Prelert Automates Detection of Anomalies in Splunk Data

PerformanceManagementOne of the great things about Splunk as both an Operations Management tool and as an Application Performance Management tool is the ease with which an astonishing variety of data sources can be fed into the Splunk data store. Splunk automatically indexes this data based upon time stamps, and stores it in a back end data store that scales out horizontally on commodity servers with commodity storage. This means that Splunk one of the very few management solutions that can scale out to accept the tsunami of management that is generated across the infrastructure and application stack in a modern dynamic or cloud based environment.

The Splunk Architecture

The wealth of data sources that can be collected an indexed by Splunk are shown in the left portion of the image below. The scaled out architecture that is how Splunk can keep up with the management data tsunami is shown in the rest of the diagram.

Splunk Big Data Architecture

Now we come to the part about the good news and the bad news. The good news is that Splunk is able to be your management data store across your physical hardware, virtualization layer, operating system layer, application infrastructure layer (middleware) and the layer comprised of the applications themselves.

The bad news is that until today, if you wanted to pull all of the data together than pertained to a particular application, you had to be an expert in the topology of that application (where does it run), the virtual and physical infrastructure that supports that application (what is it dependent on) and on how to tie disparate data sources together in Splunk to create a cohesive view or dashboard. Organizations with a few (or one) mission critical application that was of such high value that it warranted a dedicated support team could easily justify the investment in learning required to pull this off. Organizations with thousands of business critical and performance critical applications saw this as an infinitely high cliff.

The Prelert Anomaly Detective for Splunk

The Prelert Anomaly Detective automatically learns the normal patterns of the Splunk data. It then automatically identifies anomalous behavior in the Splunk data and uses the ability of the Splunk Query Language to find cross-correlated data and events.

Prelert Anomaly Detective for Splunk

The Prelert Anomaly Detective allows for a significant advance in how customers use Splunk and its data. Today most customers use Splunk as a forensics tool to find the problem, after some other tool or user has reported the problem. The combination of the Prelert Anomaly Detective with Splunk allows Prelert to notify customers of anomalies that the customer did not even know to go look for and that can easily be leading indicators of problems that have not yet been reported.

The complete Prelert announcement is here – “Prelert Introduces Anomaly Detective, an Advanced Predictive Analytics Solution for Splunk Enterprise Environments

VDI Stall: VDI Appliances solve the hardware problem so, what next?

DesktopVirtualizationWe’ve discussed the fact that VDI appliance makers were making good progress simplifying adoption of a virtual desktop infrastructure.  An appliance-based route to market can be seen as win-win: being designed both to reduce cost and complexity of implementation (for the customer) and shorten sales cycles (for the vendor). So goes the theory. To understand this theory further one VDI appliance vendor, Pivot3, commissioned Dimensional Research to survey global IT in order to get real-world insight into the state of VDI.

The survey showed that over 80% of respondents had VDI in their current strategy. Over 50% of those deploying VDI would utilize new hardware. What was perhaps more interesting was that traditional stall points of VDI, hardware complexity and security, took a back-seat in a list of concerns. The appliance model was undoubtedly popular, but if that problem is solved – what were the main concerns of organisations?

Continue reading VDI Stall: VDI Appliances solve the hardware problem so, what next?

Cloud Products and Services

CloudComputingCloud products and services are only in their infancy, but new and exciting technology is being released at an incredible rate. One example of something new is Kim Dotcom’s newly launched Mega cloud storage service with its free 50GB of storage. What really got my attention with this announcement was that the data would be stored encrypted; it is nice to see security being built into the offering from the beginning. There are a few bugs that are being reported, but hopefully it is the start of the push to secure the cloud.

With all the application and services that are available, does the average small business need the expense of physical infrastructure within their organization?  I just had a meeting with a client, and we talked about consolidating their physical infrastructure as much as possible and then migrating what was left to the cloud. During our conversation, we broke down the different applications that were needed to run the business, to look at these applications separately. Continue reading Cloud Products and Services

News: Embotics Offers Upgrade at Net-Zero Cost for VMware Lab Manager Customers

Embotics100x30With VMware Lab Manager end-of-life looming, Embotics  is offering a competitive upgrade program that allows customers to exchange Lab Manager licenses and support for Embotics licenses and support for the same net cost that the customer is currently incurring for their existing licenses.

Continue reading News: Embotics Offers Upgrade at Net-Zero Cost for VMware Lab Manager Customers

News: Hotlink Enables Cross-Platform Cloud Management

Hotlink100x30HotLink® Corporation, the market leader in transformation solutions for heterogeneous virtualization management, today announced the latest release of its flagship product, HotLink SuperVISOR™ for VMware vCenter – the only technology to extend VMware vCenter management capabilities to Microsoft Hyper-V, Citrix XenServer and Red Hat Enterprise Linux (KVM). Continue reading News: Hotlink Enables Cross-Platform Cloud Management

Evaluating Clouds

CloudComputingWhen evaluating clouds there are three major criteria that are used first before we get into the nitty gritty of how the system works. The criteria is not always in writing but it is in the back of everyone’s mind and in many cases are nebulous to define. Herein, I will try to look at those criteria in order to aid others in making the same decisions I have had to make lately while evaluating clouds. Continue reading Evaluating Clouds

Cloud Computing News, Resources, and Analysis