TURN UP THE

VOLUME ONE
MORE NOTCH
MORE OPPORTUNITIES, MORE UPDATES
AND MORE SUCCESS WITH SPLUNK

Your guide to Splunk’s

PLAY NOW new products and updates
CONTENTS
03 Intro: the news customers want to hear

04 The story: customer challenges and how Splunk can help

07 Solutions for IT markets

13 Solutions for security markets

21 Platform updates

24 New resources for partners

INTRO

THE NEWS CUSTOMERS

WANT TO HEAR…
At .conf18, we turned up the volume with brand new products and big benefits.
Now we’re back for the spring launch with even more product information, new
updates, and new products in GA. It’s time to Turn Up the Volume one
more notch.

This is your opportunity to boost sales, create new opportunities and deliver the
best benefits for your customers, empowering them to find and fix issues faster
than ever, with a single platform view of security operations.

Inside the playbook you’ll discover our latest products and updates, the benefits
for your customers, and key ways to amplify your opportunities with the Splunk
data platform, Splunk Cloud™ and Splunk® Enterprise. These are the solutions
that give customers end-to-end visibility of their security and IT environments,
enabling them to investigate the expanding universe of addressable data, act on
AI and ML powered insights and monitor IT, security, IoT and business operations.
THE STORY: CUSTOMER
CHALLENGES AND HOW
SPLUNK CAN HELP
3 KEY CHALLENGES THAT YOUR CUSTOMERS ARE FACING.
AND 3 SIMPLE WAYS TO RESOLVE THEM.

It’s time to empower the leaders of digital transformation and unlock even
greater opportunities for your biggest Splunk successes yet.

It begins with connected experiences and AI-powered insights. The solutions

that enable organizations to predict problems before they occur, transform
data accessibility and drive operational productivity across IT, security and IoT.

To boost your sales, talk to your customers about their most pressing
challenges. We’ve identified 3 of the biggest ones we see for customers.
And 3 ways that Splunk solutions solve their toughest pain points.
 CHALLENGE 1: CHALLENGE 2: CHALLENGE 3:
MY DATA IS CHAOS WE’VE GOT DATA SILOS I CAN’T ACCESS MY DATA
WHERE AND WHEN I NEED TO

It’s messy, inaccessible and it means we can’t identify We can’t resolve issues quickly and we’ve got Our lack of collaborative tools is leading to limited visibility
problems on time or within SLAs. redundant processes. of data, poor collaboration and slow decision making.

HOW TO RESPOND: HOW TO RESPOND: HOW TO RESPOND:

Splunk solutions are built for operational excellence Splunk simplifies operations with one data platform Splunk brings you connected experiences
Proactively investigate and monitor issues faster. Analyze business outcomes from a single place. Empower every operational customer to make
informed decisions.
• Predict and prevent outages: Splunk IT Service • Deliver a unified monitoring experience across services,
Intelligence (ITSI) apps, and infrastructure for all your teams: ITSI • Make data accessible to non-technical users:
• Predict health across your environment: Splunk Platform • Simplify data ingestion for easy operations: UBA NEW! Connected Experiences
• Detect, investigate and remediate threats faster: Splunk • Reduce time to acknowledge and resolve incidents: • Increase productivity with shared insights: ITSI
Security Operations Suite Enterprise Security (Enterprise VictorOps (VO) • Get real-time transparency into customer funnels and
Security + User Behavior Analytics + Phantom) • Unlock one security infrastructure: Phantom processes: NEW! BusinessFlow
• Get critical security alerts delivered to you via email or
unlock real-time messaging: Splunk Security Operations
Suite (ES + UBA + Phantom)
• Ensure better and faster decision making: VictorOps
 CHALLENGE 1: CHALLENGE 2: CHALLENGE 3:
MY DATA IS CHAOS WE’VE GOT DATA SILOS I CAN’T ACCESS MY DATA
WHERE AND WHEN
I NEED TO

It’s messy, inaccessible and it means we can’t identify We can’t resolve issues quickly and we’ve got Our lack of collaborative tools is leading to limited visibility
problems on time or within SLAs. redundant processes. of data, poor collaboration and slow decision making.

