Driving Italian Operational intelligence at UniCredit, Yoox/Net-A-Porter & Saipem
Last week we ran SplunkLive! Italy in Milan and Rome. I was lucky enough to be in Milan and spend some time with the Splunk team but also one of our key partners, Moviri. We’ve been working with Moviri for many years and together we have delivered some outstanding examples of Operational Intelligence using machine data. Moviri is a leader in IT optimization in Italy, focusing on security, analytics, and monitoring operations. The customer speakers in Milan were UniCredit, Yoox/Net-A-Porter and Saipem. UniCredit presented their excellent story on delivering IT Operational Analytics, Yoox presented real-time security intelligence and Saipem presented on how they use the platform for multiple use cases in Oil and Gas. All three customers have gained significant business benefit from working with Moviri and Splunk to find the value in their machine data:
First up was UniCredit (their case study can be found here) who index 2.5TB of data a day, which is around 8bn events. This real-time data comes from over 180 different sources. Together with Moviri, UniCredit has built out an Operational Intelligence capability to deliver and optimize business analytics, application delivery, IT Operational Analytics (ITOA) and accounting. The UniCredit team describes Splunk as a data engine for IT and the bank. They’ve even gone as far as to replace Excel spreadsheets with interactive Splunk dashboards. My favourite quote of the day was Stefano from UniCredit stating “with Splunk you can see the forest AND the trees.” That sounded even better in Italian than in English.
Straight after UniCredit we demonstrated the power of Splunk collecting mobile data with our “Shake” demo (we hit 100,000 phone shakes per second).
— Matt Davies (@mattdavies_uk) April 5, 2016
After a break for some most excellent Italian espresso, we were straight into Saipem and how, together with Moviri’s expertise, they are using the Splunk platform to drive value from the same machine data across multiple use cases.
Saipem has 114 remote sites, 46 vessels, 3000 servers (of which 85% are virtual), 90 satellite links, 50 VOIP call managers and 300 videoconference endpoints (that works out at around 5 petabytes of data generated per day). Saipem collects machine data from its network, endpoints, IT infrastructure and servers. The full presentation is below but they spoke about a single, real-time dashboard for security monitoring showing infrastructure and application status together with user categorization. They also presented another security dashboard that shows every pillar of their security architecture, highlighting anomaly detection and predictive analysis. From an IT Operations perspective, the Saipem team is doing some equally impressive things with their machine data. They’ve built a CMDB app on Splunk to be able to browse their IT infrastructure for device geolocation and worldwide control. They’ve then extended this into software inventory, license utilization and economics analytics. Saipem has a single dashboard for all of their monitoring alerts but are also monitoring application availability for ISO27001 compliance.
Last and by no means least was Yoox/Net-A-Porter. If you’ve ever shopped online with Yoox or Net-A-Porter – you’re not alone. They process an order every 4 seconds from over 180 countries with data centers in the US, UK, Italy, China, Hong Kong and Japan. This equated to over 27 million customers and 7 million orders a year. They power a number of the world’s leading fashion brands online such as Armani, D&G, Moncler, Valentino etc. Needless to say, ensuring cybersecurity and preventing attacks is key. Yoox presented how the company has moved from a technology-oriented approach to security to an information-oriented approach by using machine data. From forensic investigation and risk management to pattern recognition and monitoring the activity of a potential attacker, Yoox gave some great advice on how to use Splunk for real-time security intelligence and how to deliver context-aware security information.
Thank you everyone who came to SplunkLive! Milan and thank you to Moviri for ensuring such wonderful customers got so much value from their machine data and Operational Intelligence. You can find out more about the Moviri and Splunk relationship here.
If you’re interested in joining us at a SplunkLive! somewhere in the US, EMEA or APAC – you can find out the nearest one to you here http://splunklive.splunk.com/. There’s also lots of great content and previous SplunkLive! presentations if you want to catch up with any of the other customer presentations over the last year or so.
Hopefully see you at a SplunkLive! soon…
[Blog post courtesy of Matt Davies, posted on Splunk Blog on April 11, 2016]