Solsys @ Splunk .conf19: What We Learned

Converting massive amounts of data into tangible business benefits has always been a primary challenge for the digital intelligence industry. We at Solsys, having delivered IT consulting services to leading enterprise businesses, understand the demand for a reliable, efficient, and versatile solution to handling organizational data.

We recently attended Splunk’s annual .conf19 conference, which featured hundreds of keynote presentations on the IT and data industry, first looks at unreleased products and vast networking opportunities with thousands of Splunk enthusiasts from around the world.

We already know what Splunk can do for businesses. There was much to learn about how the service continues to help businesses collect, parse, and act on corporate data. With significant improvements on the horizon, adopting Splunk is becoming essential for most medium-to-large organizations.

The Main Takeaways

The Splunk team has clearly been at work, providing performance improvements and new features to improve the experience. What we see as the greatest selling points mentioned this year were as follows.

1. Optimized Code Leading to Large Performance Increases

The new version of Splunk (8.0 released on Wednesday, October 23rd) overhauled the commonly-used “stats” command, resulting in 30% faster searching on the same hardware.

We’re also seeing an update to the underlying Python platform. Whereas previous versions relied on Python 2.7, the supported lifespan of which ends in January, the updated edition of Splunk will feature Python 3.7, allowing it to stay on the cutting-edge. Support for older versions will continue in the meantime.

Companies running older versions of Splunk will see substantial performance increases by upgrading to the latest version.

2. Integration of the Data Stream Processor

The Data Stream Processor is a tool that allows users to make changes, mask data, and filter and distribute events using a browser-based graphical UI. In other words, it handles data flow from the source to the destination host. This is a feature that most companies previously purchased from a third-party source. It will now become part of the core Splunk offerings

3. Addition of VictorOps

Another feature coming to the next release is VictorOps, an IT operations workflow management tool similar to PagerDuty and xMatters. Companies can trust that the right departments and teams receive the right communications during incident response. From ticketing to case escalation, Splunk is now more useful than ever for on-call management.

4. Acquisition of Phantom

Automation is something that Splunk is focusing on with their new acquisitions. In a step to eliminate human error, Splunk Phantom will now be available to handle security orchestration and automated response. When your system is experiencing technical difficulties, an event will automatically trigger a mitigation script within seconds.

Other Notable Changes You Should Be Aware Of

This year’s conference did not hold back on how remarkable the new updates will be to the IT and data industry. We recorded some of our favorite highlights.

The Push for Cloud Services

The recent Internet of Things trend has inspired the Splunk team to pursue further its cloud offerings. While the current version runs on Amazon Web Services, it’s clear Splunk is pushing hard to provide reliable managed services.

For companies unwilling to commit fully to the cloud, the team continues to push a hybrid model consisting of both an on-site service as well as a Cloud one. Clients can seamlessly integrate between both systems and take advantage of the modern benefits of the cloud while not giving up the reliability and familiarity of on-site servers.

A Fitting Rebrand

You’ve probably noticed Splunk’s new pink and orange color scheme. These bright, noticeable, and prominent colors reflect the company’s confidence that the new changes will have a bold impact on how businesses handle data.

The “Data To Everything Platform” slogan further pushes how vital it is for businesses to parse useful information out of raw data, whether they are large enterprises or regular-sized companies. This is something that Splunk clearly believes in and their push for performance and functionality demonstrates this.

How Splunk Responds to Challenges

During the conference, Splunk both acknowledged and expressed its efforts to deal with potential roadblocks in its mission.

Handling Government Regulation

Governments around the world are introducing more legislation regarding business data than ever. Laws like the European Union’s General Data Protection Regulation (GDPR) still pose a difficulty to companies seeking benefits from their data. However, Splunk is a well-known, reliable tool that can handle this new environment of regulation smoothly.

The Limitation of Cost

The vast feature set Splunk offers may still be too advanced to be in reach of smaller businesses. The cost of a license could be a limiting factor for some clients outside of the medium to enterprise-sized sphere.

The Splunk team continues to make its service more efficient and less resource-intensive, which will reduce overhead costs for some businesses.

The Current Roadmap

These changes are merely the beginning. With this year’s conferencing welcoming around 11,000 participants, Splunk has attracted far more interested clients and partners than in 2014 when attendance reached only 2,500.

Everyone involved, including us, understands that this increased enthusiasm for data-driven business solutions is a sign that the industry is advancing and that next year’s .conf20 conference is in for an even bigger showing.

As of now, Splunk currently plans on acquiring two new organizations in its ongoing effort to improve its services: SignalFx, a Cloud monitoring platform for infrastructure and microservices, and Omnition, an observability platform that’s similar to Datadog or Dynatrace.

Closing Thoughts

We had difficulty choosing the most impactful news out of everything we learned, but here are what we consider the main takeaways of this year’s .conf19 Splunk conference.

Performance Is Key

In today’s fast-moving business world, taking advantage of your data quickly and efficiently is essential. Splunk 7, the previous version, saw a 50% increase in general performance over its predecessor. The current Splunk 8 offers an additional 25% over version 7.

With no better time than now to upgrade, the many customers still using Splunk 6 are in for vastly faster searching and better data-driven solutions to business dilemmas.

Versatility Too

Splunk can now integrate with any data source and handle virtually any situation. During the event, we experienced a simulation of a company under attack. The tool was able to provide vital security information about all the systems and users, mitigating the damage and strengthening the business’s response.

The Future is Bright

We’re glad we had the opportunity to experience this year’s conference. We learned not only how Splunk works and where it was going but also how it affects new industries like banking, healthcare, telecom, and retail.

The new version of Splunk boasts significant performance improvements and a detailed roadmap of new updates down the line. Solsys is eager to see what new features and acquisitions Splunk will make.

See you next year at .conf20.

Related Resources