Splunk ties relational, machine data for better analytics
- By Rutrell Yasin
- Mar 26, 2013
Splunk is stepping up efforts to make it easier for government IT managers to identify meaningful patterns and statistical trends in far-flung data sets.
The software company just released DB Connect, which integrates structured data from relational databases with machine data generated by back-end IT systems, networks, applications and even mobile devices, giving analysts insights about the data and helping them make more informed decisions in real-time.
Using DB Connect, analysts can take data from databases and put it into Splunk Enterprise, software that collects, indexes and harnesses fast-moving machine data generated by organizations’ applications, servers and devices, whether they are physical, virtual or in the cloud. Splunk also troubleshoots application problems and investigates security incidents rapidly, helping organizations avoid service degradation or outages.
DB Connect handles the integration, so users can focus on driving better visibility and intelligence, Splunk officials said. The software is designed to help users complement existing business intelligence tools by taking advantage of machine data to make critical decisions.
"We are helping agencies integrate structured data from traditional relational databases with the machine data from IT systems, networks, applications, websites, sensors and mobile devices that is already indexed and analyzed in Splunk Enterprise,” Stephanie Davidson, director of Splunk’s federal civilian team, said in an e-mail.
Agency analysts or workers can then combine the business context of structured data with the operational context machine data provides, to create an added layer of visibility for more advanced analytics across the agency, Davidson said.
“For example, Splunk DB Connect can help agencies more effectively and efficiently identify Medicare or Social Security fraud, waste and abuse. With Database Connect agencies can monitor and detect anomalies in the system in real-time and can also review and correlate records months after fraud has been committed to help prevent future cases,” Davidson said.
Splunk DB Connect can also help organizations derive insights for IT operations and security, officials said. For example, IT operations teams can track performance, outage and usage by department, location and business entities. Security professionals could correlate machine data with watch lists for incident investigations, real-time correlations and advanced threat detection using Splunk Enterprise. And business users could analyze service levels and user activity by customer in real time to make more informed decisions, according to the firm.
Rutrell Yasin is is a freelance technology writer for GCN.