Dunkin’, which installed an on-prem version of Splunk at the urging of its security team, takes an approach of “index everything” when it comes to the data it collects under the assumption you never know what you might need it for, Kraft says (Dunkin’s enterprise license supports 100GB of ingested data). The company started using Splunk for basic IT operations data, such as server health and application monitoring, but has come to rely on the software increasingly for gaining visibility into consumer behavior, ranging from loyalty program password problems to marketing campaign adoption to fraud. One example: Keeping an eye on how many customers were using Apple Pay under one promotion that gave them bonus rewards from a finite pool of money.
More business-facing dashboards will be developed using Splunk going forward, and this includes tracking how online ordering goes, Kraft said. Doing so with traditional BI tools would be much more challenging, he said. While Dunkin’ has already seen data research requests to engineers drop to nearly zero, the company is giving even more thought now to how it actually logs data so that queries are easier to build in Splunk, Kraft added.
Athenahealth: Splunk security supporter
A recurring theme among Splunk customers is the product’s flexibility. Jake McAleer, senior manager for IT security at Athenahealth, says flexibility is key for the Watertown, Mass.-based provider of web-based portals for doctors’ offices and hospitals because so much of what it does is customized.
“Because we’re a custom-developed application we don’t necessarily have a framework for consuming logs,” he said. “A lot of the stuff that’s out there is specifically designed to say ‘I’m looking for a domain controller log, I know specifically what to look for’.”
Furthermore, he said Splunk makes it easy to give users access without giving them carte blanche, and he said the software is forgiving when DevOps makes changes to apps. "It's not the end of the world" to rejigger things, he said.
Jake McAleer, Athenahealth: With Splunk, not the end of the world if DevOps makes app changes. Credit: Bob Brown/NetworkWorld
Athenahealth uses Splunk Enterprise Security regularly to consume anti-malware, anti-virus and other logs, and users employ the tool to check for patterns and craft alerts related to high value targets. The company consumes just below 400GB of data a day under its license, and has a goal of keeping 2 years’ worth of data searchable by Splunk.
A Splunk rep boasted in an event warm-up video that "There’s no place to have more fun in Las Vegas than the Splunk conference, am I right?" That sounds like a stretch, but based on the mini-Boston edition, the company's next big customer event in Orlando in September could be worth the trip.
Sign up for Computerworld eNewsletters.