so it definitely fits into basic being able to automate the redundant main mundane types of tasks that anyone can do right so you if you think about it if you have a security operations center with five or ten analysts it might take one analyst to do a task make two comes two or three hours and where you can leverage a tool like Sansom any type of sort platform to actually create a playbook to do that tasks within 30 seconds so not only are you minimizing the amount of you know headcount to do that you're also you know using your consistent tool to make that folks should make the function of you know more I want to say enhanced so you can build playbooks around it you can basically use that on a daily basis whether it's for security monitoring or network operations reporting all that becomes and the impact of mine thank you so what we do is we are a data analytics and intelligence nonprofit dedicated to countering all forms of human trafficking whether it's labor trafficking sex King or any of the subtypes men women and children all over the world so when you think about that what that really means is that we interact with thousands of state across law enforcement government nonprofits academia and then the private sector as well and all of those essentially act as data silos for human trafficking data and when you think about that as trafficking as a data problem or you tackle it as a data problem what that really means is that you have to have a technology and data led solution in order to solve the problem so that's really our mission here is to bring together all of those stakeholders give them easy access to tools that can help improve their counterpose yeah so like a day to day or like kind of what our team does is we focus on like what's going on previously what are we seeing in the wild like what campaigns are happening and then my role within my team is focused on what's coming so what are what are red team's working on what are pen testers looking into take that information begin testing it begin building proof of concepts put that back into our product so that whether it's two weeks six months two years we have coverage for it no matter what so a lot of us a lot of our time is generating proof of concepts on what may be coming so there's a lot of you know very unique things that maybe in the wild today and then there's some things that we may never see that are just very novel and kind of once one Center once a time kind of thing I joined nine months ago and when I was interviewing for the role I remember Doug Merritt saying to me hey you know we might be the only two billion dollar enterprise software company that nobody's ever heard of he said I want to go solve for that right like the folks you know Splunk and our customers they love us our product is awesome and our culture is awesome but the world doesn't know about us yet and we haven't invested there so I want to go take the brand to the next level and I want the world to understand what data use cases are out there that are so broad and so vast leave that every problem ultimately can be solved through data are almost every problem and we wanted to set the stage for that with this new brand campaign about the product were you guys ad using Splunk and you putting data sensors out there you leveraging an existing data bulb take us through some of that you know the nuts and bolts of what's going on the price so part of it is building out some data sets so there are some data sets that don't exist but the government and the counties and the private sector have built out a huge ball of corpus of data around where the buildings are where the people are where the cell phones are where the traffic is so we're able to leverage that information as we have it today the technology we're using the Amazon stack it's easy for us to spin up databases it's easy for us to build out and expand as we grow and the response we're able to have a place for all this real-time data to land and for us to be able to build API is to pull it out very very simple when we say dated everything we really mean it it's really you know it's a personal story for me I am on the government affairs team here is blog so I manage our relationships with governor's and mayors and these are the issues that they care about right when the city is burning down the mayor cares about that the governor this is you know one of the governor and California's and major initiatives is trying to find solutions on wildfires you know I met charlie my hometown Orinda California art fire chief in that town was one of sort of the outside advisors working with Charlie on this idea and we ran I met him at a house party where the fire chief was telling me that trim my trees back and shrubs back and then I was at a conference three days later that same fire chief Dave Winokur was on a panel with like folks from a super computer lab and NASA and MIT I was like you know my fire chief's still the smartest guy in that panel I got to meet this guy a few weeks later we were literally in the field doing these proof of concepts with sensors and data super savvy folks some of the other folks from Cal Fire there you know dropping Cox was with us today here it's what my and you know we've we've just been collaborating the whole time and seeing you know that that Splunk can really put some firepower the power behind these guys and we just see like look they've got the trust of these customers and we need to make sure this idea happens it's a great idea and it's going to save lives yeah the little small nuance data to everything data time and the reason behind that was we believe you can bring and we can enable our customers to bring data to every question every decision and every action to create meaningful outcomes and the use cases are vast and enormous we talked about some of them before the show started but helping look global law enforcement get ahead of human trafficking fierce Punk and spelunking what's going on across all sorts of data sources right helping zone Haven which is our first investment from Splunk ventures which startup that's actually helping firefighters figure out burn burn patterns with pilot wildfires but also when temperatures and humidity change we're sensors are they can alert firefighters 30 to 45 minutes earlier than they would usually do that and then they can also help influence evacuation patterns I mean it's it's remarkable what folks are doing with data today and it's really at the core of solving some of the world's biggest issues so I'm glad you mentioned data right we're a data company and we're very proud that we actually pull star diversity inclusion number so we moved the needle 1.8% on gender last year year-on-year pride but not satisfied we understand that there's much more to diversity inclusion than just gender but our strategy is threefold for diversity inclusion so its workforce workplace marketplace the farces arranged is where I talk about is improving our representation so that these women are no longer the only czar in the minority they were much more represented and we're lucky we have three women on our board we have four women in our C suite so we're making good good progress but there's a lot more to do and as I say it's not just about gender we want to do we know that innovation is fueled by diversity so we want to attract you know folks of different race different ethnicity books who are military veterans people with disability one its plans to be successful the important thing thing is you know the things you mentioned the the vulnerability scanning the intrusion detection these are all still important in the cloud I think the key thing that the cloud offers is the fact that you have the ability to now automate and integrate your security teams more tightly with the things that you're doing and you can actually we always talk about the move fast and stay secure customers choose AWS for the self-service the elasticity of the price and you can't take advantage of those unless you're secure you can actually keep up with you so the fact that everything isn't based on an API you can define infrastructure as code you can actually enforce standards now whether they be before you write a line of code in your DevOps pipeline we're actually being able to detect and >> those things all through code and in a consistent way really allows you to be able to look in your security in a different way and take the kind of philosophy and mindset you've always had around security but actually do something with it and be able to maybe do the things you've always wanted to do that have never had a chance to do it so I think I think security can actually keep up with you and actually help you different you're different to your business the acquisition is really extremely you know exciting for us you know after meeting Marcus I've known of Marcus he's a very positive influence in the community but having worked with him the vision for threat care and the vision for alike rests really closely aligned so where we want to take the future of security testing testing controls making sure upstream controls are working where threat care wanted to go for that was very much with what we aligned war so it made sense to partner up so very excited about that and I think we will roll that in our gray matter platform as another capability we really see the product involving the same way that you see a lot of the portfolio overall so Doug has talked a lot about investigate monitoring and analyzing and right and so those same concepts apply to how you think about a process as well so right now we're really helping the investigation and monitoring but will also continue to extend across that spectrum lifetime a lot of cloud services and micro services observability a big part of all this yeah definitely and how we've built the product but also I think you can sit alongside some of the other things that you're also seeing in that so I think the thing to understand is correct we're not just a security company but we are number one in the security magic quadrant we're number one in both IDC and Gartner and so that's important but what happens is all of the data that you collect first security can also be used for all these other use cases so generally speaking whatever you're collecting for security is also valuable for IT operations and it's also valuable for many other use cases so I'll give you an example Domino's which is a great customer of ours there they've gone 65% of their orders now come in digitally ok and so they monitor the entire end-to-end customer experience what they monitor not only from an IT operations perspective that same data that they use for IT operations also tells them you know what's being ordered what special orders are being made and they use that data for promotions based upon volume in traffic and timing they actually create promotions so now you're talking about the same data that you collected for a security night operations you can actually use for promotions which is marketing it's a great intro on data is awesome but we all have data to get to decisions first and actions second what that in action there's no point in gathering data and so many companies been working their tails off to digitize her landscapes why well you want a more flexible landscape but why the flexibility because there's so much data being generated there you can get effective decisions and then actions that landscape can adapt very very rapidly which goes back to machine learning and eventual AI opportunity set so that is absolutely squarely where we've been focused is translating that data into value and into actual outcomes which is why our orchestration automation piece is so so important one big 18 factors that we felt as existed is for this plunk index it's only for this blank index the pricing mechanism mechanism has been data volume and that's a little bit contrary to the promise which is you don't know where the values could be within data and whether it's a gigabyte or whether it's a petabyte why shouldn't be able to put whatever day do you want in to experiment you

>> Announcer: Live from Las Vegas, it's theCUBE, covering Splunk .conf19 , brought to you by Splunk. >> Okay, welcome back, everyone. It's theCUBE's live coverage of, we're on day three of our three days of coverage of .conf from Splunk. This is their 10th anniversary, and theCUBE has been there along the way, riding the data wave with them, covering all the action. Our next guest is Jill Cagliostro, who's a product strategist at Anomali, who also has a sister in cyber. So she's got the cyber sisters going on. Jill, great to have you on. Looking forward to hearing about your story. >> Great, thanks. I'm glad to be here. I've been in the security industry for about seven years now. I started when I was 19, and my sister had started before me. She's a few years older than me, and she started out doing defense contracting on the cyber side. And she just kind of ended up in the internship looking for a summer job, and she fell in love. And as I got to kind of learn about what she was doing and how it all worked together, I started to pursue it at Georgia Tech. And I joined our on campus hacker's group club, Grey Hat. I was the first female executive. That was fun. I ended up getting an internship from there with ConocoPhillips and Bishop Fox, and moved on to the vendor side eventually with a brief stop in security operations. >> And so you have a computer science degree from Georgia Tech, is that right? >> I do, and I'm actually pursuing my master's in their online master's in cyber security program right now as well. >> Awesome. Georgia Tech, great school. One of the best computer science programs. Been following it for years. Amazing graduates come out of there. >> Yeah, we've got some pretty impressive graduates. >> So you just jumped right into cyber, okay. Male-dominated field. More women are coming in, more than ever now because there's a big surface area in security. What's your-- What attracted you to cyber? So, I love that it's evolving, and it allows you to think about problems in different ways, right. It's a new problem, there's new issues to solve, and I've been exposed to technology from a young age. I went to an all girls high school which had a really strong focus on STEM. So, I took my first computer science class at 15, and it was in an environment of all women that were incredibly supportive. I actually started a scholarship at our high school to get more women to look at technology longer term as career options, and I go back and speak and teach them that technology is more than coding. There's product management, there's, you know, customer success, there's sales engineering, there's marketing, there's so much more in the space than just coding. So, I really try to help the younger generation see that and explore their options. >> You know that's a great point, and, you know, when I was in the computer science back in the '80s, it was coding. And then it was--well, I got lucky it was systems also, a lot of operating systems, and Linux revolution was just begun coming on the scene. But it's more than that. There's data, data analytics. There's a whole creative side of it. There's a nerdy math side. >> The user experience. >> John: There's a huge area. >> Work flows and processes is something that is so needed in the security industry, right. It's how you do everything. It's how you retain knowledge. It's how you train your new staff. And even just building processes, is something that can be tedious, but it can be so powerful. And if that's something your used to doing, it can be a great field to build. >> Well, you're here. It's our third day at the .conf, our seventh year here. What's your take of Splunk, because you're coming in guns blaring in the industry. You've got your cyber sister; she's at AWS. You see Splunk now. They've got a lot of capabilities. What's the security conversations like? What are people talking about? What's the top story in your mind here at .comf for security and Splunk? >> Yeah, so I'm actually a Splunk certified architect as well. Splunk was one of the first security tools that I really got to play with, so it's near and dear to my heart. And I get to work with-- I'm over at Anomali, which is a threat intelligence company, and I get to work with our own art, Splunk integration. So, what we do is we enable you to bring your intelligence into Splunk to search against all of the logs that you're bringing there to help you find the known data in your environment. And so, that's if you're a Splunk Enterprise customer or Splunk Core. But if you're an Enterprise Security customer, they have the threat intel component of their product, which we integrate with seamlessly. So, the components are really easy to work with, and we help you manage your intelligence a little bit more effectively, so you can significantly reduce your false positive rate while working within the framework you're comfortable in. And one of the-- >> What's the problem-- What's the problems statement that you guys solve? Is there one specific thing? >> God, there's--Yes there's quite a few issues, right. I would say the biggest thing that we solve is enabling our customers to operationalize their intelligence. There's so much information out there about the known bad, and CCOs and CEOs are sending emails every day, "Are we impacted? "Are we safe?" And we enable you to answer those questions very easily and very effectively. One of the other big trends we see is there