Splunk

Splunk Inc. is an American software company based in San Francisco, California, that produces software for searching, monitoring, and analyzing machine-generated data via a web-style interface. Its software helps capture, index and correlate real-time data in a searchable repository, from which it can generate graphs, reports, alerts, dashboards and visualizations.

The firm uses machine data for identifying data patterns, providing metrics, diagnosing problems and providing intelligence for business operations. It is a horizontal technology used for application management, security and compliance, as well as business and web analytics.

In September 2023, it was announced that Splunk would be acquired by Cisco for $28 billion in an all-cash deal. The transaction was completed on March 18, 2024.

Founding & early years
Michael Baum, Rob Das and Erik Swan co-founded Splunk Inc in 2003. Venture firms August Capital, Sevin Rosen, Ignition Partners and JK&B Capital backed the company.

By 2007, Splunk had raised US$40 million. It became profitable in 2009. In 2012 Splunk had its initial public offering, trading under NASDAQ symbol SPLK.

Company growth
In September 2013 the company acquired BugSense, a mobile-device data-analytics company. BugSense provides "a mobile analytics platform used by developers to improve app performance and improve quality". It supplied a "software developer kit" to give developers access to data analytics from mobile devices that it managed from its scalable cloud platform. The acquisition amount was undisclosed.

In December 2013, Splunk acquired Cloudmeter, a provider of network data capture technologies. In June 2015, Splunk acquired the software company Metafor that uses machine learning technology to analyze data generated from IT infrastructure and applications. In July 2015, Splunk acquired Caspida, a cybersecurity startup, for US$190 million.

In October 2015, Splunk sealed a "cybersecurity alliance" with U.S. government security contractor Booz Allen Hamilton Inc. to offer combined cyber threat detection and intelligence-analysis technology.

In 2016, Splunk pledged to donate $100 million in software licenses, training, support, education, and volunteerism for nonprofits and schools over a 10-year period.

According to Glassdoor, it was the fourth highest-paying company for employees in the United States in April 2017. In May 2017, Splunk acquired Drastin, a software company that provides search-based analytics for enterprises.

In September 2017, Splunk acquired SignalSense which developed cloud-based data collection and breach detection software. Splunk announced it was using machine learning about that time.

In October 2017, Splunk acquired technology and intellectual property from smaller rival Rocana. On April 9, 2018, Splunk acquired Phantom Cyber Corporation for approximately US$350 million. In April 2018, it reached US$14.8 billion of market capitalization. On June 11, 2018, Splunk announced its acquisition of VictorOps, a DevOps incident management startup, for US$120 million. In July 2018 Splunk acquired KryptonCloud, an industrial IoT and analytics SaaS company. Splunk acquired the cloud monitoring company, SignalFx, in October 2019 for $1.05 billion. Two weeks later on September 4, 2019, Splunk acquired Omnition—an early-stage startup specializing in distributed tracing—for an undisclosed amount.

Splunk also announced the launch of its corporate venture fund, Splunk Ventures—a $100 million Innovation Fund and a $50 million Social Impact Fund to invest in early-stage startups.

Recent history
In 2020, Splunk was named to the Fortune 1000 list. As of September 2020, Splunk's client list includes 92 companies on the Fortune 100 list. Splunk was recognized as a Leader in the 2020 Gartner Magic Quadrant for SIEM. The Gartner report evaluates SIEM providers, and then provides a graph (the Magic Quadrant) with vendors plotted based on their ability to execute (the Y-Axis) and their completeness of vision (the X-Axis). Splunk has been noted for its analytics and infrastructure monitoring, its ability to scale and index original, raw data, its infosec functions, and its multiple deployment options.

Splunk reported its fiscal 2021 fourth-quarter revenue of $745.1 million. For all of fiscal 2021, Splunk reported revenue of $2.23 billion. On November 15, 2021, Douglas Merritt stepped down as president and CEO. Graham Smith, Splunk's chairman since 2019, took over as interim CEO. On March 2, 2022, Splunk named Gary Steele, previously at Proofpoint, as its CEO and the successor to interim chief Graham Smith effective April 2022.

Cisco acquisition
On September 21, 2023 Cisco announced it would acquire Splunk for $28 billion in an all-cash deal. In November 2023, the company announced layoffs affecting 7% or 500 of its employees, following an earlier reduction of 300 staff in the same year. CEO Gary Steele clarified in a letter to employees, filed with the U.S. Securities and Exchange Commission, that the decision was not related to the Cisco deal.

In April 2024, Splunk won an infringement case against Crible, Inc., a startup competitor, for copying enterprise data analysis software. The jury awarded Splunk $1 in damages.

The acquisition of Spunk was completed in March 2024. It was the largest deal in Cisco's history. At the time, Splunk had 1,100 patents, with clients such as Singapore Airlines, Papa Johns, Heineken, and McLaren. Splunk continued under the same management, with pricing projected to stay the same.

In May 2024, former Splunk CEO Gary Steele was promoted to a Cisco executive, although Splunk continued to report to him. He remained Splunk general manager. Cisco's observability product development including its Cisco AppDynamics software was moved into Splunk after the integration.

Products
Splunk's core offering collects and analyzes high volumes of machine-generated data. It uses a lightweight agent to locally collect log messages from files, receives them via TCP or UDP syslog protocol on an open port (not preferred), or calls scripts to collect events from various application programming interfaces (APIs) to connect to applications and devices. It was developed for troubleshooting and monitoring distributed applications based on log messages.

