Copyright © 2012, Splunk Inc. Listen to your data.
Agenda
Telco‘s?
Wer ist Splunk?
Warum Splunk?
Was ist Splunk?
Beispiele
Demo
2
Telco’s
Copyright © 2012, Splunk Inc. Listen to your data.
Die Herausforderung
“Um mit den steigenden Datenmengen fertig zu werden, müssen die Telekom-Unternehmen in Deutschland noch
50 Milliarden Euro
investieren”
Zitat: aus SZ; René Obermann, Vorstand Deutsche Telekom
4
Copyright © 2012, Splunk Inc. Listen to your data.
Fokus Bereiche Telco’s
5
Kunden-Nähe
Neue innovative Produkte
Operational Excellence
Kosten-Optimierung
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
Verschiedene Business Prozesses fuer Endkunden Angebote
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Verwendetete Business Prozesse Produkte &
Services
Gaming
Managed Services
Copyright © 2012, Splunk Inc. Listen to your data.
Prozesse und Services basieren auf IT Systemen
Order Placement
Order Confirmation
Credit Check
Service Request Creation
Network Equipment
Configuration
Inventory Check
Beispiel Order Management Process
Hardware Networking Applikationen Data
Warehouse Middleware Endgeräte
Diverse IT Systeme / Support / Order Management
Copyright © 2012, Splunk Inc. Listen to your data.
Durchgängige Sichtbarkeit – eine Herausforderung
Hardware Networking Applikationen Data
Warehouse Middleware Devices
IT Systems Supporting Order Management
Search & Identify
Monitor Systems
Operational Visibility
Business Insights
• Was verursacht Verzögerungen im Bestellprozess?
• Wie lange braucht der Bestellvorgang?
• Können wir proaktiv ein Problem erkennen?
• Wie viele Bestellungen kommen momentan herein?
• Wie viele Bestellungen wurden abgebrochen und an
welcher Stelle?
Copyright © 2012, Splunk Inc. Listen to your data.
Daten sind überall
8
Configs Messages Traps Metrics Scripts Changes Tickets
Windows • Registry • Event logs • Filesystem • sysinternals
Linux/Unix • Configurations • Syslog • Filesystem • ps, iostat, top
Virtualization • Hypervisor • Guest OS • Guest Apps
Applications • Web logs • Log4J, JMS, JMX • .NET events • Code and scripts
Databases • Configurations • Audit/query logs • Tables • Schemas
Networking • Configurations • Syslog • SNMP • netflow
Customer Data • Click-stream • Shopping cart • Online transaction
External • Call Detail Records • MMS / SMS • GPS • Logistics
Logs
Warum Splunk?
Copyright © 2012, Splunk Inc. Listen to your data.
Splunk’s Mission
Maschinendaten sammeln, indexieren und effektiv nutzen
Problemen, Risiken und Chancen identifizieren
Bessere Entscheidungen für IT und Business ermöglichen
Copyright © 2012, Splunk Inc. Listen to your data.
einheitliche Anforderung – unterschiedliche Lösungen…
11
Applikations Databases Machines Network/Devices Client/Desktop Web
App Management DB Management Systems Management Network Management Analytics
Unterschiedlichste Monitoring- und Analysewerkzeuge
Copyright © 2012, Splunk Inc. Listen to your data.
…eine Lösung die Ihre Daten korreliert…
13
Applikations Databases Machines Network/Devices Client/Desktop Web
App Management DB Management Systems Management Network Management Analytics
Copyright © 2012, Splunk Inc. Listen to your data.
Logfiles Configs Messages Traps Alerts
Metrics Scripts Tickets Changes
• Registry • Event logs • File system • sysinternals
Windows
• Configurations • syslog • File system • ps, iostat, top
Linux/Unix
• Hypervisor • Guest OS, Apps • Cloud
Virtualization & Cloud
• Web logs • Log4J, JMS, JMX • .NET events • Code and scripts
Applications
• Configurations • Audit/query logs • Tables • Schemas
Databases
• Configurations • syslog • SNMP • netflow
Networking
• Click-stream data • Shopping cart data • Online transaction
data
Customer Facing Data
Outside the Datacenter
• Manufacturing, logistics…
• CDRs & IPDRs • Power consumption • RFID data • GPS data
Kein Schema Keine Adapter keine Datenbank
Splunk: Engine for Machine Data
Copyright © 2012, Splunk Inc. Listen to your data.
Events Anruf Beschwerde
ZEIT t0
Root-Cause??
Tel/Mail User
Netz
Security
Systeme
Cloud
Tools
???
Prinzip Event-Management
Copyright © 2012, Splunk Inc. Listen to your data.
Events Anruf Beschwer
de
ZEIT t0
Root-Cause??
