Steve Sommer, vice president of marketing at Splunk, claimed that Splunk 4 has been advanced with four key improvements. He said: “It now has distinctly higher performance, scalability and in its ability to search events. It is ten times faster and 100-150 times faster than any other log management system we know of.
“It also has enterprise-wide usability, as users can now create dashboards so CISOs can use it and go directly to an event. The enterprise manageability has been made possible by massive deployments, as people want the ability to report any instance.
“Finally we are pushing Splunk 4 as an IT application, it is intended for compliance so customers can create applications. It can index massive amounts of data and fill a big gap on web analytics.”
Johnathon Cervelli, senior product manager search platform at Splunk, claimed that when it ‘eats' data you do not need to tell the system what data it is as it reads it and analyses it. "Soon you have a box full of information to look at. You can also catch a smoking gun just by searching for it, and you can see what was done five minutes ago.”
Although the system does not have the ability to work in real-time, Cervelli claimed that it can produce a report a few seconds later.
“Up to Splunk 3 it was more about making it easier, faster and better. With Splunk 4 we take that to the next level. Imagine the amount of agencies and organisations that want to sift through terabytes to find threats,” said Sommer.
Splunk 4 is available as a free download for up to 500MB of data processed, licenses are available for up to 1GB and up.