BT

Splunk Enterprise 6.2 Supports Instant Pivot and Enhanced Event Pattern Detection

| by Srini Penchikala Follow 40 Followers on Dec 21, 2014. Estimated reading time: 2 minutes |

The latest version of big data analytics tools Splunk Enterprise and Hunk support instant pivot, enhanced event pattern detection, and prebuilt dashboard panels. Splunk Inc., provider of the software platform for operational intelligence, recently announced the release of version 6.2 of Splunk Enterprise and Hunk, Splunk analytics tool for Hadoop and NoSQL data stores.

Splunk Enterprise 6.2 delivers data analysis and pattern detection that enables users across IT and the business to discover relationships in their data and build advanced analytics.

New features in Splunk Enterprise 6.2 include:

  • Easier Data Onboarding: New data wizard makes it easier to onboard any machine data. New interface guides users through previewing, onboarding and preparation of machine data for downstream analysis.
  • Advanced Field Extractor: This feature provides the identification, naming and tagging of fields in machine data for rapid analysis.
  • Instant Pivot: The Instant Pivot feature allows the users of all roles, to pivot directly from any search, enabling analysis and creation of dashboards without the knowledge of Splunk Search Processing Language.
  • Event Pattern Detection: Event pattern detection speeds data analysis by automatically grouping similar events to discover meaningful patterns in the underlying machine data. 
  • Search Head Clustering: This reduces the total cost of ownership by increasing concurrent user capacity and eliminating shared storage requirements. 
  • Prebuilt Panels: Prebuilt dasboard panels enable faster dashboard creation by providing the ability to create, package and share reusable dashboard building blocks.
  • Simplified Management: Distributed management console delivers a new interface to centrally monitor the health and performance of distributed Splunk Enterprise deployments, in one place.

Hunk enables the capability of exploratory analytics on the data stored in Hadoop and NoSQL data stores. It connects to Apache Hadoop including the leading Hadoop distributions: Cloudera CDH, Hortonworks Data Platform, IBM InfoSphere BigInsights, MapR M series and Pivotal HD.

On the NoSQL data store side, there are prepackaged Splunk Apps to connect to Apache Cassandra, MongoDB, Sqrrl for Apache Accumulo, and other data stores.

In addition to the option of on-premise deployment on Hadoop clusters, Hunk is also available in the cloud from Amazon Web Services (AWS). This comes with preconfigured instances of Hunk software installed on Amazon Elastic MapReduce (EMR). It is priced by AWS on an hourly basis for data in EMR and storage service (S3). This deployment option can be used to decrease time to value for customers who are looking to run analytics on the data they have been storing in Hadoop without having to install Hunk in their data centers.

New features in Hunk 6.2 include:

  • Hunk Sandbox: The sandbox helps to learn Hunk interactive search and analytics in a single download that runs on the leading operating systems, without having to set up a Hadoop cluster. 
  • Hunk Apps: Search, analyze and visualize data in NoSQL and other data stores using prepackaged Splunk Apps, including the Hunk App for MongoDB and Sqrrl App for Hunk (Apache Accumulo). The apps can also be used to gain insight into the health of AWS Elastic Load Balancing services with the Hunk App for AWS Elastic Load Balancing.
  • Amazon EMR Console: Customers can leverage automatically configured Hunk instances provisioned by AWS, priced hourly, for data in Amazon EMR. 

Customers who are currently using AWS GovCloud or who would like to use Hunk with long-running clusters, Splunk is offering annual-term Hunk licenses.

Users can download Splunk Enterprise or try it as a cloud service through the free Online Sandbox. Hunk can also be downloaded from Splunk website.

 

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss
BT