HOW TO RESPOND: HOW TO RESPOND: HOW TO RESPOND:

Splunk solutions are built for operational excellence Splunk simplifies operations with one data platform Splunk brings you connected experiences
Proactively investigate and monitor issues faster. Analyze business outcomes from a single place. Empower every operational customer to make
informed decisions.
• Predict and prevent outages: Splunk IT Service • Deliver a unified monitoring experience across services,
Intelligence (ITSI) apps, and infrastructure for all your teams: ITSI • Make data accessible to non-technical users:
• Predict health across your environment: Splunk Platform • Simplify data ingestion for easy operations: UBA NEW! Connected Experiences
• Detect, investigate and remediate threats faster: Splunk • Reduce time to acknowledge and resolve incidents: • Increase productivity with shared insights: ITSI
Security Operations Suite Enterprise Security (Enterprise VictorOps (VO) • Get real-time transparency into customer funnels and
Security + User Behavior Analytics + Phantom) • Unlock one security infrastructure: Phantom processes: NEW! BusinessFlow
• Get critical security alerts delivered to you via email or
unlock real-time messaging: Splunk Security Operations
Suite (ES + UBA + Phantom)
• Ensure better and faster decision making: VictorOps
TURN UP THE
VOLUME WITH NEW
FUNCTIONALITY
Uncover the biggest benefits from our latest updates and find
out the best ways to start new conversations with the right target
audiences. We’ve split our solutions into three sections to give you
a clear way forward.
RESOURCES

SPLUNK IT SERVICE
INTELLIGENCE (ITSI) 4.2
Now with Splunk App for Infrastructure (SAI) 1.3.
One unified monitoring experience for all your teams

WHAT’S NEW?

Now, when organizations purchase ITSI, they also get SAI for free. It is a winning
combination that provides infrastructure monitoring and troubleshooting, while
giving system administrators and site reliability engineers the power to investigate
infrastructure-related problems. This unified IT monitoring experience works across all
teams, enabling organizations to centralize their monitoring strategy and focus on what
matters – customer satisfaction.
RESOURCES SPLUNK IT SERVICE INTELLIGENCE (ITSI) 4.2

UNLOCK THE TARGET THE  TART EVERY CONVERSATION

S
BENEFITS RIGHT PEOPLE THE RIGHT WAY

• S
 implified and modernized systems and operations: VP / Director of IT Moderniziation
giving organizations a simple way to consolidate their
tool chain and unify data with service context. This brings • Makes and influences buying decisions, team visions • What kinds of challenges do you have with the portfolio
service context to infrastructure health for actionable data and strategies of tools and processes that your different IT teams use?
and meaningful insights • Wants tools that can ensure overall system, service and • Do you find your teams keep adding on more tools rather
infrastructure reliability than consolidating?
• E
 nd-to-end visibility for faster resolution of problems: • Do your teams have trouble relying on what they have first?
with unified problem management and root cause IT Operations / Network Operations Center (NOC)
analysis. Users can prevent outages, ensure uptime, • Utilizes portfolio of tools to monitor, investigate and Performance
efficiently maintain performance and extend noise respond to issues • How many different tools or processes do your teams have
reduction capabilities to infrastructure • Wants to investigate, understand and resolve issues in to rely on to monitor, to investigate problems, and to take
a simple way action to resolve them?
• Increased collaboration and productivity: with shared
insights across teams through a common experience and
improve workflows. Infrastructure and ops teams can focus Tool Manager / Tool Architect Productivity
on what matters — reducing noise, setting meaningful • Monitors tool ecosystem, strategy and implementation • What kinds of challenges do you have sharing insights and
alerts, and getting fast time to value • Wants the right tools for the right teams to critical data across teams?
maximize value • What kinds of challenges do you have making sense of the
breadth of data to know where to act and when?
RESOURCES

SPLUNK
BUSINESS FLOW
WHAT’S NEW?

All of it! A new product, Splunk Business Flow brings business operations professionals
continuous visibility of end-to-end business processes. Now they can understand the
bottlenecks or fallout in their processes to discover potential causes more efficiently.
RESOURCES SPLUNK BUSINESS FLOW

UNLOCK THE TARGET THE  TART EVERY CONVERSATION

S
BENEFITS RIGHT PEOPLE THE RIGHT WAY

• Transparent business processes and customer Splunk Architect Admin Transparency

experiences: that enable users to easily discover
and detect high value threats to profitability with • Administers Splunk platform environment • What kinds of challenges do you have with getting
data streams from multiple systems • Wants productivity and data availability timely insights into delays or other problems with your
business processes?
• Identifiable problems end-to-end: with data IT Business Apps Admin
that’s correlated from multiple systems. Empower Problem detection
• Looks after business-critical applications from which logs
business operations professionals to easily detect are extracted • What kinds of challenges do you get visibility into?
threats to profitability • Wants low impact or transactional systems with secure End-to-end business processes?
access and distribution of data
• Diagnosis of root causes: by enabling IT teams Investigation
to quickly inspect the event data behind the
business process Line of Business (LOB) Business Operations Analyst • What kinds of challenges do you have investigating
• Provides operational insights to LOB decision makers the root cause of business process anomalies that
• Wants to improve the discovery and monitoring of critical get detected?
business processes as it affects KPIs
RESOURCES

SPLUNK +
VICTOROPS 4.2
WHAT’S NEW?