is an issue in knowledge gaps, right. The industry is evolving so quickly. There's so much to know. Data on everything, right. So, we have another way that we can work with Splunk that isn't a direct integration, and it's our product called Anomali Lens. And what it does is it uses natural language processing to interpret the page that you're on and bring the threat intelligence to you. So, if you're looking at a Splunk search page, you know, investigating an incident on brute force, and you have a seemingly random list of IPs in front of you, and you need to know what does everyone else know about these, to make your job easier, you can scan it with Lens, and it'll bring the information right there to you. You don't have to go anywhere else. You can stay in the Splunk UI that you love. >> What's some exciting things you're working on now that you think people should know about that if maybe covered in the press or in the media or in general? What is some exciting areas that are happening? >> Yeah, so Lens is pretty exciting for us. We just launched that last month. We're doing a lot. So, we also have a product called Anomali Match, which is purpose built for threat intel because often what we see is when a breach happens, the indicators that you need to know if they're in your environment, they don't come to light until six months to a year later. And then being able to go backwards in time to answer that question of were you impacted can be very difficult and very expensive, right. Anomali Match is purpose built to answer those questions. So, as the indicators become available, you know immediately was I impacted on the order of seconds. So, it just enables you to answer your CEOs a little faster, right, and get better visibility into your environment. >> So when you look at data to everything, how do you see it evolving as more volume comes in? There's more threat surface area out there. >> Right, and continues to increase it's bounds. >> How should people be thinking about it as they zoom out and think architecturally, "I got to lay out my enterprise strategy. "I bought a few tools that try to be platforms, "but I need a broader playbook. "I need something bigger to help me." >> You've got to take a step back and get a little altitude, right? >> John: Yeah, take a little step back, yeah. >> Yeah, so threat intelligence should really be driving your whole security practice. We already know, for the most part, who's attacking who and what they're trying to do. And so, threat intelligence shouldn't just be an integration into Splunk, although that is a critical component of it. It should be informing, you know, your security practices where you stand up offices. There may be locations that are higher risk for you as a particular type of entity. And all this information is available, but you have to just get access to it. You need one place to stop where you can google the threat intel, and that's what Anomali ThreatStream, our flagship product, aims to do. And Lens just makes it more accessible than ever. Rather than having to go look it up yourself, it brings it to you. And so, we're trying to augment the knowledge base without having to memorize everything. That's what we need to do is we need to find ways to bring this information and make it more accessible so you don't have to look in three tools to find it. >> So, I got to ask you and change topics. As the younger generation comes into the industry, one of the things that I'm seeing as a trend is more developers are coming in. And it's not just so much devops, whose clouds gray, we love devops, but ops, network ops and security ops, are also a big part of it. People are building applications now. So, like, you're seeing startups that have been tech for good startups coming out, where you're seeing a great examples of people literally standing up applications with data. What's the young generation-- because there's a hacker culture out there that can move fast, solve a problem, but they don't have to provision a lot of stuff. That's what cloud computing does. But now Splunk's the world. Data's becoming more accessible. Data's the raw materials to get that asset or that value. What are developers-- how do you see the developers programming with data? >> So, they're looking at their jobs and saying, "What am I bored doing "that I have to do over and over every day, "and how can I automate it?" So, there's a lot of store technology. Splunk also has Phantom, and that's enabling our developers, our younger generation who grew up around Python and coding, to quickly plug a few pieces together and automate half their jobs, which gives them the time to do the really interesting stuff, the stuff that requires human intervention and interpretation, and analysis that can't be coded. And it's just giving us more time and more resources to put-- >> What kind of things are they doing with that extra time? Creative things, pet projects, or critical problems? >> Oh, God, so many pet projects. God, what are you interested in? I've seen things being done to like mine bit coin on the side, right, to make a little extra cash. That's always fun. I've seen people automate their social media profile. I've seen threat researchers use scripting to help them find new information on the internet and reshare it to build their public brand. That's a really big component of the younger generation that I don't think was as big in previous generations, where your public brand matters more than ever. And so, we're bringing that into everything we do. It's not just a job, it's a lifestyle. >> Sharing's a big ethos, too, sharing data. How important is sharing data in the security culture? >> Oh, it's critical. So, I mean, sharing data's been happening for forever, right. Company A has always been calling up their friend at company B, "Hey, we see this thing. "You might want to take a look, "but you didn't hear it from me," right. But through intel platforms, not just ThreatStream but all of them, allow you to share information at a larger scale ever than ever before. But it also, it gives you the ability to remain anonymous. Everyone's really scared to put into writing, "Hey, we saw this at our company," 'cause there's the risk of attribution, there's legal requirements, right. But with automated sharing you can retain a little bit of-- you can be a little bit anonymous. So, you can help the others be protected without exposing yourself to additional risk. >> Jill, you're awesome to have on theCUBE. Love to get the perspective of the young, up and coming, computer science, cyber, cyber sister. >> Cyber sister. >> John: You can just, other--where does she work? Amazon? >> She's over at AWS now. She just moved over a couple of weeks ago. We actually used to work together at Anomali. She did presales, and I did post sales. It was a lot of fun. >> And she hooked you into security, didn't she? >> Oh, she did, for better or worse, although I hope she's not watching. >> She will. She'll get a clip of this, I'll make sure. Jill, final question. The Splunk this year .conf, what's your takeaway? What are you going to take back to the office with you or share with your friends if they say, "Hey, what was the big story happening at Splunk this year?" What's going on here this year? >> The big thing is the data. The data is more accessible than ever before, so we're being challenged by Splunk to find new ways to use it, to innovate new ways. And I think that's kind of been their messaging the whole time, "Hey, we're giving you the power to do what you want. "What are you going to do with it?" This is my third Splunk conference in a row, and every year it just gets more and more exciting. I can't wait to see what next year holds. >> They allow people to deal with data, messy data to good data. >> Clean it up. >> John: Clean it up >> Make it easy to search across multiple data sources from one command line. Their user experience is the most intuitive I've used in terms of the log management solutions. >> Jill, great to have you, great insights. Thanks for sharing the data >> Thanks so much, John. >> John: here on theCUBE. Sharing data on theCUBE, that's what we do. We bring the data, the guests, we try to create it for you. Of course, we're data-driven, we're a CUBE-driven. I'm John Furrier, here from .conf, the 10th anniversary. We've been here from the beginning, riding the data tsunami waves. Waves plural 'cause there's more waves coming. I'm John Furrier. Thanks for watching. (upbeat music)

>>live from Las Vegas. It's the Cube covering Splunk dot com. 19. Brought to you by spunk >>Welcome back Everyone's two cubes Live coverage from Las Vegas. Four Splunk dot com 2019 The 10th anniversary of their and user conference I'm John Free host of the key that starts seventh year covering Splunk Riding the wave of Big Data Day three of our three days were winding down. Our show are great to have on next guest Didn't Medoc executive director be Ibis Intelligence? Advanced Data Analytics at Clemson University Big A C C. Football team Everyone knows that. Great stadium. Great to have you on. Thanks for spending the time to come by and on Day three coverage. >>Thanks, John, for having me over. >>So, you know, hospitals, campuses, some use cases just encapsulate the digital opportunities and challenges. But you guys air have that kind of same thing going on. You got students, you got people who work there. You got a I ot or campus to campus is you guys are living the the real life example of physical digital coming together. Tell us about what's going on in your world that Clemson wouldn't your job there. What's your current situation? >>So, like you mentioned, we have a lot of students. So Clemson's about 20,000 undergraduate, children's and 5000 graduate students way faculty and staff. So you're talking about a lot of people every semester. We have new devices coming in. We have to support the entire network infrastructure, our student information systems on and research computing. So way we're focused on how convene make students lives better than experience. Better on how convene facilitated education for them. So way try toe in my role. Specifically, I'm responsible for the advanced eight analytics, the data that we're collecting from our systems. How can we? How can you use that on get more insides for better decision making? So that's that's >>Is a scope university wide, or is it specifically targeted for certain areas? >>So it does interest divide. So we have. We have some key projects going on University wide way, have a project for sure and success. There's a project for space utilization and how how, how we can utilize space and campus more efficiently. And then we're looking at energy energy usage across buildings campus emergency management idea. So we've got a couple of projects, and then Pettersson projects that most hired edge motion overseas work on this father's retention enrollment, graduation rates. How how the academics are. So so we're doing the same thing. >>What's interesting is that the new tagline for Splunk is data to everything. You got a lot of things. Their data. Ah, lot of horizontal use cases. So it seems to me that you have, ah, view and we're kind of talking on camera before we went live here was Dana is a fluid situation is not like just a subsystem. It's gotta be every native everywhere in the organization on touched, touches everything. How do you guys look at the data? Because you want to harness the data? Because data getting gathering on, say, energy. Your specialization might be great data to look at endpoint protection, for instance. I don't know. I'm making it up, but data needs to be workable. Cross. How do you view that? What's what's the state of the art thinking around data everywhere? >>So the key thing is, we've got so many IOC's. We've got so many sensors, we've got so many servers, it's it's hard when you work with different technologies to sort of integrate all of them on in the industry that have bean Some some software companies that try to view themselves as being deking, but really the way to dress it does you look at each system, you look at how you can integrate all of that, all of that data without being deking. So you basically analyze the data from different systems. You figured out a way to get it into a place where you can analyze it on, then make decisions based on that. So so that's essentially what we've been focused on. Working on >>Splunk role in all this is because one of things that we've been doing spot I've been falling spunk for a long time in a very fascinated with law. How they take log files and make make value out of that. And their vision now is that Grew is grow is they're enabling a lot of value of the data which I love. I think it's a mission that's notable, relevant and certainly gonna help a lot of use cases. But their success has been about just dumping data on display and then getting value out of it. How does that translate into this kind of data space that you're looking at, because does it work across all areas? What should what specifically are you guys doing with Splunk and you talk about the case. >>So we're looking at it as a platform, like, how can we provide ah self service platform toe analysts who can who can go into system, analyze the data way not We're not focusing on a specific technology, so our platform is built up of multiple technologies. We have tableau for visual analytics. We're also using Splunk. We also have a data warehouse. We've got a lot of databases. We have a Kafka infrastructure. So how can we integrate all of these tools and give give the choice to the people to use the tools, the place where we really see strong helping us? Originally in our journey when we started, our network team used to long for getting log data from switches. It started off troubleshooting exercise of a switch went down. You know what was wrong with it? Eventually we pulled in all for server logs. That's where security guard interested apart from the traditional idea of monitoring security, saw value in the data on. And then we talked about the whole ecosystem. That that's one provides. It gives you a way to bring in data withdrawal based access control so you can have data in a read only state that you can change when it's in the system and then give access to people to a specific set of data. So so that's that's really game changing, even for us. Like having having people be comfortable to opening data to two analysts for so that they can make better decisions. That's that's the key with a lot of product announcements made during dot com, I think the exciting thing is it's Nargis, the data that you index and spunk anymore, especially with the integration with With Dew and s three. You don't have to bring in your data in response. So even if you have your data sitting in history, our audio do cluster, you can just use the data fabric search and Sarge across all your data sets. And from what I hear that are gonna be more integrations that are gonna be added to the tool. So >>that's awesome. Well, that's a good use. Case shows that they're thinking about it. I got to ask you about Clemson to get into some of the things that you guys do in knowing Clemson. You guys have a lot of new things. You do your university here, building stuff here, you got people doing research. So you guys are bringing on new stuff, The network, a lot of new technology. Is there security concerns in terms of that, How do you guys handle that? Because you want to encourage innovation, students and faculty at the same time. You want gonna have the data to make sure you get the security without giving away the security secrets are things that you do. How do you look at the data when you got an environment that encourages people to put more stuff on the network to generate more data? Because devices generate data project, create more data. How do you view that? How do you guys handle that? >>So our mission and our goal is not to disrupt the student experience. Eso we want to make it seem less. And as we as we get influx of students every semester, we have way have challenges that the traditional corporate sector doesn't have. If you think about our violence infrastructure. We're talking about 20 25,000 students on campus. They're moving around. When, when? When they move from one class to another, they're switching between different access points. So having a robust infrastructure, how can we? How can we use the data to be more proactive and build infrastructure that's more stable? It also helps us plan for maintenance is S O. We don't destruct. Children's so looking at at key usage patterns. How what time's Our college is more active when our submissions happening when our I. D. Computing service is being access more and then finding out the time, which is gonna be less disruptive, do the students. So that's that's how we what's been >>the biggest learnings and challenges that you've overcome or opportunities that you see with data that Clemson What's the What's the exciting areas and or things that you guys have tripped over on, or what I have learned from? We'll share some experiences of what's going on in there for you, >>So I think Sky's the limit here. Really like that is so much data and so less people in the industry, it's hard to analyze all of the data and make sense of it. And it's not just the people who were doing the analysis. You also need people who understand the data. So the data, the data stores, the data trustees you need you need buy in from them. They're the ones who understand