New Versions of Splunk Enterprise and Hunk Extend Data Insight

The operational intelligence specialist announces new versions of its Splunk Enterprise and Hunk platforms for collecting, indexing and correlating machine data.

Operational intelligence specialist Splunk is seeking to drive its machine data-generated insights deeper into the enterprise than ever before.

Splunk Unveils New Splunk Enterprise, Hunk

Today, Splunk unwrapped Splunk Enterprise 6.1 and Hunk 6.1, both of which feature new embedded capabilities that allow Splunk reports and tables and Hunk charts and dashboards to be embedded into third-party applications.

"The mission that continues to inspire us, and what we've been pioneering is to make machine data accessible, usable and valuable to everyone," says Sanjay Mehta, vice president of Product Marketing at Splunk.

"Hunk can also help to tighten integration for the many joint customers who use both Hadoop for complex data aggregation and MongoDB for document storage."

-- Matt Asay,MongoDB

"This means the people using those tools don't need to use Splunk," he adds, noting that Splunk users can now enable any Splunk report or table to be embedded in applications like, WordPress, Wiki Microsoft SharePoint, etc.

Even alerts can now be embedded with machine data context in Splunk Enterprise, which Mehta says reduces the mean-time-to-resolution (MTTR) by helping a user or system more quickly understand what triggered the alert and why.

"We generate a lot of alerts and often direct them outside of our environment to partners such as mobile operators," says Nick Hills, vice president of Technology with Cognia, a Splunk Enterprise customer that provides communications capture, storage and analytics solutions for global enterprises and storage providers. "Being able to add better explanation and detail delivers a huge benefit to our business and customers."

Splunk Enterprise Introduces Multi-Site Clustering for Continuous Availability

But embedding operational intelligence is only a piece of the new releases. With Splunk Enterprise 6.1, a major theme is delivering continuous availability for mission-critical machine data. In the previous release, Splunk enabled high availability for single-site deployments. The latest release extends that with multi-site clustering that delivers continuous availability for deployments that span multiple sites, countries or continents by replicating raw and indexed data in a clustered configuration.

Splunk Enterprise also aims to provide a performance increase when using multi-site clustering through a technology it calls Search Affinity, which routes search and analytics requests to the nearest cluster with the requisite data, increasing performance and reducing network usage.

"Splunk Enterprise 6.1, though multi-site clustering, provides a way for us to meet one of the most important objectives at Middlesex Hospital," says Ant Lefebvre, senior systems engineer with Connecticut's Middlesex Hospital, one of the top 100 hospitals in the U.S. "It helps us protect and meet the needs of our patients by keeping the hospital's critical systems running even in the event of a single-site outage."

Mehta says that Splunk also worked to improve its enhanced interactive analytics in the new Splunk Enterprise release, with new features that include a dashboard editor that allows you to leverage the UI to build advanced dashboards without requiring advanced XML coding, chart overlay that improves data analysis by providing the capability to overlay one chart on another, contextual drilldown in a dashboard panel without leaving the dashboard itself and enabling pan and zoom controls in Splunk charts.

Hunk Now Handles NoSQL Data as Well as Data in Hadoop

Meanwhile, with the release of Hunk 6.1, Splunk extends Hunk, which provides Splunk analytics for Hadoop, to provide those same capabilities to streaming resource libraries for NoSQL data stores like MongoDB, Apache Accumulo, Apache Cassandra and Neo4j.

"Helping organizations to search and visualize in Hunk from JSON documents stored in MongoDB, with indexing on any attribute, is a powerful new out-of-the-box capability," says Matt Asay, vice president of Business Development and Marketing at MongoDB. "Hunk can also help to tighten integration for the many joint customers who use both Hadoop for complex data aggregation and MongoDB for document storage by putting data from both environments on one set of dashboards."

New features in Hunk 6.1 include the following:

  • Report acceleration. This feature transparently caches search results in Hadoop rather than in other stores, improving reporting response times and performance without moving the data. Mehta notes the cache is additive, driving more efficient utilization of Hadoop resources as the amount of data grows and the number of queries increase.
  • Interactive dashboards and charts. Like Splunk Enterprise, the new release of Hunk delivers a dashboard editor that allows you to rapidly build new custom dashboards, along with features like charting overlay, pan-and-zoom controls and in-dashboard drilldowns.
  • Support for multiple file formats. Hunk 6.1 automates access to text files, sequence files, Record Columnar Files (RCFile), Optimized Row Columnar (ORC) files and Parquet columnar files.
  • Pass-through authentication This feature enables the submission of MapReduce jobs and secure access to Hadoop clusters using the authenticated credentials and roles assigned by IT.

Follow Thor on Google+

Thor Olavsrud covers IT Security, Big Data, Open Source, Microsoft Tools and Servers for Follow Thor on Twitter @ThorOlavsrud. Follow everything from on Twitter @CIOonline, Facebook, Google + and LinkedIn.


Copyright © 2014 IDG Communications, Inc.

Download CIO's Winter 2021 digital issue: Supercharging IT innovation