VictorOps makes on-call suck less, while reducing mean time to acknowledge and
restore outages. VictorOps empowers DevOps teams by delivering alerts to the
right people so they can collaborate and solve problems. Teams receive context-rich
notifications and collaborate cross-functionally to empower fast, efficient incident
resolution with reduced downtime. Stakeholders can gain visibility to critical incidents
and steps taken to resolve them.
RESOURCES SPLUNK VICTOROPS 4.2

UNLOCK THE TARGET THE  TART EVERY CONVERSATION

S
BENEFITS RIGHT PEOPLE THE RIGHT WAY

• Faster incident acknowledgement and resolution: • Network Operations Director Awareness

by removing waste and lag time that’s common • Engineering Manager
in incident response • What happens once your monitoring tools surface an alert?
• Support Engineer
• Who and how are they notified?
• Director of Services
• Empowered DevOps and developer teams: Complete • How long does it take teams to own an alert?
chatops experience, integration with the tools you already • Site Reliability Engineer (SRE)
have, incident timelines and reporting for blameless • Developer / Applications Developer Collaboration
post-incident reviews • DevOps Engineer / Platform engineer
• How do you get the right experts in the situation room
to solve problems? Or is everyone on-deck?
• Improved well-being of on-call teams: by engaging
developers and stakeholders with mobile experiences • How do you know who is “on-call” at a given time
• What’s your approach to on-call?
• How engaged are your on-call teams?
• What kind of post-incident reviews do you perform
right now?
RESOURCES

SPLUNK SECURITY
OPERATIONS SUITE
WHAT’S NEW?

The new Security Operations Suite consists of Splunk Enterprise Security (ES), Splunk
User Behavior Analytics (UBA), and Splunk Phantom. The suite brings together advanced
security analytics, machine learning, and automation and orchestration technologies to
power our customers’ Security Operations Center (SOC) — increasing the efficiency of
your security tools and resources while reducing customers’ exposure to risk. Splunk
modernizes security operations by acting as its nerve center, turning data into insights,
and insights into actions, streamlining their entire security stack to enable your SOC
to function at its highest level of performance. Pricing combinations to support Splunk
Security Operations Suite sales, which include built-in multi-product discounts, are now
available on the Splunk price list.
RESOURCES SPLUNK SECURITY OPERATIONS SUITE

UNLOCK THE TARGET THE  TART EVERY CONVERSATION

S
BENEFITS RIGHT PEOPLE THE RIGHT WAY

• Drive efficiency and scale: with modern SOC CISO Greater efficiency and scale
technologies for better detection, investigation
and response capabilities • Builds and executes a security strategy, reports the state of • Can you scale and ingest all security relevant data
security to C-suite and prioritizes products that strengthen to solve your security use cases?
the security posture • Can you effectively detect, investigate and respond to
• Wants to ensure the enable the business objectives while threats at large scale in the Cloud?
providing the best possible security at all times • Are you investigating every alert you receive? Are you
responding to incidents within your established SLAs?
SOC Manager
• Manages team of security analysts, can log into the
system to look at dashboards
• Wants effective personnel management and a
departmental interface

Security Administration / Engineer

• Installs and manages security tools
• Wants scalability and performance
RESOURCES

SPLUNK ENTERPRISE
SECURITY (ES) 5.3
WHAT’S NEW?

