Splunk live! customer presentation – zoosk
Transcript of Splunk live! customer presentation – zoosk
Copyright © 2014 Splunk Inc.
Splunk at ZooskDheeraj KhannaSr. Director, Technical Operations
About ZooskServing 27M Active Members Globally
The Leader in Mobile Dating
#1Grossing App in Social Networking* on iTunes
Top 20Grossing AppOverall
The Only Global Online Dating Platform
Available in
80Countries
Translated into
25Languages
Payments in
55Currencies
* U.S.
Data Driven Recommendation Engines forMatching Consumers With What They Want
Big Data is Changing Lives
Entertainment Shopping Dating
How Our Behavioral Matchmaking™ Engine Works
A Smarter Way to DateReal-Time Matches a Person Is Likely to Be Mutually Attracted To
Capture User Interaction
Model UserBehavior
Suggest Matches
Learn About User
MessagesSent
MessagesIgnored
MessagesResponded To
Clicks
5
My BackgroundHappy Zoosker for last 18 monthsActive Splunker for 10+ yearsNeedle, Haystack, FoundI was raised in India yet I cannot stand spicy food
6
Technical Operations Charter 1. KTSR- Keep The Site Running
2. Scalability3. Availability4. Security
7
Before SplunkDecentralized LoggingLot of Silos- limited visibility between systemsTail different logs to identify issues
Longer MTTR!
8
Our Splunk Story
Started with 10GB LicenseLimited visibility– license did not span all application servers
Splunk initially used reactively as troubleshooting toolWe were not using Splunk to its maximum
potential!
How does Splunk help me...
Data-driven decisions across the enterprise
Capacity Management
Root cause analysis
Proactive alerting
User/Usage analytics
Zoosk Releases
Security and forensics
10
Splunk Design at Zoosk
11
Splunk at Zoosk Today
100 GB license250 Splunk forwarders3 Splunk clusters, 2 indexers/clusterIndexing all data – syslog and application logsIntegrated to LDAP system, Ganglia and NAGIOSApps: SoS, Deployment Monitor
12
What I Like about SplunkReduce MTTR– Identify patterns from outliers– Resolution time lowered from hours to minutesBetter reporting– Exec Dashboards– Proactive reports and NotificationsOpex SavingsBetter PCI Compliance
13
Wish List ..
Index usage – Difficult to discern accurate data– Splunk license usage app only provides
estimatesRestrictive server roles – Need a separate management server for
cluster management
14
What’s Next: Security
Data detection– Gathering instead of huntingIncident Response– Don’t chase the information, let it come to youCreate a paradigm shift– Re-think the relationship between your systems,
processes, and people– The traditional tools won’t save you
15
What’s NextViability of Hadoop Connect at ZooskExplore usage of HunkIncrease usage of Splunk as alerting platform(for OS specifically)Better usage of syslog data
Thank You