what data looks like, how how it should be structured, how, how, how it can be provided for additional analysis s Oh, that's That's the key thing. What's >>the coolest thing you're working on right now? >>So I'm specifically working on analyzing data from our learning management system canvas. So we're getting data informer snapshots that we're trying to analyze, using multiple technologies for that spunk is one of them. But we're loading the data, looking at at key trends, our colleges interacting, engaging with that elements. How can we drive more adoption? How can we encourage certain colleges and departments, too sort of moved to a digital classroom Gordon delivery experience. >>I just l a mess part of the curriculum in gym or online portion? Or is it integrated into the physical curriculum? >>So it's at this time it's more online, But are we trying to trying to engage more classes and more faculty members to use the elements to deliver content. So >>right online, soon to be integrated in Yeah, you know, I was talking with Dawn on our team from the Cube and some of the slum people this week. Look at this event. This is a physical event. Get physical campuses digitizing. Everything is kind of a nirvana. It's kind of aspiration is not. People aren't really doing 100% but people are envisioning that the physical and digital worlds are coming together. If that happens and it's going to happen at some point, it's a day that problem indeed, Opportunity date is everything right? So what's your vision of that as a professional or someone in the industry and someone dealing with data Clemson Because you can digitize everything, Then you can instrument everything of your instrument, everything you could start creating an official efficiencies and innovations. >>Yes, so the way I think you you structure it very accurately. It's amalgam of the physical world and the digital world as the as the as the world is moving towards using more more of smartphones and digital devices, how how can we improve experience by by analyzing the data on and sort of be behind the scenes without even having the user. The North is what's going on trading expedience. If the first expedience is in good that the user has, they're not going to be inclined to continue using the service that we offer. >>What's your view on security now? Splunk House League has been talking about security for a long time. I think about five years ago we started seeing the radar data. Is driving a lot of the cyber security now is ever Everyone knows that you guys have a lot of endpoints. Security's always a concern. How do you guys view the security of picture with data? How do you guys talk about that internally? How do you guys implement data without giving me a secret? You know, >>way don't have ah ready Good Cyber Security Operation Center. That's run by students on. And they do a tremendous job protecting our environment. Way monitored. A lot of activity that goes on higher I deserve is a is a challenge because way have in the corporate industry, you can you can have a set of devices in the in the higher education world We have students coming in every semester that bringing in new, important devices. It causes some unique set of challenges knowing where devices are getting on the network. If if there's fishing campaigns going on, how can be, How can we protect that environment and those sort of things? >>It is great to have you on. First of all, love to have folks from Clemson ons great great university got a great environment. Great Great conversation. Congratulations on all your success on their final question for you share some stories around some mischief that students do because students or students, you know, they're gonna get on the network and most things down. Like when when I was in school, when we were learning they're all love coding. They're all throwing. Who knows? Kitty scripts out there hosting Blockchain mining algorithms. They gonna cause some creek. Curiosity's gonna cause potentially some issues. Um, can you share some funny or interesting student stories of caught him in the dorm room, but a server in there running a Web farm? Is there any kind of cool experiences you can share? That might be interesting to folks that students have done that have been kind of funny mistress, but innovative. >>So without going into Thio, I just say, Like most universities, we have, we have students and computer science programs and people who were programmers and sort of trying to pursue the security route in the industry. So they, um, way also have a lot of research going on the network on. And sometimes research going on may affect our infrastructure environment. So we tried toe account for those use cases and on silo specific use cases and into a dedicated network. >>So they hit the honeypot a lot. They're freshmen together. I'll go right to the kidding, of course. >>Yes. So way do we do try to protect that environment on Dhe. Makes shooting experience better. >>I know you don't want to give any secrets. Thanks for coming on. I always find a talk tech with you guys. Thanks so much appreciated. Okay. Cube coverage. I'm shot for a year. Day three of spunk dot com for more coverage after this short break

>> Announcer: Live from Las Vegas, it's theCUBE! Covering Splunk .conf19. Brought to you by Splunk. Okay, welcome back, everyone. This is day three live CUBE coverage here in Las Vegas for Splunk's .conf. Its 10 years anniversary of their big customer event. I'm John Furrier, theCUBE. This is our seventh year covering, riding the wave with Splunk. From scrappy startup, to going public company, massive growth, now a market leader continuing to innovate. We're here with the CEO, Doug Merritt of Splunk. Thanks for joining me, good to see you. >> Thank you for being here, thanks for having me. >> John: How ya feelin'? (laughs) >> Exhausted and energized simultaneously. (laughs) it was a fun week. >> You know, every year when we have the event we discuss Splunk's success and the loyalty of the customer base, the innovation, you guys are providing the value, you got a lot of happy customers, and you got a great ecosystem and partner network growing. You're now growing even further, every year it just gets better. This year has been a lot of big highlights, new branding, so you got that next level thing goin' on, new platform, tweaks, bringing this cohesive thing. What's your highlights this year? I mean, what's the big, there's so much goin' on, what's your highlights? >> So where you started is always my highlight of the show, is being able to spend time with customers. I have never been at a company where I feel so fortunate to have the passion and the dedication and the enthusiasm and the gratitude of customers as we have here. And so that, I tell everyone at Splunk this is similar to a holiday function for a kid for me where the energy keeps me going all year long, so that always is number one, and then around the customers, what we've been doing with the technology architecture, the platform, and the depth and breadth of what we've been working on honestly for four plus years. It really, I think, has come together in a unique way at this show. >> Last year you had a lot of announcements that were intentional announcements, it's coming. They're coming now, they're here, they're shipping. >> They're here, they're here. >> What is some of the feedback you're hearing because a lot of it has a theme where, you know, we kind of pointed this out a couple of years ago, it's like a security show now, but it's not a security show, but there's a lot of security in there. What are some of the key things that have come out of the oven that people should know about that are being delivered here? >> So the core of what we're trying to communicate with Data-to-Everything is that you need a very multifaceted data platform to be able to handle the huge variety of data that we're all dealing with, and Splunk has been known and been very successful at being able to index data, messy, non-structured data, and make sense of it even though it's not structured in the index, and that's been, still is incredibly valuable. But we started almost four years ago on a journey of adding in stream processing before the data gets anywhere, to our index or anywhere else, it's moving all around the world, how do you actually find that data and then begin to take advantage of it in-flight? And we announced that the beta of Data Stream Processor last year, but it went production this year, four years of development, a ton of patents, a 40 plus person, 50 plus person, development team behind that, a lot of hard engineering, and really elegant interface to get that there. And then on the other end, to complement the index, data is landing all over the place, not just in our index, and we're very aware that different structures exist for different needs. A data warehouse has different properties than a relational database which has different properties than a NoSQL column store in-memory database, and data is going to only continue to be more dispersed. So again, four plus years ago we started on what now is Data Fabric Search which we pre-announced in beta format last year. That went production at this show, but the ability to address a distributed Splunk landscape, but more importantly we demoed the integration with HTFS and S3 landscapes as the proof point of we've built a connector framework, so that this really cannot just be a incredibly high-speed, high-cardinality search processing engine, but it really is a federated search engine as well. So now we can operate on data in the stream when it's in motion. We obviously still have all the great properties of the Splunk index, and I was really excited about Splunk 8.0 and all the features in that, and we can go get data wherever it lives across a distributed Splunk environment, but increasingly across the more and more distributed data environment. >> So this is a data platform. This is absolutely a data platform, so that's very clear. So the success of platforms, in the enterprise at least, not just small and medium-sized businesses, you can have a tool and kind of look like a platform, there's some apps out there that I would point to and say, "Hey, that looks like a tool, it's really not a platform." You guys are a platform. But the success of a platform are two things, ecosystem and apps, because if you're in a platform that's enabling value, you got to have those. Talk about how you see the ecosystem success and the app success. Is that happening in your view? >> It is happening. We have over 2,000 apps on our Splunkbase framework which is where any of our customers can go and download the application to help draw value of a Palo Alto firewall, or ensure integration with a ServiceNow trouble ticketing system, and thousands of other examples that exist. And that has grown from less than 300 apps, when I first got here six years ago, to over 2,000 today. But that is still the earliest inning, for earliest pitch and your earliest inning journey. Why are there 20,000, 200,000, two million apps out there? A piece of it is we have had to up the game on how you interface with the platform, and for us that means through a stable set of services, well-mannered, well-articulated, consistently maintained services, and that's been a huge push with the core Splunk index, but it's also a big amount of work that we've been doing on everything from the separation between Phantom runbooks and playbooks with the underlying orchestration automation, it's a key component of our Stream Processor, you know, what transformations are you doing, what enrichments are you doing? That has to live separate than the underlying technology, the Kafka transport mechanism, or Kinesis, or whatever happens in the future. So that investment to make sure we got a effective and stable set of services has been key, but then you complement that with the amazing set of partners that are out here, and making sure they're educated and enabled on how to take advantage of the platform, and then feather in things like the Splunk Ventures announcement, the Innovation Fund and Social Impact Fund, to further double down on, hey, we are here to help in every way. We're going to help with enablement, we're going to help with sell-through and marketing, and we'll help with investment. >> Yeah, I think this is smart, and I think one of the things I'll point out is that feedback we heard from customers in conversations we had here on theCUBE and the hallway is, there's a lot of great feedback on the automation, the machine learning toolkit, which is a good tell sign of the engagement level of how they're dealing with data, and this kind of speaks to data as a value... The value creation from data seems to be the theme. It's not just data for data's sake, I mean, managing data is all hard stuff, but value from the data. You mentioned the Ventures, you got a lot of tech for good stuff goin' on. You're investing in companies where they're standing up data-driven companies to solve world problems, you got other things, so you guys are adjusting. In the middle innings of the data game, platform update, business model changes. Talk about some of the consumption changes, now you got Splunk Cloud, what's goin' on on (laughs) how you charge, how are customers consuming, what moves did you guys make there and what's the result? >> Yeah, it's a great intro on data is awesome, but we all have data to get to decisions first and actions second. Without an action there is no point in gathering data, and so many companies have been working their tails off to digitize their landscapes. Why, well you want a more flexible landscape, but why the flexibility? Because there's so much data being generated that if you can get effective decisions and then actions, that landscape can adapt very, very rapidly, which goes back to machine learning and eventual AI-type opportunities. So that is absolutely, squarely where we've been focused, is translating that data into value and into actual outcomes, which is why our orchestration automation piece was so important. One of the gating factors that we felt has existed is for the Splunk index, and it's only for the Splunk index, the pricing mechanism has been data volume, and that's a little bit contrary to the promise, which is you don't know where the value is going to be within data, and whether it's a gigabyte or whether it's a petabyte, why shouldn't you be able to put whatever data you want in to experiment? And so we came out with some updates in pricing a month and change ago that we were reiterating at the show and will continue to drive on a, hopefully, very aggressive and clear marketing and communications framework, that for people that have adjusted to the data volume metric, we're trying to make that much simpler. There's now a limited set of bands, or tiers, from 100 gigs to unlimited, so that you really get visibility on, all right, I think that I want to play with five terabytes, I know what that band looks like and it's very liberal. So that if you wind up with six and a half terabytes you won't be penalized, and then there's a complimentary metric which I think is ultimately going to be the more long-lived metric for our infrastructurally-bound products, which is virtual CPU or virtual core. And when I think about our index, stream processing, federated search, the execution of automation, all those are basically a factor of how much infrastructure you're going to throw at the problem, whether it's CPU or whether it's storage or network. So I can see a day when Splunk Enterprise and the index, and everything else at that lower level, or at that infrastructure layer, are all just a series of virtual CPUs or virtual cores. But I think both, we're offering choice, we really are customer-centric, and whether you want a more liberal data volume or whether you want to switch to an infrastructure, we're there and our job is to help you understand the value translation on both of those because all that matters is turning it into action and into doing. >> It's interesting, in the news yesterday quantum supremacy was announced. Google claims it, IBM's debating it, but quantum computing just points to the trend that more compute's coming. So this is going to be a good thing for data. You mentioned the pricing thing, this brings up a topic we've been hearing all week on theCUBE is, diverse data's actually great for machine learning, great for AI. So bringing in diverse data gives you more aperture into data, and that actually helps. With the diversity comes confusion and this is where the pricing seems to hit. You're trying to create, if I get this right, pricing that matches the needs of the diverse use of data. Is that kind of how you guys are thinkin' about it? >> Meets the needs of diverse data, and also provides a lot of clarity for people on when you get to a certain threshold that we stop charging you altogether, right? Once you get above 10s of terabytes to 100 terabytes, just put as much data in as you want. The foundation of Splunk, going back to the first data, is we're the only technology that still exists on the index side that takes raw, non-formatted data, doesn't force you to cleanse or scrub it in any way, and then takes all that raw data and actually provides value through the way that we interact with the data with our query language. And that design architecture, I've said it for five, six years now, is completely unique in the industry. Everybody else thinks that you've got to get to the data you want to operate on, and then put it somewhere, and the way that life works is much more organic and emergent. You've got chaos happening, and then how do you find patterns and value out of that chaos? Well, that chaos winds up being pretty voluminous. So how do we help more organizations? Some of the leading organizations are at five to 10 petabytes of data per day going through the index. How do we help everybody get there? 