Splunk in a production environment is a must-have today
Overall Satisfaction with Splunk Enterprise
Production line quality monitoring and searching for patterns, leading to outages. Usually scan and fix tasks, finding an event, that leads to an outage.
Two main ways of using Splunk prevail: ad-hoc analysis, and monitoring and alerting.
In some applications with two production lines, Splunk connected directly to the controllers and monitored data in real time. In other applications, we analyzed logs from 5 systems, among others application server logs, database server logs, production line measuring PCs. In total 5 systems had to communicate and an error on DB server sometimes caused outages on the production line. Splunk helped to find patterns in these incidents. We then set up a monitoring app to provide early indication of a potential upcoming outage.
Two main ways of using Splunk prevail: ad-hoc analysis, and monitoring and alerting.
In some applications with two production lines, Splunk connected directly to the controllers and monitored data in real time. In other applications, we analyzed logs from 5 systems, among others application server logs, database server logs, production line measuring PCs. In total 5 systems had to communicate and an error on DB server sometimes caused outages on the production line. Splunk helped to find patterns in these incidents. We then set up a monitoring app to provide early indication of a potential upcoming outage.
Pros
- Parsing huge amounts of data, structuring data, or at least helping to find a structure
- Very good performance.
- Very good graphical representation of data, findings, report creation
Cons
- I really cannot, since after a year we are still discovering more and more possibilities with the product. One specific wish of a manager was: can we work with the reports offline? (e.g. on the airplane) we have not found a reasonable way of doing this. The only thing we came up with was exporting data and rendering specific reports in flash (web viewer) and somehow simulating reports within limited (predefined) boundaries
- Avoidance of risks in the production line is hard to translate to money. But the department managers know that this tool helps to mitigate risks. And the team grows.
- After several Proof of Concept mini-projects, Splunk was finally approved as a regular company application: We are now able to link it to live data, not only to use logs. The data science team has grown to four people and we are ready to move from incident localization and fixing to process optimization, proactive monitoring and alerting, finding trends and relationships (what precedes what).
SAP HANA, Lumira, Business Objects and Designer
ThingWorx
We use all of them. Either corporate policy, or simply because every tool has specific strengths, and it also depends very much on how keen the data analysts are in working with a particular platform. In production, where we have lots of M2M logs, Splunk is the preferred system.
ThingWorx
We use all of them. Either corporate policy, or simply because every tool has specific strengths, and it also depends very much on how keen the data analysts are in working with a particular platform. In production, where we have lots of M2M logs, Splunk is the preferred system.
Comments
Please log in to join the conversation