The .conf 2019 experience:
Splunk .conf 2019! My second Splunk conference and this year it was hosted in the ‘entertainment capital of the world’ – Las Vegas! Like the previous conference in Orlando Florida, the location is not the only impressive thing about .conf – It is a rare gathering of thousands of people with a common interest in using data to create real-time actionable insights that may otherwise remain as simple rarely used log files, often only utilised by an organisation when a disaster has already occurred. In other words, the common goal is to “Turn Data into Doing”.
This year’s .conf had many useful talks on the bleeding edge capabilities of Splunk – for example: metrics indexing (getting simple data points into Splunk in quicker time), updates to the Machine Learning toolkit (more enhancements for predictive modelling such as the ability to utilise your own algorithms) as well as several interesting new products such as Splunk Investigate and Splunk’s Data Stream Processor, giving Splunk consultants greater ability to answer increasingly complex questions for their customers in a shorter period of time.
My Favourite Session:
On top of the above, there was one talk that I attended that stood out from the crowd – “Allied Irish Banks – Monitoring Payments with real time insights using Splunk and ITSI”. This talk looked particularly interesting because of the following points:
- Operational monitoring within Financial Services – an industry that iDelta has much experience in.
- Real time monitoring with ITSI – Something we do on an almost daily basis at one of our key customers.
- The similarity of the use case – What can we learn to do better from AIB? Can we give them knowledge on our experience?
The key points I learned from this talk were numerous:
- Predictions using machine learning are important when monitoring critical 24×7 services – but only when implemented correctly!
- Business key performance indicators are most important – how many customers are being impacted is more important than the performance of a particular device or application.
- Learn what normal looks like – what trends exist when the service is good vs. when the service is bad?
- ITSI Deep Dives can be very useful in learning how different KPIs are affected by an issue. Check the example in the screenshot below that shows this layered insight into database performance, similar to a deep dive shown in the talk.
- “Agree what Critical means” – This is key when working to deliver any monitoring solution. The monitoring developer and the support team must be on the same page when choosing to set thresholds, defining what KPIs are important and deciding why and when support should be called out.
To summarise, it is clear from this talk (and many other similar talks), that the future of operational monitoring in an enterprise is quickly changing and using tools like Splunk and ITSI are imperative to understand where a problem is occurring in a short amount of time. The ‘mean time to resolution’ is the key metric that directly correlates with customer satisfaction, especially in online businesses that require 100% uptime to serve their customers. The effectiveness of your real time monitoring will soon depend on the adoption of technologies such as AIOps, machine learning, predictive analytics and automation – Splunk can help ease and accelerate that journey – if you don’t, your business may be left behind…
If you liked the sound of this session you can check listen to the recording here – IT1648 – AIB IRELAND – Splunk/ITSI monitoring of time critical Payment Business Flows with real time insights into health of Mobile and Payment Applications
Or read the slides here – IT1648 Slides