'Cause you don't know the nugget across that petabyte or 10 petabyte set is going to be the key to solving a critical issue, so let's make it easy for you to put that data in to find those nuggets, but then once you know what the pattern is, now you're in a different world, now you're in the structured data world of metrics, or KPIs, or events, or multidimensional data that is much more curated, and by nature that's going to be more fine-grained. There's not as much volume there as there is in the raw data. >> Doug, I notice also at the event here there's a focus on verticals. Can you comment on the strategy there, is that by design? Is there a vertical focus? >> It's definitely by design. >> Share some insight into that. >> So we launched with an IT operations focus, we wound up progressing over the years to a security operations focus, and then our doubling down with Omnition, SignalFx, VictorOps, and now Streamlio is a new acquisition on the DevOps and next gen app dev buying centers. As a company and how we go to market and what we are doing with our own solutions, we stay incredibly focused on those three very technical buying centers, but we've also seen that data is data. So the data you're bringing in to solve a security problem can be used to solve a manufacturing problem, or a logistics and supply chain problem, or a customer sentiment analysis problem, and so how do you make use of that data across those different buying centers? We've set up a verticals group to seed, continue to seed, the opportunity within those different verticals. >> And that's compatible with the horizontally scalable Splunk platform. That's kind of why that exists, right? >> That the overall platform that was in every keynote, starting with mine, is completely agnostic and horizontal. The solutions on top, the security operations, ITOps, and DevOps, are very specific to those users but they're using the horizontal platform, and then you wind up walking into the Accenture booth and seeing how they've taken similar data that the SecOps teams gathered to actually provide insight on effective rail transport for DB cargo, or effective cell tower triangulation and capacity for a major Australian cell company, or effective manufacturing and logistics supply chain optimization for a manufacturer and all their different retail distribution centers. >> Awesome, you know, I know you've talked with Jeff Frick in the past, and Stu Miniman and Dave Vellante about user experience, I know that's something that's near and dear to your heart. You guys, it has been rumored, there's going to be some user experience work done on the onboarding for your Splunk Cloud and making it easier to get in to this new Splunk platform. What can we expect on the user experience side? (laughs) >> So, for any of you out there that want to try, we've got Splunk Investigate, that's one of the first applications on top of the fully decomposed, services layered, stateless Splunk Cloud. Mission Control actually is a complementary other, those are the first two apps on top of that new framework. And the UI and experience that is in Splunk Investigate I think is a good example of both the ease of coming to and using the product. There's a very liberal amount of data you get for free just to experiment with Splunk Investigate, but then the onboarding experience of data is I think very elegant. The UI is, I love the UI, it's a Jupyter-style workbook-type interface, but if you think about what do investigators need, investigators need both some bread crumbs on where to start and how to end, but then they also need the ability to bring in anybody that's necessary so that you can actually swarm and attack a problem very efficiently. And so when you go back and look at, why did we buy VictorOps? Well, it wasn't because we think that the IT alerting space is a massive space we're going to own, it's because collaboration is incredibly important to swarm incidents of any type, whether they're security incidents or manufacturing incidents. So the facilities at VictorOps gave, on allowing distributed teams and virtual teams to very quickly get to resolution. You're going to find those baked into all products like Mission Control 'cause it's one of the key facilities of, that Tim talked about in his keynote, of indulgent design, mobility, high collaboration, 'cause luckily people still matter, and while ML is helping all of us be more productive it isn't taking away the need for us, but how do you get us to cooperate effectively? And so our cloud-based apps, I encourage any of you out there, go try Splunk Investigate, it's a beautiful product and I think you'll be blown away by it. >> Great success on the product side, and then great success on the customer side, you got great, loyal customers. But I got to ask you about the next level Splunk. As you look at this event, what jumps out at me is the cohesiveness of the story around the platform and the apps, ecosystem's great, but the new branding, Data-to-Everything. It's not product-specific 'cause you have product leadership. This is a whole next level Splunk. What is the next level Splunk vision? >> And I love the pink and orange, in bold colors. So when I've thought about what are the issues that are some of the blockers to Splunk eventually fulfilling the destiny that we could have, the number one is awareness. Who the heck is Splunk? People have very high variance of their understanding of Splunk. Log aggregation, security tool, IT tool, and what we've seen over and over is it is much more this data platform, and certainly with the announcements, it's becoming more of this data fabric or platform that can be used for anything. So how do we bring awareness to Splunk? Well, let's help create a category, and it's not up to us to create the category, it's up to all of you to create the category, but Data-to-Everything in our minds represents the power of data, and while we will continue internally to focus on those technical buying centers, everything is solvable with data. So we're trying to really reinforce the importance of data and the capabilities that something like Splunk brings. Cloud becomes a really important message to that because that makes it, execution to that, 'cause it makes it so much easier for people to immediately try something and get value, but on-prem will always be important as well 'cause data has gravity, data has risk, data has cost to move. And there are so many use cases where you would just never push data to the cloud, and it's not because we don't love cloud. If you have a factory that's producing 100 terabytes an hour in a area where you've got poor bandwidth, there's no option for a cloud connect there of high scale, so you better be able to process, make sense of, and act on that data locally. >> And you guys are great in the cloud too, on-premise, but final word, I want to get your thoughts to end this segment, I know you got to run, thanks for your time, and congratulations on all your success. Data for good. There's a lot of tech for bad kind of narratives goin' on, but there's a real resurgence of tech for good. A lot of people, entrepreneurs, for-profit, for-nonprofit, are doing ventures for good. Data is a real theme. Data for good is something that you have, that's part of the Data-to-Everything. Talk about the data for good real quick. >> Yeah, we were really excited about what we've done with Splunk4Good as our nonprofit focused entity. The Splunk Pledge which is a classic 1-1-1 approach to make sure that we're able to help organizations that need the help do something meaningful within their world, and then the Splunk Social Impact Fund which is trying to put our money where our mouth is to ensure that if funding and scarcity of funds is an issue of getting to effective outcomes, that we can be there to support. At this show we've featured three awesome charities, Conservation International, NetHope, and the Global Emancipation Network, that are all trying to tackle really thorny problems with different, in different ways, different problems in different ways, but data winds up being at the heart of one of the ways to unlock what they're trying to get done. We're really excited and proud that we're able to actually make meaningful donations to all three of those, but it is a constant theme within Splunk, and I think something that all of us, from the tech community and non-tech community are going to have to help evangelize, is with every invention and with every thing that occurs in the world there is the power to take it and make a less noble execution of it, you know, there's always potential harmful activities, and then there's the power to actually drive good, and data is one of those. >> Awesome. >> Data can be used as a weapon, it can be used negatively, but it also needs to be liberated so that it can be used positively. While we're all kind of concerned about our own privacy and really, really personal data, we're not going to get to the type of healthcare and genetic, massive shifts in changes and benefits without having a way to begin to share some of this data. So putting controls around data is going to be important, putting people in the middle of the process to decide what happens to their data, and some consequences around misuse of data is going to be important. But continuing to keep a mindset of all good happens as we become more liberal, globalization is good, free flow of good-- >> The value is in the data. >> Free flow of people, free flow of data ultimately is very good. >> Doug, thank you so much for spending the time to come on theCUBE, and again congratulations on great culture. Also is worth noting, just to give you a plug here, because it's, I think, very valuable, one of the best places to work for women in tech. You guys recently got some recognition on that. That is a huge accomplishment, congratulations. >> Thank you, thank you, we had a great diversity track here which is really important as well. But we love partnering with you guys, thank you for spending an entire week with us and for helping to continue to evangelize and help people understand what the power of technology and data can do for them. >> Hey, video is data, and we're bringin' that data to you here on theCUBE, and of course, CUBE cloud coming soon. I'm John Furrier here live at Splunk .conf with Doug Merritt the CEO. We'll be back with more coverage after this short break. (futuristic music)

>>live from Las Vegas. It's the Cube covering Splunk dot com. 19. Brought to you by spunk. >>Welcome back to the Cube, everyone. I'm John Ferrier with an angle on the Cube here in Las Vegas for Splunk dot com. 19. It's there 10 years of their customer main event. All the top customers and partners were here and, of course, accuse. Been covering dot com for seven years at a great guests from a censure. Mike Heinlein. Ecosystem Adventures. Global Analytics Plays and offerings lead a century Now. First of all, welcome to the Q. Thank you, John says. You're always has >>long titles. It's a very long title. Your lead. That's a mouthful. Offerings. Yeah, this >>meanings to these titles of the century. This, like >>Esso, I'm part of the Ecosystem Adventures Group, which helps to incubate our various different channel partners. And Dr Service is with those partners and then within the splint partnership. I'm focused on driving analytics offerings with various different practices that are already considering analytics and taking those >>to market. So you guys have a relation with spunk is evolving pretty quickly. >>It is >>what's the future look like? What's the current path >>Well, as you may be aware, we recently renewed our partnership with Bronco back in February. After two and 1/2 years, we had achieved most of our goals. And where we were starting to see is that where our initial objective was to help our clients to get Maur costs takeout and risk associated with their I T and Security operations way also learned a few things along the way, which is the Splunk Analyze politics engine can also be used outside of I t and Security and we can start to take it into industry verticals. And so one of the exciting things that we're doing is we brought our digital practice into the tent with us. We renewed in February, way have a couple of years. We're looking into the future, and we're gonna not only double down in i t and Security, but we're also going to start to build business analytics and io ti type solutions on top of within the vertical industries that were focused on one >>of those industries. Can you share them? >>Yeah. Yeah, so? So it would be things like energy utilities where power line analytics to reduce the amount of vegetation that might take out power lines cause fires cause outages. Patient flow, which would be how to help accelerate getting patients through the e. R and also increase throughput. Four Hospitals within supply Chain We're doing number of different things way have four different offerings that focus on technology, telecom, retail, consumer goods and manufacturing. So, like industrial type clients, >>so pretty much standard vertical industry that we normally see that's cracking in the business. Yeah, so I'll get your thoughts on this. One of the observations I want to share with you and get your reaction is is that with cloud and with data, it's interesting these day. There's a really key part of all this you mentioned. I I t and Security. Obviously, it's pretty straightforward. You see, that way started adding machine learning and a I and the things that domain expertise of these verticals become the pacing item the ke ke i t, if you will with scale of that what's going on? That's right level. Are you seeing that this is a fertile ground for opportunities that how you guys see it? Can you >>you Absolutely I think I think where it centuries strong is in our industry, Ackerman not just to 19 security, but within different industry verticals on. Then you take our digital practice, which is where our data science is live, where they're developing advanced analytics models and essentially working with a lot of the open source modeling tools like python that integrates very well a Splunk. It gives us the opportunity to take that data that could be bundled up. It could be data rest, maybe three years of sales data, and we create a forecast with it and do that on top of spunk. Or maybe something where within a supply chain or a flow within a hospital, were able to use machine learning to start to move some of the computer and thought from human beings to machines >>were some of the innovative service is you guys have built on top of Splunk because they're enabling platform. So again, opportunities. What are you guys doing in the >>soles? So both in the retail and in the technology space, we've created a couple of punishment engines. When you think of a supply chain, I need to know what my forecast is. What do I plan to sell? How many items. Do I need to have an inventory in the warehouse and in the store? And then how am I gonna get those items? And then how many should I order the next day? So we're using Splint to figure all of that out. >>What sort of surprise? Learnings You've got a deal with flunk because has always seems to be a new revelation when people get data and they start playing with insights. Beyond that, some sort of business breakthroughs are weird. Things happen when you start playing with data. Any anecdotal surprises, their learnings. You've seen >>a, well, a tremendous number. And in fact, what what happens is when you start to open up the silos. So most of our clients are stuck with a lot of legacy technologies that they've acquired over the last two or three decades. Splunk enables to open that Optimus get insights that we couldn't before. So it could be it could be. I could get a patient through a particular process, you know, twice as fast is what historically had been able to do. Or maybe for examples, something that Doug Merit mentioned yesterday, which is where we're partying very closely with Splunk for human trafficking. We've created an offering where split it already gone out created Data Lake of a lot of data from educational entities. Ngo's government agencies we took that builds a machine learning on top of it and able to identify high value targets or establishments that have a high risk of human trafficking, which is already starting to get results. In Florida, >>you mentioned health care no multiple times, someone of your key verticals. >>It is one that's emerging is very exciting. And it's kind of evidence of where we're working really well, a sponge. A lot of cases we've developed things that we take into Splunk, and we go to market together. In this particular case, Splunk created patient flow, took it to us. And now we're working to identify about a dozen different hospitals where we're gonna go meet with their CEOs and talk to him about what we can do to help them increased profit and patient satisfaction at the same time. >>What some of those conversations, like when you go and knock on the doors and say, Hey, I got a new secret weapon to solve your problems