Tel/Mail User
Netz
Security
Systeme
Cloud
Tools
Speicher
Status-Werte
Mess-Werte
Log-Informationen
Service-Nachrichten
Datenpakete
Flow-Records
KPI-Ergebnisse
...
Jegliche Maschinendaten
WAS soll/kann gespeichert werden ?
Was ist Splunk?
Copyright © 2012, Splunk Inc. Listen to your data.
Was ist Splunk nun genau?
“Google” für Ihre relevanten Daten
Splunk bietet Transparenz & Erkenntnisse über alle betrieblichen Prozessen (IT+Business) hinweg in Echtzeit
19
Software –Download und Installation in 5 Min.
Splunk liefert in Ihrer gesamten (IT-)Infrastruktur für vielfältige Zwecke einen signifikanten Mehrwert
Copyright © 2012, Splunk Inc. Listen to your data.
Zentralisiert Daten aus allen Systemen
20
Indexing/Search Server
Splunk Forwarders
Universal Forwarder sendet Daten in Splunk
von entfernten Systemen
Verbraucht minimale Systemressourcen
(1%-2%)
Liefert sichere, verteilte, und universelle Daten
von tausenden Endpunkten
Copyright © 2012, Splunk Inc. Listen to your data.
Skaliert auf TB’ pro Tag und tausende Anwender
21
Automatisiertes Load-Balancing skaliert Indexierung linear
Verteilte Suchen und MapReduce skalieren Suchen und Berichte linear
Copyright © 2012, Splunk Inc. Listen to your data.
Splunk – Der Ablauf
Copyright © 2012, Splunk Inc. Listen to your data. 23
Liefert Operational Intelligenz
Drei wichtigsten Fähigkeiten
Single Data Store Single UI Übergreifend
• Data drilldown
• “Nadel im Heuhaufen”
• Root Cause Analyse/Troubleshooting
• Incident Investigation
• Live Dashboards • Event Korrelation • Monitoring und Alerting • Performance Probleme • Transaktions-Levels • SLA Tracking
• Baseline und Thresholds
• Trending
• Operational Insights
• Historical Patterns
• Compliance Reporting
Suchen/Navigieren Echtzeit Sichtbarkeit Historische Analysen
splunk> Beispiele aus dem Carrier-Umfeld
Copyright © 2012, Splunk Inc. Listen to your data.
Splunk: Operational Intelligence für Telcos
25
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processe Produkte &
Services
Gaming
Managed Services
Copyright © 2012, Splunk Inc. Listen to your data. 26
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processes Product &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
US Wireless Provider: Improving Order Activation
27
Application and activation logs feed into Splunk Single view across all smart-phone/cell activations
Enabling specific reporting and metrics per device
Efficiently troubleshoot without escalating
Single point for troubleshooting / root cause analysis for “three screens” services (cable, internet and phone)
Using Splunk to Index, Search and Analyze Application Logs and Device Activation Data
“Splunk has taken our Mean Time To Identify
(MTTI) problems from 3 hours to 3 minutes and
problem resolution down from 15 hours to 5
minutes.”
Application Servers—
9 business systems
11 data centers
SA
N f
or
Raw
XM
L
MySQL
database
Network
Management
components
Load balancer iPlanet Gateway SD
Copyright © 2012, Splunk Inc. Listen to your data. 28
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processes Product &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
Improving Customer Service with Splunk
29
All application server logs feed into Splunk Consolidate logs from disparate systems into a single view, providing visibility across end-to-end service delivery from one place
Iterative searches across all machine data to investigate, identify, and fix problems —
escalations reduced by 90 percent
Role-based secure access to logs via Splunk ensures SOX compliance
Use Splunk to index and collect all application server logs
“We’ve reduced the number of escalated
incidents by 90 percent. Our time to problem
resolution has dropped by 67 percent.”
RedHat Linux Application Servers—
VASP, WAP, Mailing,
ADSL, E-commerce
Centralizing all logs to both
Splunk and cold database
Support organization logs into
Splunk for troubleshooting
Copyright © 2012, Splunk Inc. Listen to your data. 30
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processes Product &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
Wireless Provider: Next Generation Network Visibility
31
Collect data from all applications and devices
Allows for complete monitoring on NGCDN
Enables view of any metrics including:
– VOD downloads
– Live streaming requests
– Cache usage per state / Cache contents
Real-time identification of issues and events
Measure success of new online services
Splunk to Track Connections from Customer Request to Content Delivery
Copyright © 2012, Splunk Inc. Listen to your data. 32
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processes Product &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
Content Provider Service Provisioning
33
Splunk collects data across servers and
applications
Insights shared between operations and
technical support teams
Helpdesk engineers login from a specific Splunk
servers for troubleshooting
Correlates data across different data sources
Accelerates resolution of issues and improves
customer satisfaction
Operations Team
Technical Support and Dev Team
Effectively Provision Content Across Applications and Servers
Copyright © 2012, Splunk Inc. Listen to your data. 34
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processes Product &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
Pre-Paid Billing and Account Insight
35
Leading Asian Telco Improved Visibility and Targeting with Splunk
Business insight into pre-paid billing data
Identify accounts with high pre-paid balance
– Target for subscription conversion
– Abnormally high balance for follow-up
Pre-paid account expiration
– Target for promotion
Voucher popularity analysis
– Determine which vouchers are popular
Copyright © 2012, Splunk Inc. Listen to your data. 36
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processes Product &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
SaskTel: Effectively Managing Network Fraud
37
Jerrad DeBolt Technical Analyst
Provided fast visibility of network
abusers in one dashboard
Correlated subscriber usage logs,
literally millions of lines long
spanning multiple systems
Created centralized data engine for
gathering business and IT
operational intelligence
“Splunk is the one place we go to find our heaviest ‘users’ and
heaviest ‘abusers’. Within the first month we terminated
enough rate plan abusers to pay for Splunk.”
