Last week I went to Splunk's event held at the InterContinental next to the O2 tent in Greenwich.
This was a very well attended event and I got the impression that Splunk has now emerged to be a dominant player in the DevOps area around the automation of Operational Monitoring and Fault Analysis.
What I had not realised before going to the event, although I had coincidentally been discussing the potential the week before with a former colleague at Google's event, is that Splunk now provides a credible Security Event Management toolset for use in Security Operating Centre (SOC) activities, as well as a user activity analysis tool. In fact there were some interesting case studies focusing on building Lean SOC's incrementally.N.B. Gartner now positions Splunk as the leading vendor in its magic quadrant for SOCs.
It was also interesting to hear that Splunk now has a full scale partnering programme with other technology vendors, enabling integration with both new sources of data for exploitation within Splunk as well as value adds to Splunk, thus offering greater levels of automation.
However, Splunk was a little vague about future directions for the toolset. However, there does appear to be an opportunity around Application Cost Management and hooks into general Application Portfolio Management. This arises because to use Splunk effectively, you have to build a model of each application monitored which covers all the infrastructure (physical or virtual) elements used within an application in a similar manner to the models used in OBASHI or TBM (which are 2 similar but competing approaches to cost management) or in architectural tools such as Troux (now Planview) and alfabet used for application portfolio management.
This would enable a more integrated approach to some aspects of managing an application estate, gathering technical condition and cost information together to support continuous portfolio management.
No comments:
Post a Comment