because this is its new things that people have these problems that couldn't have attacked before in the past. Now they have potential capabilities. What are some of those conversations? Take out there like Come on in, educate me. I want to buy right away or door slammed in your face and get his attention. >>Well, so way just had a really exciting meeting with a very large brochure in the Midwest. And as was explaining the different things that we could do a Splunk she actually the head of supply chain. Excuse me. It almost seems like fairy dust to me. In other words, the hardest challenge that I have sometimes is able to say, Look, you're used to doing this 24 months, maybe 36 months. I think I could do it free in less than six, and that's just so hard for them to absorb. So So a lot of cases it's it's transitioning to Well, let us figure out how we could prove that to you. Doing some kind of a concept or a pilot. >>You know, it's interesting is that you know, when you see people get set up with data platform, it's kind of editor of stage. Let's set the foundation. Let's make sure things flowing in you well. And then they started getting some discoveries here and there, and then they get business value, and then it kind of goes to another level. I think this is where things I see you guys doing well and others here in the ecosystem floor, and that is that It's a workflow optimization issue, I think. Wait a minute, way have all this data. Well, let's go do this. That's a little bit more of a ballistic business process or some sort of. >>That's right. Your >>challenge. Is that how >>you Yes. So I would say you always have a business process, at least in the industry verticals, and you have a lot of data that silo on. Then you crack those silos open on, then it's really basically intersection of what we would call planning and execution, which is, for example, maybe I have on oil rig and I have a ship that is taking materials and people back and forth. But now I know that I have actual things. Head into that port where if I send this ship now, I'm gonna have to come back in the next 24 hours. If I hold that ship off for two or three hours, then I can get more materials and people on board, and I don't have to come back for another 48 hours. So now I've just reduced greatly my operating costs. >>And I think that's interesting. Is that you think about what you just said, Yeah, go back 15 years. What's the data base scheming and make that happen. Date is over there, it's over. They're gonna write a query that Leighton see. It never happens. >>It's Jackie, right? So we're kind of out of the business of trying to fit square pegs into relational round holes, which takes the better part of maybe 50% of a lot of projects to implement those solutions. And so, with spunk, you're basically dumping the date end and you're layering your scheme on top of it, which enables you to accelerate delivery. And additionally, I don't have to cobble together and stitched together multiple technologies to do ingestion analytic storage visualization so I could mobilize teams much more quickly. Then it would traditional solutions. >>You know, Mike, I'd love your thoughts on the center's transformation because looking at you. What you guys have done is a company. It's been interesting, a lot of successes. But firm's been around for a while, right? So impressed. Different names don't back the old school back minicomputers. You know, rolling out projects had long arises. Multiyear. Now the speedy a name has completely changed clouds. Here you got data. How has the Splunk on these Modern technology has changed the centers engagement practices. >>I think you're touching on what we would probably call agile delivery, right or continuous delivery, where our clients don't want to push off from shore into a big bang project where they don't get to see the results for 12 to 24 months. That's a lot of risk for them. So what's book enables us to do, really is to do a delivery and deliver value in Angel's sprints in three 12 you know, 16 weeks sprints where we're literally be giving them value. We also don't have to understand all of the data. If you're using relational databases, you pretty much have to understand everything before you push off from shore with spunk. I can no minimal amount and start and deliver value, and then as I go, I'm learning more about my data. I could deliver more use cases and more value. >>It's interesting, you know, go back to the old enterprise sales model. You know, you do a pilot or a POC poc that a pilot with pilots, a date and that's what months and then Then the decision makes. And then you got to start over for the time that it'll happen in about months. A year. Yeah, technology changes. >>That's right. >>You guys are doing essentially agile sprints that are kind of like a little Mini p O sees. That's that's correct. Docs are actually really work. >>That's right. That's >>the new seems like the new sales model is that >>Well, I would say it's something that, with the rapid prototyping capability, like a sponge that gives us that flexibility todo depending on what we're doing, we may not have that flexibility. We may be limited by the technology. >>How would you describe the strength of censure Splunk partnership? >>It's a very strong So like I mentioned before, we way started to a nap three years ago. Way just renewed that relationship in February, and we've added more practices from within Accenture like digital practice. So now we have strategy, digital technology and security. We're focusing in doubling down and security in our I T markets, but also then starting to explore new industry verticals in Business analytics and Io Ti. As I explained earlier, we're bringing things to Splunk in there helping us cell, and they're bringing things to Austin. We're helping themselves, and there's a lot of excitement. I mean, I think it's really a combination of the right people with the right industry knowledge at the right time with the right technology. >>Final question in the industry For a while, you see the waves pretty big wave run now. Lot of confluence coming together. Multiple different Durant cloud data scale, everything speed. What's exciting you these days? What's the big story that people should pay attention to right now? Well, in this space, I >>think it really dovetails into Doug Steam, and I don't mean Thio, really, you know, piggyback on that. But it's true, and that is that so many of our clients, you know, still have a lot of technical debt from decades ago, and we get to come in there and say, Look in a matter of weeks and months, we could help You make sense of this way, can help you capture revenue you couldn't capture before Dr Out costs that you couldn't drive out before and reduce risk that you couldn't reduce before. So I mean, it's it's probably the best time of my entire career. >>Frankly, Cooper, daddies and certainly containers helps. Yeah, make those legacy workloads somewhat compatible with modern infrastructure. When you have those technical debt conversations with customers kind of realizing like I'm on the verge of bankruptcy, what do I do it? Is it more advisor? You guys come in, more counseling slash get developed? >>Yeah, yeah, A lot of times it's It's helping them to come in and assess what their situation is. Help them build a road map into the future. Sometimes it's rationalizing some of the technical debt. Sometimes it's how can we augment what you already have? And then and then in the future is that reaches end of life. We almost just turn it off. But you're up and running, you know, on this other platform that we've augmented into that ecosystem >>So tech flow positive. >>There you go. >>Yeah, cash flow positive take from technical debt from checked bag. Mike. Thanks for coming up. Appreciate it. Thanks for the knights. Thanks for having me. Great insights. You get all the data and the insights here. Workflow is rocking the cube. Second day of three days. I'm John Barrymore coverage after this short break.

>> Announcer: Live from Las Vegas, it's theCUBE! Covering Splunk .conf19. Brought to you by Splunk. >> Okay, welcome back, everyone. It's theCUBE's live coverage here in Las Vegas for Splunk's .conf 2019. It's the 10th year of .conf and we have two great guests, Rick Fitz, senior vice president, general manager of groups at Splunk, and Karthik Rau, vice president, area GM of SignalFx. The big story is SignalFx acquired by Splunk. Rick, you sponsored that. Guys, welcome to theCUBE, great to see you guys again. >> Yeah, great to be here, Jeff. >> Great to be here. >> They just broke a world record for the bike on intro there. >> Rick: They did. >> Pretty exciting what's going on here, a lot of records being broken. Splunk just continues to move the needle on capabilities, product, platform, brand messaging. SignalFx coming, we've been reporting on it since their founding, really in your wheelhouse, you guys bought them for a good number, a big number? >> Rick: Yup. >> Why? What's going on? Why the interest in SignalFx? >> You know, for a long time, we've been watching, I would say, perhaps, patiently, watching the market and the trends, and we were really waiting for a time where the new application architecture was really going to kind of start to take hold, where this cloud native trend that we've been seeing where people are building applications, where people are actually delivering applications to market in quite a different way, would finally get some escape velocity, and we've been watching patiently for that to occur. And as we saw that last year start to accelerate, really, we went out and surveyed the entire market and, of course, at the end of that survey, resulted in the acquisition of SignalFX, and also of Omnition. And so we bought those two companies, and have combined them to deliver on our vision of what we've trying to do for DevOps. >> Rick, you and I had a conversation in 2015 here in theCUBE at the .Conf at that time, you were on the IoT, you saw this wave, again, you've been patient. What about IT operations that's happening now that makes this so critical for Splunk? 'Cause IT operations, we know what automation's doing, machine learning toolkit, getting a lot of rave reviews. People love to automate things, but more apps are coming. What's the motivation now? What was the critical linchpin for you to make this happen? >> Yeah, exactly. What we're seeing is, in traditional IT operations is this world where developers build these monolithic applications, hand 'em off to operations, and they operate it. And then in the same conversation, you'll get handed over to somebody running, if you will, developer engineering or cloud engineering or they have various different levels for it but you're really dealing with an engineering organization and they're being tasked with digitization of their enterprise and very strategic investments are being made there, but they're also being asked to build things at high availability, high scalability, and highly reliable with lots of change. So it's kind of the competitive advantage of the enterprise. And as I was seeing that occur more and more I just saw the distance between IT operations and development, kind of, separate, and I said, wow, that's interesting 'cause it's being driven by this new application architecture, or cloud native architecture. And I didn't want to be left behind. I wanted to actually be able to build a bridge for IT operations into this future. And I think this future trend is something that's going to be lasting for the next 10, 15 to 20 years. So I think this is very strategic to Splunk and very important for us to get right for the long-term, but I also see my role as part of Splunk, is to make sure that we take IT operations into this new world, because these new worlds, and if you will, the existing worlds, those operating models are quite different. >> John: Yeah. >> They operate differently. They think differently. They, in one they own their code, they're on call. In another one they're waiting for something to fix so then they try to, you know, we're waiting for something to break and then they fix it. So we're trying to actually help enterprises across that entire gambit with some pattern. >> And certainly with security the theme here, at this event, this is a security event too, on top of everything right? So, this is what it's turned into. >> Rick: That's right. >> Data is driving a lot of security polemetry and data's important for security, so. >> Yeah. >> I mean, that's operations. >> That's right. And your apps have to be secured, in both worlds. >> Yeah. >> So, I think Splunk has a role to play in helping in this transformation for all of IT as it becomes much more developer centric. And, of course, as I said, that is really one of the strategic reasons why we led the acquisition Citadel FX in Omni. >> Well, we're looking forward to seeing how you handle the acquisition, of course, we were fans of the deal. Karthik, I got to ask you, every single company in observability space is going public. So, why, you could have gone public, why Splunk? Why sell to these guys? What made it a fit for you? >> Well, ultimately, we look at a number of things, or we looked at a number of things in making the decision and we wouldn't have done this with anyone other than Splunk. Just a strategic fit was just so great on so many levels. You know, when we started the company our goal was to solve the modern dream observability challenges for anyone building a cloud native application, and we knew that was going to be a long road. They're going to be a lot of things we needed to invest in and develop. And so we started on the metric side. We layered on distributive tracing and we took a philosophy that we wanted to build an enterprise great, scalable, robust, feature-rich set of technologies. We weren't in the market to build, you know, SMB, kind of very simple, limited type of a product. We're really focused on the larger, more sophisticated customers. And so, as we looked at continuing to extend our portfolio, one of the things that we needed to invest in was in the logging space because, when you think about the trifecta of monitoring data types that you need, you know, logging is a big part of it. And we knew that we wouldn't be able to go and build a logging system from the ground up that would be robust enough to support enterprise use cases, and so we started a partnership conversation with Rick and team, and it just became very clear through that process that there was a tremendous amount of product fit, vision fit, culture fit, values fit. Just everything was so aligned that we realized that we could do so much more together as one company. So, we rounded out the solution portfolio, or the technology portfolio quite substantially over night by becoming a part of Splunk and then the other part of it too is, you know, we saw as we were dealing with customers, we were dealing mostly with native cloud native, cloud first customers. But a lot of the customers that we were, that were prospects, that we were talking too were more traditional enterprises who were not 100% of the way there yet. Some of them weren't even 10% of the way there yet. And it was difficult for us to really engage in conversations early with them, to help them understand what does it mean to shift from traditional IT ops to DevOps because we didn't have a relationship with them on the IT ops side of things, and so, the other thing that we were really excited about being a part of Splunk is we can be a part of that conversation from the very beginning when the customer, you know, maybe they're just beginning to think about it and they don't have the urgency of doing it today but we can be there with them from the very beginning and help them get there on their timelines. >> This is an interesting discussion point because what you're highlighting and we've had conversations about your company about being a platform, not just a tool. So, you're getting at is that as you guys started getting more market share, you're platform needs, you needed logging. And meet the market leader, right here right? >> Yeah. >> That's right. >> So, you guys need them, so, partnering's hard when you're trying to build a platform. Now, you can have a platform that enables partners to build on top of it, but components of a full baked platform, it's hard to partner. Rick, what's your thoughts and reaction to that, because that's my statement, but do you agree with it? It's hard to partner in the platform, it's core competency. Look it, he struggled with logging 'cause he'd have to build out a boat load of new investment and you guys are already, just to catch up. >> Yeah, that's right. And I think the thing that needs to be stated here is in your large scale enterprises, they are truly looking for the best to breed, highly scalable environments, right, that we're talking about here. And, they want, they encouraged us to take a step in this direction. It was an obvious choice and I think that has been the reaction that we've kind of heard universally. Like, this is a great idea. This is a really strategic thing that you've Splunk folks have actually done. And so that's really encouraging and so I would agree with you. Partnering, and we were talking through it, but as we were talking, it's like, this is better not to partner in this case. >> John: Better together. >> One of the things that's really important is that logs, you know, that's what were all about. We've actually spent a lot of time in trying