Splunk ES has been successfully validated at ingestion rates of greater than 40 TB

to addresses the needs of customers who want to handle all security relevant data
in real-time for effective threat management.
RESOURCES SPLUNK ENTERPRISE SECURITY (ES) 5.3

UNLOCK THE TARGET THE  TART EVERY CONVERSATION

S
BENEFITS RIGHT PEOPLE THE RIGHT WAY

• Manageable threats: with easier detection, investigation Security Administration / Engineer Greater security
and response across multiple vectors
• Installs and manages ES. May create custom dashboards • Can you scale and ingest all security relevant data
and analysts in a hybrid role to solve your security use cases?
• Wants scalability and performance • Can you effectively detect, investigate and respond
to threats at large scale in the cloud?
SOC Manager
• Manages team of security analysts. Can log into the
system to look at dashboards
• Wants effective personnel management and a
departmental interface

CISO
• Builds and executes a security strategy, reports the state of
security to C-suite and prioritizes products that strengthen
the security posture
• Wants to ensure the best possible security at all times with
an effective strategy and solutions
RESOURCES

SPLUNK USER BEHAVIOR

ANALYTICS (UBA) 4.3
WHAT’S NEW?

Unified security analytics for high scale deployments. Powered by machine learning,
UBA improves security analysts’ productivity by detecting threats and creating a list of
the most critical threats that need investigating. Admins and analysts have more visibility
and synchronized threat management for faster resolution.
RESOURCES SPLUNK USER BEHAVIOR ANALYTICS (UBA) 4.3

UNLOCK THE TARGET THE  TART EVERY CONVERSATION

S
BENEFITS RIGHT PEOPLE THE RIGHT WAY

• Enhanced workflow: simplify investigations with SOC Analyst Improved workflow

synchronized threat management across Splunk ES
and UBA for faster threat detection and response • Monitors dashboards and alerts for issues, carries out • What are your SOC teams’ biggest challenges?
forensic investigations and makes notification and Are they bogged down by thousands of alerts and
• Centralized monitoring: for Splunk admins to response standard false positives?
view UBA installations and critical apps within • Wants to investigate incidents effectively to validate and
their environment confirm concerns Better visibility
• How do you monitor your critical apps? Do you have
• Simplified data ingestion: with a vendor agnostic way SOC Manager a central way to view them?
to onboard auxiliary data sources • Manages security analysts. Can log into the system to look
at dashboards Simple data ingestion
• Wants effective personnel management and a • How do you ingest auxiliary data sources? Do you have a
departmental interface vendor agnostic way of ingesting auxiliary data sources?

CISO
• Develops and executes a security strategy, reports the
state of security to C-suite and prioritizes products that
strengthen the security posture
• Wants to ensure the best possible security at all times
with an effective strategy and solutions
RESOURCES

SPLUNK PHANTOM 4.5

WHAT’S NEW?

The Splunk Phantom 4.5 release includes major enhancements to the case management
capabilities of the platform. One example is an all-new summary view, making it easier for
new collaborators to gain an understanding of the case and its current status. Other analyst
experience enhancements can be found throughout the user interface, improving the
analyst’s efficiency and overall day-to-day experience.
RESOURCES SPLUNK PHANTOM 4.5

UNLOCK THE TARGET THE  TART EVERY CONVERSATION

S
BENEFITS RIGHT PEOPLE THE RIGHT WAY

• Overcome the shortage of security professionals: with a SOC Analyst • How challenging do you find it to hire, train,
tool that multiplies teams’ efforts and closes the skills gap and retain qualified security professionals?
• Triages incoming security events, carries out forensic
• Do you have more tools than you have time to learn?
• Simplify creation and maintenance of playbooks: with investigations and develops response plans and
automation playbooks • Does your alert volume outstrip your capacity
custom code blocks and enhanced playbook library listing for investigation?
• Wants to automate the boring stuff and focus their
• Speed up response times: by executing actions at machine attention on making the most mission-critical decisions • Do you struggle to execute a response plan in
speed to stop attacks before they’re successful a reasonable timeframe due to the number of
SOC Manager systems involved?
• Improve precision and reliability: by making sure that the • Are you able to respond fast enough to prevent
• Manages security analysts. Monitors key metrics like SLAs, an attack from being successful?
response to a threat is executed exactly as prescribed in
analyst efficiency, audits responses
standard operating procedures, the same way, every time • Are you spending more money, but not getting
• Wants to easily monitor operations and focus on more benefit from your security tools?
• Maximized security investments: marshal all of the tools maximizing team efficiency. Training and retaining the
available to stop threats more effectively best talent

CISO
• Develops and executes a security strategy, reports the
state of security to C-suite and prioritizes products that
strengthen the security posture
• Wants to enable key business initiatives while ensuring the
best possible security at all times. Takes a risk management-
based approach to security operations. Needs to show how
efforts reduce risk
RESOURCES

SPLUNK ENTERPRISE 7.3

AND SPLUNK MACHINE
LEARNING TOOLKIT 4.3
WHAT’S NEW?

