Splunk 4.1, released 11 months ago, introduced the capability to search live streaming data; version 4.2 enhances that by generating alerts on security issues, network performance or other issues for a system operator. Examples of alerts that could be sent include creating a new script to fix a software glitch or generating a trouble ticket for another network problem.
Also new to version 4.2 is a "universal forwarder" that delivers secure, distributed, real-time data collection from numerous endpoints on a network. In addition, the management system has been improved, and there are easier-to-understand visualizations of data metrics.
For instance, many system management programs are called "dashboards" because the user interface resembles the dashboard of a car. With Splunk 4.2, various network performance metrics actually look like a car speedometer displaying real-time CPU performance, while a measure of disk utilization resembles a fuel gauge.
This visualization is to help IT people and others in an enterprise understand and make decisions based on the data, says Sanjay Mehta, senior director of product marketing at Splunk. "By visualizing data like this, it's very easy for people on the business side to actually understand and see what's going on," says Mehta.