to invest into this streaming world of dealing with things in stream. And these guys have perfected it for Metrix, which is, that's the strategic aspect of this. And then combining what they had already done with Tracing, with Omnition, it just doubles down on this future of this application architecture that I mentioned. >> Some MMAs have a couple flavors to them. You buy a company, you throw them under a general manager, an executive, they kind of live there. Founders lead, you get the core tech, some team. The other scenario is full team comes in, hits the ground running. They're building out. They're going to own the build-out. It's seems to me based upon the Omnition acquisition, you're giving Karthik and team, kind of some reign here. >> Rick: Yeah. >> To go build this out. Is that how you guys see it? >> Yeah, that's exactly right. And so, both Speros and Karthik report to me. I'm their onboarding czar, as it were. But were really what we're going to focus on is customer success and achieving our business case. And really capitalizing on the opportunity. These guys were running a hundred miles an hour and we got to get them to got a thousand miles and we're only going to make adjustments to the business case in order to achieve that. And that's what we're here to do is to shepherd this organization in its entirety to the greatness that I think we all see out there. We're going to do that in a very careful, cautious way. >> Karthik, Omnition is a acquisition stealth company. Kind of a commitment saying hey, here's some more horsepower. Talk about how that happened and what's the purpose behind that acquisition. >> Well, I can let Rick talk to how it happened. And I'll talk about the other plans, so. >> When we surveyed the market we actually found that people have certain strengths. These guys that actually started their journey into tracing. I guess their first release was last December and so they've made some strides. And we kind of found Omnition through this discussion and we went like, oh my gosh. And we were in the process of doing the acquisition, doing due diligence. And we set everything on their roadmap is what these guys have done and vice versa. This is another combination that we can't pass up. This is, and what I told him the day we closed, I said, if you had the capital you would have done this, and he's like, yeah I would've. (chuckles) >> One of the things that Rick had asked me during our process was, what are the top three things that you would invest in if you had Slunk resources behind you. And I said Microservices APM, Microservices APM, Microservices APM, and so. >> And I got a big grin 'cause I obviously couldn't disclose what we doing but.. >> You know, the Omnition team, they're still in stealth so there's not a whole lot out there on the web about them. It's a phenomenal team. They've got people who are committers on some major open source projects, deeply technical, very, very shared philosophy to what we had a SignalFx in terms of open instrumentation, not having any proprietary lock in how you collect an instrument data. Very similar philosophies around leveraging the power of analytics and monitoring. And we just actually focused on different parts of the problem because we're both relatively early in this effort. So, we effectively doubled up the teams capacity over night and accelerated our roadmap by several quarters, so, I'm really excited about what we can do together with them. >> Well, are they the Bay area or they from.. >> They are Bay area base, yes. >> Okay cool. Well, I want to get your guys' thoughts on the keynote today. Feedback was authentic, kind of very cool keynote. As you guys bring this together, Rick, Karthik team, the optics, the messaging, what's the core positioning? What's, as you guys look at wholistic view now that you've invested in and are building out for customers, what's the posture? Take us through the keynote positioning. What's the marketplace, customer message around the future here? >> Yeah, I think it's really clear that what we're trying to do for IT organizations and application development organizations is build solutions that are modern and helpful to their core mission. And, by the way as I mentioned, in the world of new development, it's different, it's a different solution set. It's a different approach, a different operating model than it is in current IT operations. And so, one of the key messages we wanted to resonate is that we have the right solutions in both these worlds for you and that we're trying to develop an operating model of reactive response, a quick response, or engaging the right person in the problem, through our use of VictorOps for example, and using that as a way to be very intelligent about how we educate the people that are engaging in resolution process. So, we are trying to create a bridge to both worlds so that they can both be successful. And then under pit that, of course, with automation that can be leveraged in both worlds as well. So, that's what we're trying to convey. We know it's early days, by the way, these guys have been with the company for three weeks, so, it's kind of like, wow. >> Culture shock. >> Culture shock. >> Throw into deep water. Yeah, let's throw you out on stage in front of 11,000 people and see if you can swim and they did phenomenal, by the way. But that was kind of the key message and we're so excited because we just, we feel like were just in the first inning of perhaps a 19 or 20 inning game, 'cause I think it's going to be a lot of fun. >> Karthik: Yeah it is. >> And it's going to be close out here but we're really excited to be able to bring this to market. >> I mean, it's amazing coming in now three weeks in to see the breath of technology that's available and that's going platform. And, you know, what struck me today watching the keynote was just, you know it's such a feature rich and such a broad platform from everything in the, with the core, indexing capabilities that everyone's known about a long time. All of the ML, the additional capabilities we're going to bring in on the metric side. >> Yeah. >> And then the use cases just across every persona, there's just so much that we can do. >> What do you think of the culture? Are they run hard? They a playful company? They like to work hard, play hard? >> Yup. >> But they also are focused on real customer value. They got great engaged communities. What's your take of the culture so far? >> Yeah, absolutely. I mean culture fit was a really important part for us if we're going to be acquired by a company and be a part of a larger organization. Their kindred spirits I feel to the way we ran SignalFx. It's a very customer focused organization, great technology and engineering culture. And it's hard to find both, right? It feels like every organization is very important and very well respected. It's not like heavily skewed to it's just all about engineers, it's all about sales, it's very balanced culture and it's very customer focused. >> Guys, congratulations. Big deal. They don't see these kind of mega deals, they come along once in a while. It's a big bet. Good luck with everything, Rick. Thanks for coming on. Final question for both of you, what's the big take-a-way to take back to the office as you leave .Conf this week? What's going to resinate the most with you guys that you're going to take back as feedback? >> For me its, you know, I get my energies from customer conversations. We all do here at Splunk. If you're having a bad day, go talk to a customer and then they walk you and stop you in the hall and say, you know we really thank you again doing what you do. And so it just, I take back from this always that what we do matters and is important and just keep chugging along at it because we're doing some really good work out there that's really helping lives. And that's really important. >> John: That's good therapy. >> Yeah. >> When a bad day, talk to a customer. >> Go talk to a customer. >> I love you guys. (laughs) What's your take-a-way? >> I'm just, I'm thrilled at the number of customers who are coming up to me and saying how excited they are about the acquisition and working with us. You know, that's really re-affirming for me and it's just super exciting to see what we have ahead of us. >> You guys have a great tech following. A lot of tech leaders who knew you guys, knew you had good stuff so congratulations. Great Validation. >> Yup. Thank you. >> John: Good job >> Thank you John. >> Thanks you guys for coming on theCUBE. Great insight. Thanks for sharing all that data. (laughs) Data to everywhere here on theCUBE. I'm John Furrier, more coverage after this short break. (upbeat music)

>>live from Las Vegas. It's the Cube covering Splunk dot com. 19. Brought to You by spunk. >>Hey, welcome back. Everyone's live Cube coverage in Las Vegas. That's plunks dot com. 2019 thistles their annual customer conference, where they unleash all the new technologies, announce all the new things. Everyone's here. It's the 10th anniversary of Splunk dot com cubes. Seventh year we've been covering slung been quite the journey from scrappy, startup going public growth phase. Now market leader on Outside has to come to success from the products and the engineering. And, of course, the people in the field that that served customers. And we're here with Susan St Leger, who's the president of worldwide field operations. Thanks for coming back to see you. >>Thank you, John. It's exciting to be here. >>So in the keynote, bringing data to every outcome is really the theme. Um, you seem to got a spring to your step here. You excited this year? What an amazing successful show because you got a platform. But the proof is out there. You got that ecosystem. You got people building APS on top of it. It's kind of all coming together this year, >>It sure is experience. It's it's it's just it's a huge leap forward, and I think so. Much of it is a vision of data to everything. And if you think about it, we talk about. We want to bring data to every question, every problem in every action. And the biggest thing you're going to see that you did see in the show is it's no longer just about the Splunk index. We're going to help you get you get value out of data wherever it lives. >>You had some big news on acquisition front Signal FX. Big chunk of change for that company. Private hot category. Observe ability, which really taste is out. That next 20 mile stare in the marketplace, which is cloud native. >>That's a >>cloud Service is, which comes together in the platform with logging coming together. >>Yeah, so exciting Way looked hard at that entire market, and signal FX was definitely the right answer. They operated a scale similar to us. They know how to how to operate it that scale, and so they're gonna be able to serve our customers well. And our view of the world is it's going to be hybrid for a very long time. But they serve that new cloud native world better than anybody else. It's It's when you do monitoring the cloud native world. It's really interesting to think about it. It's all made up of Micro service is right. So thousands of Micro Service's hundreds, thousands of Micro Service's and so in traditional monitoring, it's always you're tryingto monitor things you know could go wrong. In a microt service landscape, you don't know everything that could possibly go wrong. And so it's a level of complexity that's just very different. And so it's all about instrument ing, so that when something does go wrong, you can solve it. >>You guys have a very loyal based customer base, and that's again testament success. But the product has changed, and the value problems is emerging even further with data. That's a big theme. Data to everywhere, everything and security has come up on the radar a few years ago, here, the show. But this almost is a full blown security show at this point, because security center of everything you can't ignore it's become a centerpiece of everything data, the access to the diversity, How is that impacting the field because you're not. I mean, I guess you're a security company enabler and solve security problems. Date is a big part of it. Sure, I was at shaping your operations, >>So I think the thing to understand is correct. We're not just a security company, but we are number one in the security Magic quadrant. We're number one in both I. D. C and Gardner, and so that's important. But what happens is all the data the equal act for security can also be used for all these other use cases. So, generally speaking, whatever you're collecting for security is also valuable for I t operations, and it's also valuable for many other use cases. So I'll give you an example. Dominoes, which is a great customer of ours. They're gone 65% of their orders now come in digitally, okay? And so they monitor the entire intend customer experience. But they monitor it not only from a nightie operations perspective. That same data that they used righty operations also tells them you know what's being ordered, what special orders are being made and they use that data for promotions based upon volume and traffic and timing. they actually create promotion. So now you're talking about the same data that he collected for security night operations you can actually use for promotions, which is marketing is >>not a lot of operating leverage in data. You're getting out this. The old model was is a database. Make a queer. You get a report. Little time problem there. But now you have. Well, that other date is over there in another database. Who runs that data? So the world has certainly changes now, data needs to be addressable. This seems to be a big theme here on undercurrent. I know data to everywhere is kind of global theme, but don't diverse data feeds a I cracked and address ability allows for application access. >>Correct. So we look at the entire data landscape and say, we want to help you get data value out of your data wherever it lives. And it's right now, we've changed to the point where we are operating on data in motion, which is with data stream processor, which is hugely beneficial. You mentioned you know, a I m l way actually do something so unique from an ML perspective because we're actually doing the ml on the live streaming so, so much more valuable than doing it in batch mode. And so the ability to create those ML models by working on live data is super powerful. >>Good announcement. So you guys had the data processor. You have the search fabric, >>data fabric search, >>real time and acceleration our themes there. I want to get your thoughts on your new pricing options. Yes. Why now? What's that mean for customers? >>So if we want to bring data to everything, we have to allow them to actually get all the data right? So we needed to give them more flexible models and more alternative models. So for some people and just motto is very comfortable. But what they want it was more flexibility. So if you look at our new traunch pricing are predictable pricing, there's a couple of things that we've done with it. Number one is from 125 gig all the way up to unlimited. We'll show your predictable pricing so you don't have to guess. Well, if I move from 20 terabytes 2 50 what's that gonna cost me? We're gonna tell you, and you're gonna know and so That's one. The second thing is you don't have to land on the exact ingest. So before, if you bought a terabyte, you got a terabyte. Right now there's a traunch from 1 to 2 terabytes. There's a trunk from 2 to 5 terabytes. And so it gives the customers flexibility so that they don't have to worry about it coming back to buy more right away. >>So that's kind of cloud by as you go variable pricing. Exactly. I want your thoughts on some of the sales motions and position and you guys have out in the field. Visa VI. The industry has seen a lot of success and say Observe ability. For instance, Southern to Rick and Kartik About this. Yes, you guys are an enterprise software cloud and on premises provider you Enterprise sales motion. >>Yes, >>there's a lot of other competition up there that sells for the SNB. They're like tools. What's the difference between an offering that might look like Splunk but may be targeting the SNB? Small means business and one that needs to be full blown enterprise. >>Yeah, so I think the first and foremost most of the offerings that we see land in S and B. They have scale issues over time, I and so what we look at it and say is and they're mostly point products, right? So you can you can clutter up your environment with a bunch of point products, doing all these different things and try and stitch them together. Or you can go with this fun clock for him. So which allows you thio perform all of the same operations, whether B I t Security or Data Analytics in general. But it really isn't. It's about having the platform. >>You guys, what reduced the steps it takes to implement our What's the value? I guess. Here's Here's the thing. What's the pitch? So I'm on Enterprise. I'm like, Okay, I kept Dad. I got a lot of potential things going on platform. I need to make my data work for me any day to be everywhere. I au g Enterprise Cloud. What's the Splunk pitch? >>So our pitches were bringing dated everything, and first and foremost it's important. Understand why? Because we believe at the heart of every problem is a data problem. And we're not just talking t and security. As you know, you saw so many examples. I think you talk to his own haven earlier this week. Right? Wildfires is a data problem New York Presbyterian is using using