Splunk Enterprise software enables collection, indexing and visualization of machine-generated data gathered from different sources in the IT infrastructure. These sources can include applications, networking devices, host and application logs, mobile devices and more. Splunk turns silos of data into operational insights and provides visibility across the IT infrastructure to enable faster problem solving and informed, data-driven decisions.
Together, Dell EMC and Splunk enable you to harness the power of machine data analytics with simplified deployment and scalability by lowering the cost of IT operations and delivering end-to-end operational intelligence.
This white paper covers the Splunk Enterprise distributed clustered deployment for 50 GB ingestion/day with 30-day hot/warm retention on PowerFlex rack with four nodes using Isilon for Splunk cold buckets to help customers gain high data availability, simplified scalability, and large capacity data retention needs. Usage of Isilon storage for cold bucket storage needs is optional. A general recommendation is to add Isilon storage when the cold bucket data is larger than 60 TB.
This approach can be extended to various volume ingestion requirements (based on the SVA guidelines) by scaling the required number nodes on the PowerFlex rack and leveraging the Dell EMC Isilon scale-out NAS storage platform for cold bucket storage needs.