Splunk Enterprise is already transforming data into valuable answers for organizations across
the globe. But with the latest update, users have an investment designed for the hybrid cloud,
where any user from anywhere can access the data they need and unlock meaningful insights that
drive productivity. Release 7.3 brings with new Splunk Connected Experiences - featuring mobile
alerts and dashboards, access to peripherals (Apple TV), and augmented reality – extending the
capabilities of Splunk Enterprise when users are away from their desks.

Splunk MLTK’s 4.3 update also brings big benefits to customers who want to build custom Machine
Learning (ML) models for any use case. Releases 4.1-4.3 include new data preparation functionality
and the addition of two new guided assistant panels, Smart Forecasting and Smart Outliers, with
enhanced workflows to guide users through machine learning model definition, training, review and
operationalization to production through a GUI-based experience.

Splunk Machine
Learning Toolkit
RESOURCES SPLUNK ENTERPRISE 7.3 AND SPLUNK MACHINE LEARNING TOOLKIT 4.3

UNLOCK THE TARGET THE

BENEFITS RIGHT PEOPLE

• Tap into unstructured data from all systems and at all CIO Analyst Site Reliability Manager and Process Engineer:
states: in near real time. Splunk doesn’t structure the data
until you need to ask a question. This flexibility enables • Manages technical vision and leads implementation • Maintains service reliability and speed
you to dig deeper and answer questions from a variety of • Wants disaster recovery, business continuity, security • Wants automation to ensure timely and accurate data
business, IT, and security functions and compliance
Director of Manufacturing:
• Instantly respond to issues before they become IT Director: • Manages production, scheduling, quality and cost
problems: with continuous analysis of your data • Manages IT operations and IT business • Wants to overcome labor shortages and deliver
environment to automatically identify, classify, predict and • Wants real time knowledge of the IT ecosystem better cybersecurity
self-heal IT, Security, IoT issues

• Investigate your data more efficiently: with GUI-based Splunk Admin: Incident Response Team Manager:
controls and enhanced dashboards available on mobile • Brings data into Splunk and makes insight accessible • Defines strategy and mission for the Incident Response team
devices. And explore your data through augmented reality • Wants to acquire, install and manage Splunk apps • Wants to measure and report on security management
• Simple deployment, management and scalability: in a IT Analyst: SOC analyst:
hybrid world, for portability across clouds/data centers
• Creates business user-focused data dashboards and analytics • Triages incoming security events, carries out forensic
• Turn insights into action: by giving stakeholders clear • Wants to fulfil end user business needs with a predictive vs investigations and develops response plans and
visibility of critical IT or security incidents, and the ability reactive mentality automation playbooks
to quickly resolve them • Wants to automate the boring stuff and focus their
Enterprise Architect: attention on making the most mission-critical decisions
• Delivers architecture to support an efficient and secure
IT environment SOC Manager
• Wants to combine disparate, legacy systems and empower • Manages security analysts. Monitors key metrics like SLAs,
end users analyst efficiency, audits responses
• Wants to easily monitor operations and focus on maximizing
team efficiency. Training and retaining the best talent
RESOURCES SPLUNK ENTERPRISE 7.3 AND SPLUNK MACHINE LEARNING TOOLKIT 4.3

 TART EVERY CONVERSATION

S
THE RIGHT WAY

Data access
• How many data sources are you consuming currently to
manage your business, and do you know where they are?

Insights
• What business scenarios do you encounter that you’d
like to be able to react to before they occurred? Do you
operate with forecasted activity?

Engagement
• How often are you wanting reports or “data insights” in
order to make you feel like you’re making better, more
informed business decisions?

Simple functionality
• Do you know “where” your data is?
NEW RESOURCES
FOR PARTNERS
Splunk’s innovation for our customers means more opportunities for your business
— especially when you take advantage of these free tools, assets and other
resources to really turn up the volume on your sales, services and solution creation.

Marketing campaign kit Sales kit > Technical kit >

An array of co-brandable Tools and assets to Expert product knowledge
assets and demand help you close more made easily accessible.
generation materials to deals more quickly.
dial up more sales for your
Splunk practice.

You can combine Splunk with products and experiences. For every $1 in Splunk license,
our most profitable partners see $6.30 in complementary solutions or service attach.

More resources will be added and updated regularly. Make sure you remember to check back.

Didn’t find what you need?

CONTACT US AT partner+@splunk.com
LOG ON TO Splunk Partner+ Portal to download sales, marketing
and technical resources to build your Splunk knowledge.