What a week! With Splunk .conf 2015 behind us, we have a wealth of new features from the release of Splunk Enterprise 6.3 to discuss and start implementing for our clients.
Chief among them are the optimization improvements made to Splunk Enterprise 6.3. The improvements allow you to now search and index data twice as fast utilizing the same hardware you already own. Complex searches that used to take over an hour are now trimmed to just minutes, saving your organization time and money. Additionally, with continued product advances, the need to constantly add search heads for capacity has been greatly diminished. This means you receive better performance with less hardware, lowering your TCO for on-premises deployments.
Also of interest is the new HTTP event collector, this feature allows log collection to be embedded within your application rather than the need for a forwarder install. Utilizing this technology, logs arrive faster and with less overhead than ever before.
Splunk also introduced built-in anomaly detection which provides Splunk users with the ability to instantly pinpoint events that fall outside of normal operations and take action on them before they become a larger issue.
Finally, Splunk has greatly expanded the custom alerting options, allowing your organization to script many actions based on preset triggers.
For a quick overview of all the new features in Splunk 6.3, check out this video:
We have already upgraded to Splunk Enterprise 6.3. Let us help you with the upgrade and make sure the new features are allowing you to get the most out of your Splunk instance. Contact us to talk to one of our certified Splunk Architects today.