Splunk Enterprise Security (ES) provides security information and event management (SIEM) for machine data generated from security technologies such as network, endpoints, access, malware, vulnerability, and identity information. It is a premium application that is licensed independently.

In 2011, Splunk released Splunk Storm, a cloud-based version of the core Splunk product. Splunk Storm offered a turnkey, managed, and hosted service for machine data. In 2013, Splunk announced that Splunk Storm would become a completely free service and expanded its cloud offering with Splunk Cloud. In 2015, Splunk shut down Splunk Storm.

In 2013, Splunk announced a product called Hunk: Splunk Analytics for Hadoop, which supports accessing, searching, and reporting on external data sets located in Hadoop from a Splunk interface.

In 2015, Splunk announced a Light version of the core Splunk product aimed at smaller IT environments and mid-sized enterprises. Splunk debuted Splunk IT Service Intelligence (ITSI) in September 2015. ITSI leverages Splunk data to provide visibility into IT performance. Software analytics can detect anomalies and determine their causes and the areas it affects.

Splunk Security Orchestration, Automation and Response (SOAR) free community edition, is free for as long as you want, up to 100 actions/day to automate tasks, orchestrate workflows, and reduce incident response times for cloud, on-premises or hybrid deployments.

Cloud transformation
In 2016, Google announced its cloud platform would integrate with Splunk to expand in areas like IT ops, security, and compliance. The company also announced additional machine learning capabilities for several of its major product offerings, which are installed on top of the platform. Splunk Cloud received FedRAMP authorization from the General Services Administration FedRAMP Program Management Office at the moderate level in 2019, enabling Splunk to sell to the federal government. This allows customers to access Google's AI and ML services and power them with data from Splunk. Also, by integrating with Google Anthos and Google Cloud Security Command Center, Splunk data can be shared among different cloud-based applications. To help companies manage the shift to a multi cloud environment, Splunk launched its Observability Cloud, which combines infrastructure monitoring, application performance monitoring, digital experience monitoring, log investigation, and incident response capabilities. In 2020, the company announced that Splunk Cloud is available on the Google Cloud Platform and launched an initiative with Amazon Web Services to help customers migrate on-premises Splunk workloads to Splunk Cloud on the AWS cloud.

In 2017, Splunk introduced Splunk Insights for ransomware, an analytics tool for assessing and investigating potential threats by ingesting event logs from multiple sources. The software is targeted toward smaller organizations like universities. The company also launched Splunk Insights for AWS Cloud Monitoring, a service to facilitate enterprises' migration to Amazon Web Services' cloud.

In 2018, Splunk introduced Splunk Industrial Asset Intelligence, which extracts information from IIoT(Industrial Internet of Things) data from various resources and presents its users with critical alerts.

In 2019, Splunk announced new capabilities to its platform, including the general availability of Data Fabric Search and Data Stream Processor. Data Fabric Search uses datasets across different data stores, including those that are not Splunk-based, into a single view. The required data structure is only created when a query is run.

Data Stream Processor is a real-time processing product that collects data from various sources and then distributes results to Splunk or other destinations. It allows role-based access to create alerts and reports based on data that is relevant for each individual. In 2020, it was updated to allow it to access, process, and route real-time data from multiple cloud services. Also, in 2019, Splunk rolled out Splunk Connected Experiences, which extends its data processing and analytics capabilities to augmented reality (AR), mobile devices, and mobile applications.

In 2020, Splunk announced  Splunk Enterprise 8.1 and the Splunk Cloud edition. They include stream processing, machine learning, and multi-cloud capabilities.

In October 2019, Splunk announced the integration of its security tools - including security information and event management (SIEM), user behavior analytics (UBA), and security orchestration, automation, and response (Splunk Phantom) — into the new Splunk Mission Control.

In 2019, Splunk introduced an application performance monitoring (APM) platform, SignalFx Microservices APM, that pairs “no-sample’ monitoring and analysis features with Omnition's full-fidelity tracing capabilities. Splunk also announced that a capability called Kubernetes Navigator would be available through their product, SignalFx Infrastructure Monitoring.

Splunkbase


Splunkbase is a community hosted by Splunk where users can go to find apps and add-ons for Splunk, which can improve the functionality and usefulness of Splunk, as well as provide a quick and easy interface for specific use cases and/or vendor products. As of October 2019, more than 2,000 apps were available on the site.

Integrations on Splunkbase include the Splunk App for New Relic, the ForeScout Extended Module for Splunk, and Splunk App for AWS.

McLaren
Starting in 2020, Splunk announced a partnership with the McLaren Formula One team, sponsoring the team and working with them to provide data analysis and insight on racing performance.

Splunk worked with McLaren Racing for several years, evaluating the performance data pulled from the nearly 300 sensors on every racecar, before becoming McLaren's official technology partner in February 2020. The partnership resulted in Splunk deployed across the McLaren Group. This included using Splunk to interpret data from McLaren's e-sports team. As part of the partnership, Splunk's logo was added to the sidepod and cockpit surrounds of the MCL35 racecar.

Trek-Segafredo
In November 2018, Splunk signed a sponsorship deal with the Trek-Segafredo professional road cycling team; the partnership started in 2019. Splunk replaced CA Industries as the company's technology partner. Splunk provides data analysis for the company, including analysis on riders, coaches, and mechanics. Team jerseys, bikes, and vehicles carry Splunk branding. Splunk also participates in Trek's race hospitality program.