Copyright © 2012, Splunk Inc. Listen to your data. 38
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processes Product &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
Splunk for MMS Record Analysis and Insight
39
Analyzes MMS records across the delivery
network
MMS delivery investigation
– End-to-end visibility into process
– Quick access to customer info /
transactions
– Rapidly identify issues / faster resolution
MMS Performance – Transaction volumes
by MMS Type
Mobile WAP Usage Patterns
– Most popular sites
– Average web server response time
Copyright © 2012, Splunk Inc. Listen to your data.
CDR Visibility for Better Business Performance
40
Analyzes call detail records (CDRs) with
tariffs from long-distance partners
CDR volumes of over 1 TB per days
Accurate determines lowest cost per call
destination
Optimizes call routing based on CDR
insight to route call to lowest tariff partner
Improves profitability through effective call
routing
Leading US Wireless Provider Using Splunk for CDR Analysis
Copyright © 2012, Splunk Inc. Listen to your data. 41
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processes Product &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
Ensuring PCI Compliance with Splunk
42
PCI: a Path to Process Enhancements
Meet PCI Section 10 requirements:
Track and monitor all access to network resources
and cardholder data
Tracking more than 26 applications; ~1000
servers; 70+ users of Splunk
Better security: roles set up for managers on each
of these 26 teams
Scales with growing in-scope data
Use Splunk to Index, Collect, Search and Report on all In-Scope PCI Data
PCI Compliance
Unified Logging
Enhanced Security
Help Desk
Better BI “Gaining visibility of all our machine data can
truly give us the insight we need to run a more
secure and effective business.”
Copyright © 2012, Splunk Inc. Listen to your data. 43
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Representative Business Processes Product &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
Taiwan Telco: Content Delivery and Web Analysis
44
Analyzes data across mobile and web
delivery platforms
Insight into: – Mobile portal visits – Most popular content – Website volume by time
Ad click analysis – optimize delivery of
ads based on value
Individual ad performance metrics
Mobile content / portal usage by
subscribers
Copyright © 2012, Splunk Inc. Listen to your data. 45
Order Management
Customer Care
Provisioning
Service Assurance
Content & Service Delivery
New Product Introduction
Billing Network
Management
CDR Management
Security & Compliance
Internet
Wireless
Digital TV
Home Phone
Relevante Business-Prozesse Produkte &
Services
Gaming
Managed Services
Beispiele aus diversen Geschäftsprozesse und Kunden Lösungen
Splunk: Operational Intelligence für Telcos
Copyright © 2012, Splunk Inc. Listen to your data.
Enabling the Mobile Gaming Platform
46
Splunk Delivers Insight Across the Mobile Gaming Platform to Drive Revenues
Understand game operations status
– Which games are performing well
– Which games are being played
– What is causing issues?
Get visibility into games statistics
– Games being played the most
– Games being purchased the most
– Handset use for different games
Fine tune platform to drive higher
revenues and deliver a better customer
experience
Copyright © 2012, Splunk Inc. Listen to your data.
Durchgängig flexibel Schnelle Ergebnisse
Splunk: The Engine for Machine Data
Alle Daten
47
• Jedes Format, von jeder Quelle
• Daten bleiben zu 100% über Monate/Jahre erhalten
• Durchgängiges Daten Management
• Unterstützt Analyse, Reporting und
Monitoring “über IT Silos” hinweg
• Sehr flexibles Dashboards zeigt
jeden Blickwinkel fuer jeden User
• “Adapts to change”—Schema-on-
the-fly Design unterstützt neue und
unerwartete Daten
• Installation in Minuten
• Kann einfach wachsen—vom Laptop bis zum Datacenter
• Mehrwert in Wochen, nicht Monaten oder Jahre
Zusammenfassung
Live Demo
Fragen?