Unstructured data accounts for as much as 80% of most companies’ network traffic and stored information. This “Big Data” traditionally took too long or cost too much to process and analyze. However, emerging Big Data initiatives stand to transform vast untapped resources from a costly storage challenge into vital business intelligence used in marketing, product development, stock trading, genetic research, and more.
Big Data promises huge gains in productivity and competitive advantage by distributing the massive workload of preparing data for analysis among large numbers of servers. To make it all work, IT departments need greater visibility into networks and applications in order to prioritize, filter, and synthesize information.
Introducing Splunk with Ixia Anue NTO
Big Data is being captured and analyzed as never before by a new generation of software vendors such as Splunk. Splunk gathers and collates massive amount of data from disparate sources and provides the ability to search that data for information of interest. Millions and millions of data points are available for analysis.
Such searches sift through the massive amounts of Big Data. The results are invaluable for isolating network troubles. Capturing the actual source packets is also helpful for root cause analysis. However, due to the enormous number of data points gathered it can be impractical, cumbersome, and expensive to correlate and store source packets relating to every single data point.
The ability to capture packets for targeted search results is ideal, and Ixia Anue Network Visibility Solutions has developed integration for Splunk which enables such intelligent packet capture.
Using the integration, Splunk is able to signal the Anue Net Tool Optimizer (NTO) as to when, where, and what it should forward to a packet recorder tool. Search strings of interest are identified by the Splunk user, and when they occur, Splunk automatically passes the desired search string argument (e.g., IP address of rogue host) to the Anue NTO which then dynamically filters and forwards only the relevant network packets to selected packet recorder/analyzer.
With this capability an audit trail of the needed packets are now available (without using up unnecessary storage resources). In addition, the integration maintains a log file of the targeted captures making is easier to find the relevant packets at a later date.
A new document, Technical Note: Integration of Anue with Splunk Overview, is available for interested parties. This document offers insight into using the integrated products for targeted searches.