us for opioid crisis. Right? That's a data problem. So everything's a data problem. What you want is a platform that can operate against that data and remove the barriers between data and action. And that's really what we're focused on. >>He mentions own haven that was part of Splunk Ventures Fund. You have a social impact fund? Yes, what's the motivation line that is just for social good? Is there a business reason behind it or both? >>What's this? So we actually have to social focuses. One is long for good, and that is non profit. What we announced this, what we announced a couple weeks ago that we reiterated yesterday was the spunk, social impact funds, a splint venture social impact fund, and this is to invest in for profit companies using data for social good. And the whole reason is that we look at it and so we say we're a platform. If you're a platform, you want to build out the ecosystem, right? And so the Splunk Innovation Fund splint Ventures Innovation Fund is to invest in new technology focused on that that brings value out of data. And on the other side, it's the spunk. Social impact. Thio get data companies that are taking data and creating such a >>Splunk for good as Splunk employees or a separate nonprofit. And >>it's not a separate nonprofit entity, but it is what we what we invest in. Okay. >>Oh, investing in >>investing in non for profit. Exactly like when we talked about the Global Emancipation Network right, which uses Splunk to fight human trafficking. That's on the nonprofit side. >>So take me through. This is a really hot area we've been covering for good because all roads I want now is for bad. Mark Zuckerberg's testifying from the Congress this morning kind of weird to watch that, actually, but there's a lot of good use cases. Tech tech can be shaped for good. A lot of companies are starting and getting off the ground for good things, but they're kind of like SMB, but they want the Splunk benefit. How do they engage with spunk if I'm gonna do ah social impact thing say cube for good? I got all this Tech. How do I engage punk? I wanted, but I don't know what to do. Have access to tools? How do I buy or engage with Splunk? >>Yes, start parties. Fund managers is making sure it's not just money, right? It's money, its access to talent. It's access to our product. And it's, you know, help with actually thinking through what they're trying to achieve, so it really is the entire focus. It's not just about the tech, Thea. Other thing I would say is you saw that we put out a Splunk investigate, and you also saw us talking about spunk, business slow and mission control. Those air now all built on a native SAS platform. And so the ability for our ecosystem now to go build on a native son platform is going to be incredibly powerful. >>So you expect more accelerated opportunities that all right, what's your favorite customer success stories? I know it's hard to pick your favorites, like picking a favorite child may be filled with the categories. Most ambitious class clown class favorite me. What's the ones you would call a really strong, >>so hit on a couple of my lover Domino story and the other one that I love, that I touched on. But I want to expand on because I think it's an amazing story. Is New York Presbyterian on using the Yes See you sprung for traditional security for private patient privacy. They also use it for medical devices. But here's the thing they use it for to help the opioid crisis. And you're like, How is opioid crisis a data problem? What they do is they actually correlate all the data that so doctors are prescribing the opioids who they're prescribing them to a number of prescriptions being building their pharmacy and then the inventory of opioids. Because they actually have sensors on all the cabinets where they get the opioids, they correlate all the data, and they make sure that if they understand if opioids being stolen from the hospital, because what people don't understand is that the opioid a lot of big part of the opioid crisis starts with hospitals to say of such a big volume of opioids. And so that, to me, is just I guess I love it because it's a great customer success story. But it's also again, it's so much fun doing good problem. >>A lot of deaths. I gotta ask you around your favorite moments here dot com, and you're a lot of conversations in your customer conversations this year. Let's do a little Splunk of the Cube right now can take the patterns, all the data, your meetings. What's the top patterns that are emerging? What are some of the top conversation themes that just keep popping up with customer? Specifically, >>I think the biggest thing is that they have seen more innovation unleash this year than they have ever seen in one year from Splunk. The other thing is that we've gone far outside of our traditional spunk index right and that the portfolio has grown so much and that we're allowing them to operate and get value out of the data wherever it lives. So data in motion and then you saw in data fabric search. We'll let you query not only the Splunk indices, but also H D. F s and s three buckets and more buckets to come. So more sinks if you will. So, really, what we're trying to do is say, we're just going to be your date a platform to help you get value >>Susan, you're a great leader and slung. Congratulations on your success again. They continue to grow every year. Splunk defies the critics. Now you're a market leader. Culture is a big part of this. What is your plans this year To take it to the next level? You're president of field worldwide, field operations, global business landscape. What are some of your goals and objectives on culture >>and the culture? So thank you, Jon. First of all, for your comments and were so committed to our culture, I think you know, as you grow so quickly, it takes a real effort to stay focused on culture way, have an incredible diversity and inclusion program. Onda We do way. It's a business imperative for us. Every single leader has diversity, diversity, inclusion, focuses and targets. And so I think that's a huge part of our culture. And the reason I say that, John, I don't know if you've ever heard about a 1,000,000 data points. Did anybody ever way Always talk about, you know in different different settings will share a couple of our 1,000,000 data points. What we want to make sure is a culture is that way. >>We >>have our employees showing up with their authentic self and because you do your best work when you can show up is your authentic self. And so we have people share a handful of their 1,000,000 data points at all different times throughout the year to get to know each other as individuals, as human beings and really understand what matters to each other. And I love that 1,000,000 data points culture, and I got that. We truly live it. And again it's It's about authenticity. And so I think that's what makes us incredibly special. >>And inclusion helps that trust >>fund elaboration, yes, and also just add to that. We're very proud of the fact that we made the fortune list this year for best places to work for women. So it shows that our focus, you know, we started. We started revealing our metrics just about two years ago, and we've had significant improvement way. Believe that what you focus on what you measure is what you improve. So we started measuring and improving it, and this year we made the list for a fortune that's called walking. It is Congratulations. Thank you. We're very excited about >>awesome on global expansion. I'm assuming is on the radar. Well, >>always, especially at this point. We're ready to double down and some of the tier one mark. It's a lovely for sure >>wasn't saying. Legend. President of worldwide field operations here inside the Cube. Where day to slung dot com 10th anniversary of their customer conference Our seventh year covering Splunk Amazing Ride They continue to ride the big wave. Thats a Q bring you all the data on insights here. I'm John Ferrier. Thanks for watching.

>>Live from Las Vegas, you covering splunk.com 19 brought to you by Splunk.. >>Okay. Welcome back everyone. That's the cubes live coverage in Las Vegas for Splunk's dot com user conference 10 years is their anniversary. It's cubes seventh year. I'm John Farah, your host with a great guest here. Joe Partlow, CTO of rely AQuESTT recently on the heels of vying thread care and Marcus, Carrie and team. Congratulations. They'd come on. Yeah. Yeah. It's been a been a fun month. So obviously security. We love it. Let's take a minute to talk about what you guys do. Talk about what your company does that I've got some questions for you. Yeah. So you know, obviously with the increasing cyber threats, uh, you know, uh, security companies had a lot or customers had a lot of tools. Uh, it's easy to get overwhelmed, um, really causes a lot of confusion. So really what we're trying to do is we have a platform called gray matter that is really kind of how we deliver security model management, which what that means is that's bringing together people, process technology in a way that's easy to kind of make sense of all the noise. >>Um, yeah, there's, there a, a lot of features in there that would help monitor the health, uh, the incident response, the hunt, um, any kind of features that you would need from a security. So you guys are a managed service, you said four? >> Yeah. Yeah, a different, a little different than a traditional MSSP. We um, you'll work very close with, uh, the customers. Uh, we work in their environment, we're working side by side with them, uh, in their tools and we're really maturing and getting better visibility in their environment to get that MSSP for newer. >> Right. That's where you guys are. M S S VP >> on steroids. A little bit different. >> Alright. Well you guys got some things going on. You got a partnership with Splunk for the dotcom sock. Oh yeah. Talk about that with set up out here. And what's it showing? Yeah, that's been a great experience. >>Uh, we, we work very close with the Splunk, uh, team. Uh, we monitored Splunk corporate, uh, from a work with skirt team monitoring them. Uh, so when.call came around, it was kind of a natural progression of Hey, uh, you know, Joel and team on their side said, Hey, how do we kind of build up the team and do a little bit extra and I'll see any way that we can help secure.com. Uh, it was really cool. I give credit to the team, both teams, uh, standing up a, uh, new Splunk install, getting everything stood up really in the last few weeks, uh, making sure that every, uh, everybody at the pavilion and the conference in general is protected and we're watching for any kind of threat. >> So it's, it's been great working with the Splunk team. So is that normal procedure that the bad guys want to target? >>The security congresses? This is gonna make a state visit more of graffiti kind of mentality. It's an act kind of lift, fun, malicious endpoints that they want to get out of here. Oh yeah. There's, there's a little bit of a, you know, let's do it for fun and mess with the conference a little bit. So we'll want to make sure that, that that's what happened. So is my end point protected here? My end points, my phone and my laptop. Uh, not the user specific but any of the conference provided demo stations. Okay. So or structure for the equipment, not me personally. You are not monitoring your personal okay. I give up my privacy years ago. Yes. This is a interesting thing to talk about working with spunk because you know, I hear all the time and again we're looking at this from an industry wide perspective. >>I hear we've got a sock, they got a slot. So these socks are popping up yesterday. Operation centers. What is, what is the state of the art for that now? Is it best practice to have a mega Monster's sock or is it distributed, is it decentralized? What's the current thinking around how to deploy Sox surgery operations center or centers? Yeah, we certainly grow with a decentralized model. We need to follow the sun. So we've got operations centers here in Vegas, Tampa and Dublin. Uh, really making sure that we've got the full coverage. Uh, but it is working very close with the Splunk socks. So they've got a phenomenal team and we work with them side by side. Uh, obviously we are providing a lot of the, uh, the tier one, tier two heavy lift, and then we escalate to Splunk team. They're obviously gonna know Splunk corporate better than we will. >>So, uh, we work very close hand in hand. So you guys acquired threat care and Marcus carries now in the office of CTO, which you're running. Yes. How is that going to shape rely a quest and the Europe business? >> Yeah, the acquisition has been extremely, uh, you know, uh, exciting for us. Uh, you know, after meeting Marcus, uh, I've known of Marcus, he's a very positive influence in the community, uh, but having worked with him, the vision for threat care and the vision for Lioncrest really closely aligned. So where we want to take, uh, the future of security testing, testing controls, making sure upstream controls are working, uh, where threats they're wanting to go for. That was very much with what we aligned more so it made sense to partner up. So, uh, very excited about that and I think we will roll that into our gray matter platform has another capability. >>Uh, gray matter, love the name by the way. I mean, first of all, the security companies have the best names or mission control gray matter, you know, red Canary, Canary in the coal mine. All good stuff. All fun. But you know, you guys work hard so I know the price gotta be good. I gotta ask you around the product vision around the customers and how they're looking at security because you know, it's all fun games. They'll, someone's hacking their business trash or this ransomware going on. Data protection has become a big part of it. What are customers telling you right now in terms of their, their fears and aspirations? What do they need? What's on the agenda? Guests for customers right now? Yeah. I think kind of the two biggest fears, um, and then the problems that we're trying to address is one, just a lack of visibility. >>Uh, customers have so many things on their network, a lot of mergers and acquisitions. So, uh, unfortunately with a lot of times the security team is the last one to know when something pops up. Uh, so anything that we can do to increase visibility and that and that, a lot of times we work very closely with Splunk or send that they have out to make sure that it happens. And then the other thing I think is, you know, most people want to get more proactive. Uh, you know, salmon logging by nature is very reactive. So when he tried to get out in front of those threats a little bit more, so anything that we can do to try to get more proactive, uh, may certainly going to be on their, their top of mind. Well, the machine learning toolkits, getting a lot of buzz here at the show, that's a really big deal. >>I think the other thing that I'm seeing I to get your reaction to is this concept of diverse data. That's my word, not Splunk's, but the idea of bringing in more data sets actually helps machine learning that's pretty much known by data geeks, but in making data addressable because data seems to be the one thing that is all doing a lot of the automation that's takes that headway heavy lift and also provides heavy lifting capabilities to set data up to look at stuff. So data is pretty critical. Data addressability data diversity, you got to have the data and it's gotta be addressable in real time and through tools like fabric search and other things. What's your reaction to that and thoughts around that? No, I agree 100%. Uh, you know, obviously most enterprise customers have a diverse set of data. So trying to search across those data sets, normalize that data, it's, it's a huge task. >>Um, but to get the visibility that we need, we really need to be able to search these multiple data sets and bring those into make sense. Whether you're doing threat hunting or responding to alerts. Um, or you need it from a compliance standpoint, being able to deal with those diverse data sets, uh, is is a key key issue. You know, the other thing I wanna get your thoughts on this one that we've been kind of commenting, I've kind of said a ticket position on this gonna from an opinion standpoint, but it's kind of obvious but it's not necessarily true. But my point is with the data volume going up so massive, that puts the tips, the scales and the advantage for the adversaries. Ransomware's a great example of it and you know, as little ransomware now is towns and cities, these ransomware attacks just one little vector, but with the data volume data is the surface area, not just devices. >>Oh yeah. So how is the data piece of it and the adversarial advantage, you think that that makes them stronger, more surface area? Yeah, definitely. And that's something that where we're leaning on machine learning for a lot is if you really kind of make sense of that data, a lot of times you want to baseline that environment and just find it what's normal in the environment, what's not normal. And once you to find that out, then we can start saying, all right, is this malicious or not? Uh, you know, some things that uh, yeah, maybe PowerShell or something and one environment is a huge red flag that Hey, we've been compromised in another one. Hey, that's just a good administrator automating his job. So making sense of that. Um, and then also just the sheer volume of data that we, that we see customers dealing with. >>Very easy