Splunk Apps for Monitoring Microso< Based Infrastructure

Copyright 2013 Splunk Inc. Splunk Apps for Monitoring Microso< Based Infrastructure Sharad Kylasam Sr. Product Manager Mike Papale So<ware Development Engineer #splunkconf

Legal NoLces During the course of this presentalon, we may make forward- looking statements regarding future events or the expected performance of the company. We caulon you that such statements reflect our current expectalons and eslmates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward- looking statements, please review our filings with the SEC. The forward- looking statements made in this presentalon are being made as of the Lme and date of its live presentalon. If reviewed a<er its live presentalon, this presentalon may not contain current or accurate informalon. We do not assume any obligalon to update any forward- looking statements we may make. In addilon, any informalon about our roadmap outlines our general product direclon and is subject to change at any Lme without nolce. It is for informalonal purposes only and shall not, be incorporated into any contract or other commitment. Splunk undertakes no obligalon either to develop the features or funclonality described or to include any such feature or funclonality in a future release. Splunk, Splunk>, Splunk Storm, Listen to Your Data, SPL and The Engine for Machine Data are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respeccve owners. 2013 Splunk Inc. All rights reserved. 2

About Us Sharad Kylasam! At Splunk for 1 year! Product Manager responsible for Splunk on Windows and Microso< Apps! Previously at Microso< for 6 years as PM in Windows Networking working on Remote Access technologies Mike Papale! At Splunk for ~ 9 months! Developer responsible for Microso< Apps! Previously at Microso< in the Online Services Division 3

Agenda Splunk Apps for Microso3 Demos 4

InvesLng to Win with Microso< Technologies Downloads! Splunk App for Windows, AcLve Directory and Exchange consistently in Top 10 downloads from apps.splunk.com! Splunk App for Windows is #1 ~75000 downloads 5

Customer and Analysts Splunk App for Windows: Our admins now have the big picture of OS and applicalon events at their fingerlps and no longer need to aggregate results individually. This improves our ownership, helping us to keep these crilcal systems online. Splunk App for Exchange: We were using a number of different tools and considering new tools to help us get a handle on a wide range of issues. Once we became familiar with Splunk and all it had to offer, we realized we didn t need a lot of other tools. We re finding new uses for it all the Lme. 451 research: "Windows presents a monitoring dilemma for organizalons of any size. The new version of the Splunk App for Windows should help simplify this monitoring challenge by incorporalng Windows data with other data generated across the infrastructure. 6

Splunk SoluLons for Microso<

Splunk Apps Supported Today Eventlogs Perfmon Admon More!!! 8

Windows Health Resource uclizacon Updates Windows Administrators need informalon on the events being generated on the Windows hosts Why are all of my servers genera1ng the same security error event? IT OperaLons Team needs to have informalon on resource ullizalon for capacity planning Do I need to add resources to my servers? Security/Compliance teams need access to informalon on patch failure/success metrics Did any of my cri1cal updates fail? 9

Demo Splunk App for Windows

Exchange Health Resource UClizaCon Message Tracking Exchange Administrators need the right tools to manage Exchange Various teams from IT to Execs need to know what resources are being used Teams need the ability to track messages Inbound/Outbound What is the status of Exchange? What resources are being used and by whom? Where are those messages?

Splunk Enterprise Exchange: The CompeLLon Performanc e Monitoring Resource UClizaCon SCOM Capacity Planning User ReporCng Message Tracking 3 rd Party IntegraCons NetIQ Plixer Promodag enow w Quest w w Support for Blackberry Enterprise Server only 12

Demo Splunk App for Microso< Exchange

AcLve Directory Health Security Audit AcLve Directory Administrators need the right tools to manage AD Security Team needs to have access to the informalon on user usage palerns Legal/HR need to track unauthorized aclvity What is the status of Ac1ve Directory? Why are users logging in from mul1ple loca1ons? Why is this user able to access sensi1ve resources? 14

Demo Splunk App for AcLve Directory

Microso< Splunk Apps Supported In Development today Microso3 App Eventlogs Perfmon Admon More!! 16

Microso< App FuncLonality! Customizable first Lme run experience! In app customizalon Dashboard builder! Encompasses funclonality from Windows, Exchange and AD apps 17

Demo Splunk App for Microso< SoluLons

Azure DiagnosLcs! Monitor applicalons which log to Azure DiagnosLc storage! App provides flexible configuralon oplons to Splunk data from the following tables: WADPerformanceCounters WADWindowsEventLogs WADLogs WADDiagnosLcInfrastructureLogs! Supports Splunk Enterprise 5.x and above 19

Other Development AcLviLes Splunk Enterprise 6! New Windows inputs! Fundamentals improvements Performance, scale and reliability ApplicaLons! Consolidated Microso< App (under development) Ongoing! Increase Microso< solulons stack coverage for supported Apps (PowerShell, SQL server, SharePoint, Lync, SCOM) 20

Summary

Summary Call to AcLon: Download and use the apps for end- end monitoring for a variety of use cases in your enterprise environment! Splunk App for Microso< Windows! Splunk App for Microso< Exchange! Splunk App for Microso< Windows AcLve Directory Call to AcLon: Contact Microso<@splunk.com to be part of the Microso< App beta program! Ongoing App expansion to cover more Microso< technologies 22

Next Steps 1 2 Download the.conf2013 Mobile App If not iphone, ipad or Android, use the Web App Take the survey & WIN A PASS FOR.CONF2014 Or one of these bags! 3 Go to related sessions listed on next slide! 23

AddiLonal Resources Related.conf2013 sessions! Windows Inputs and Microso< Apps Strategy Nolita 1 10/3 10:15-11:15! Deployment Best PracLces for Splunk Apps Monitoring Microso< based Infrastructure Brera 2 & 3 10/2 10:15-11:15! Technical Deep Dive: ODBC driver for Windows Brera 6 10/3 13:45-14:45 Visit the Microso< Booth Talk to the experts! 24

Thank You!