to hide in if you're doing an attack, uh, from an adversary standpoint. So being able to see across that and make sure that you can at scale SyFy that data and find actionable event. You guys, I was just talking with a friend that I've known from the cloud, world, cloud native world. We're talking about dev ops versus the security operations and those worlds are coming together. There are more operational things than developer things, but yet CSOs that we talked to are fully investing in developer teams. So it's not so much dev ops dogma, if you will. But we gotta do dev ops, right? You know, see the CIC D pipeline. Okay, I get that. But developers play a critical role in this feature security architecture, but at the end of the day, it's still operations. So this is the new dev ops or sec ops or whatever it's called these days. >>What's your, how, how do customers solve this problem? Because it is operational, whether it's industrial IOT or IOT or cloud native microservices to on premise security practices with end points. I mean, I, the thing we see that, that kind of gets those teams the most success is making sure they're working with those teams. So having security siloed off by itself. Um, I think we've kind of proven in the past that doesn't work right? So get them involved with their development teams, get them involved with their net ops or, or, you know, sec ops teams, making sure they're working together so that security teams can be an enabler. Uh, they don't want to be the, uh, the team that says no to everything. Um, but at the end of the day, you know, most companies are not in the business of security. They're in the business of making widgets or selling widgets or whatever it is. >>So making sure that the security, yeah, yeah, that's an app issue. Exactly. Making sure that they're kind of involved in that life cycle so that, not that they can, you know, define what that needs to be, but at least be aware of, Hey, this is something we need to watch out for or get visibility into and, and keep the process moving. All right. Let's talk about Splunk. Let's set up their role in the enterprise. I'll see enterprise suite 6.0 is a shipping general availability. How are you guys deploying and optimizing Splunk for customers? What are some of the killer use cases that's there and new ones emerging? Yeah, we've, we provide, you know, really kind of three core areas. First one customers, you're one is obviously making sure that the platform is healthy. So a lot of times we'll go into a, a customer that, uh, you know, maybe they, they, there's one team has turned over or they rapidly expanded and, and in a quickly, you kind of overwhelming the system that's there. >>So making sure that the, the architecture is correct, maintained, patched, upgraded, and they're, they're really taking advantage of the power of Splunk. Uh, from an engineering standpoint. Uh, also another key area is building content. So as we were discussing earlier, making sure that we've got the visibility and all that data coming in, we've got to make sure that, okay, are we pursuing that data correctly? Are we creating the appropriate alerts and dashboards and reports and we can see what's going on. Um, and then the last piece is actually taking, you know, see you taking action on that. So, uh, from an incident response standpoint, watching those alerts and watching that content flyer and making sure that we're escalating and working with the customer security team, they'd love to get your thoughts. Final question on the, um, first of all, great, great insight. They'll, I love that. >>As customers who have personal Splunk, we buy our data is number one third party app for blogs work an app, work app workloads, and in cloud as well as more clients than you have rely more on cloud. AWS for instance, they have security hub, they're deploying some of this to lean on cloud providers, hyperscale cloud providers for security, but that doesn't diminish the roles flung place. So there's a lot of people that are debating, well, the cloud is going to eat Splunk's lunch. And so I don't think that's the case. I want to get your thoughts of it because they're symbionic. Oh yeah. So what's your thoughts on the relationship to the cloud providers, to the Splunk customer who's also going to potentially moves to the cloud and have a hybrid cloud environment? Yeah, and now I would agree there's, you know, there are going to exist side by side for a long time. >>Uh, most environments that we see are hybrid environments. While most organizations do have a cloud first initiative, there's still a lot of on premise stuff. So Splunk is still going to be a, a key cornerstone of just getting that data. Where I do see is maybe a, you know, in those platforms, um, kind of stretching the reach of Splunk of, Hey, let's, let's filter and parse this stuff maybe closer to the source and make sure that we're getting the actionable things into our Splunk ES dashboards and things like that so that we can really make sure that we're getting the good stuff. And maybe, you know, the stuff that's not actionable, we're, we've up in our AWS environment. Um, and that's, that's a lot of the technology that Splunk's coming out with. It's able to search those other environments is going to be really key I think for that where you don't have to kind of use up all your licensing and bring that non-actionable data in, but you still able to search across. >>But that doesn't sound like core Splunk services more. That's more of an operational choice there. Less of a core thing. You mentioned that you think splints to sit side by side for the clouds. What, what gives you that insight? What's, what's, uh, what's telling you that that's gonna happen? What's the, yeah, you still need the core functionality of Splunk running with spark provides is a, you know, it's a great way to bring data and it parses it, uh, extremely well. Um, having those, uh, you know, correlate in correlation engines and searches. Um, that's, that's very nice to have that prepackaged doing that from scratch. Uh, you can certainly, there's other tools that can bring data in, but that's a heavy riff to try to recreate the wheel so to speak. We're here with Joe Parlo, CTO, really a quest, a pardon with Splunk setting up this dotcom SOC for the exhibits and all the infrastructure. >>Um, final question, what's the coolest thing going on at dotcom this year? What's, what should customers or geeks look at that's cool and relevant that you think should be top line? Top couple of things. Yeah, I, I, uh, one of the things I like the most out of the keynote was, uh, the whole, uh, Porsche use case with that. The AR augmentation on my pet bear was really, really cool. Um, and then obviously the new features are coming out with, with VFS and some of another pricing model. So definitely exciting time to be a partner of Splunk. Alright, Joe, thanks for them. John furrier here with the cube live in Las Vegas day two of three days of coverage.com. Their 10th year anniversary, our seventh year covering the Silicon angle, the cube. I'm Sean furrier. Thanks for watching. We'll be right back.

>>Live from Las Vegas. It's the cube covering splunk.com 19 brought to you by Splunk. >>Okay. Welcome back. Everyone live in Las Vegas. We're here for Splunk's dot com I'm John ferry with the Q, this our seventh year covering.com but.com 10th year of their end user conference, their customer conference. That's been exciting to watch the evolution of Splunk and how a lot of it's because of their great products. We have our next guest Pang, senior director of product line management for Splunk business flow. Welcome to the cube. Well I'm glad to have you. One of the successes of Splunk has been great products. They never deviate off the core, kept building on it a year in the senior director of product land for you know, business flows, analytics. All I see everywhere is dashboards and visualizations. It looks so easy. Tell us about what your products are doing. >>Yeah, definitely and you know, I think one of the places to start is just how we moved into this area and start the new product. A lot of people know us for it and security use cases, but a lot of our customers are also using it to address business needs. So what they really saw was the value of Splunk to pull data from across different silos. Um, so in a business sense it could be, I have different systems for maybe my leads sales and closing the books, right? Those are all disparate. It's really hard to pull it together. And so they came to us saying like, we'd love a way to stitch this together and be able to visualize it. And that was really where Splunk business flow was born from. So we actually simplify it by connecting all these disparate data points, creating a full journey view or a process view that you can graphically see what's happening and then point and click and drill in. So it's really opening up a whole new set of users for us with that. And a whole new set of use cases that way. Surely. Yes. So if you think about, we have tons of data, it's tens of events. If you know a common thread like a user and how they might go to the store and then do something online and really understand the customer experience. If you could actually thread that all together, who would knows so much more about their customer experience and that's what we're able to do and we do it seamlessly for them. >>Well the database guy in me from the old eighties college saying, I gotta write a schema for that. I got to store the data. I mean in the old way it was really hard to compare like the pain or even capability >>we're hitting. Exactly the pain point. Right. That's why it's been so hard to do that because it was so rigid. The beauty of Splunk is the scheme on raid aspect of it. So because we store all the data and then we can distract it as needed, we do the search on demand and that's how we're able to actually stitch it together. Yeah. Yeah. And I think like one of the things has been the struggle of, well people have made a lot of probably more conservative decisions earlier on in their data and that's why they weren't able to get the information. And so part the main pain point we always heard was I got one piece of data, but now that I look into it, crap, I need to know what else there is. And then you have, it's another three week cycle, right, to pull that data in, bring it all in. Well now that's all in Splunk. You can just pull it as you need it on. >>It's a use case. Then from an operations standpoint, they're pretty comfortable with handling slug. They know what it means to Splunk, the data. >>Exactly. And we really see it as a partnership between the Splunk admin as well as the business users. The Splunk admin helps to get it all set up and then the business user can actually investigate on their own and they don't need to know SPL or anything like that to be able to use the product. Exactly. That's a great question. So it's a premium solution. So you do need Splunk enterprise or Splunk cloud. And then this is stacks essentially on top of it. Um, and so it uses the underlying Splunk data, but then it's also doing the additional work of doing the correlation across it, stitching it together, providing the visualizations. And then from there you can do things like AB comparison mode. You can see conversion rates, you can drag it, you can drill down all the way into the actual event. So the beauty of it is being able to see the holistic picture but then go down into the individual Avenger. >>It's definitely the business analyst and I think there is some crossover with it and security as well. So we actually had a session here where our own it internal it use focus flow to monitor their ticketing system and look for black hole tickets. So have you, I don't know if you've ever, you know, submit an it ticket. You never hear anything back because it's gotten lost. But yeah, exactly. But what are those, what are those? Zachary, you're very fortunate, but it was one of those problems where you hear a lot of it departments, you know, you might've, because you're outsourcing certain portions, you lose some of those tickets. You don't know what happened. So they were actually able to use the product to see that. But it also applies to people within. Um, one example we have, sorry, I'm thinking of some public customers that we have. So Domino's is a public customer. Um, that was a beta customer that used it for payment processing on, on, um, Superbowl. So like that's another great, >>yeah, the obviously scale is huge there. The data. So I gotta ask the cloud question. Since we brought up cloud, is this service cloud enabled in the sense of, is it on an on premise thing or is it, does the workflow kicked into the analytics? How's the cloud play? >>Yes. So it sits on top of both. Um, so it works either with the Splunk enterprise or Splunk cloud enterprise license essentially. And then the actual architecture of it is a hybrid environment. So we have a hybrid component that's in our own host of cloud that feeds the UI. And the great thing about that is that we're able to update the product very quickly and push out updates to the customers very easily though. So, um, we first announced it back in may of this year and have added additional functionality as part of COF and it did come out of customers and then seeing the opportunity with the machine data. So, um, there are a lot of great stories that we've had historically. I think Dubai airports, you can see some different stories of for pupil piece, the journey together. And so out of those conversations bore was the idea was >>every product line has a list that didn't make the cut on the product is called the roadmap is also new things. What are some of the things that you see big picture areas that you're going to focus in on to extend out the capabilities and value of the product? >>You really see the product evolving the same way that you see a lot of the portfolio for all. So Doug has talked a lot about investigate, monitoring and analyzing and act, right. And so those same concepts apply into how you think about a process as well. So right now we're really helping the investigation and monitoring, but we'll also continue to extend across that spectrum of time. Yeah, definitely in how we've built the product. But also, um, I think it can sit alongside some of the other things that you're also seeing in that realm. >>Final question for you. For people that are watching that couldn't make the conference, what's the biggest, biggest story here for dotcom this year? How would you, >>I mean overall I really think it is our data to everything message that we're discussing. Um, I think today you can really see how we apply in all of these vast areas and really the power of being able to have access and make that data actionable and do something with it. Thank you so much. It's so nice to be with you today. >>John Barry here in the cube coverage here in Las Vegas with dotcom Splunk's annual conference. It's their 10th year, March 7th year covering them. We'll be right back with more day to coverage after this show. >>Right.

>> Is and who we are today as as a country, as a universe. >> Narrator: Congratulations Reggie Jackson, (inspirational music) you are a CUBE alumni. (upbeat music) >> Announcer: Live from Las Vegas it's theCUBE covering Splunk.Conf19. Brought to you by Splunk. >> Okay, welcome back everyone it's theCUBE's live coverage here in Las Vegas for Splunk.Conf19. I am John Furrier host of theCUBE. It's the 10th Anniversary of Splunk's .Conf user conference. Our 7th year covering it. It's been quite a ride, what a wave. Splunk keeps getting stronger and better, adding more features, and has really become a powerhouse from a third party security standpoint. We got a C-SO in theCUBE on theCUBE today. Chief Information Security, John Frushour Deputy Chief (mumbles) New York-Presbyterian The Award Winner from the Data to Everywhere Award winner, welcome by theCube. >> Thank you, thank you. >> So first of all, what is the award that you won? I missed the keynotes, I was working on a story this morning. >> Frushour: Sure, sure. >> What's the award? >> Yeah, the Data Everything award is really celebrating using Splunk kind of outside its traditional use case, you know I'm a security professional. We use Splunk. We're a Splunk Enterprise Security customer. That's kind of our daily duty. That's our primary use case for Splunk, but you know, New York Presbyterian developed the system to track narcotic diversion. We call it our medication analytics platform and we're using Splunk to track opioid diversion, slash narcotic diversions, same term, across our enterprise. So, looking for improper prescription usage, over prescription, under prescription, prescribing for deceased patients, prescribing for patients that you've never seen before, superman problems like taking one pill out of the drawer every time for the last thirty times to build up a stash. You know, not resupplying a cabinet when you should have thirty pills and you only see fifteen. What happened there? Everything's data. It's data everything. And so we use this data to try to solve this problem. >> So that's (mumbles) that's great usage we'll find the drugs, I'm going to work hard for it. But that's just an insider threat kind of concept. >> Frushour: Absolutely. >> As a C-SO, you know, security's obviously paramount. What's changed the most? 'Cause look at, I mean, just looking at Splunk over the past seven years, log files, now you got cloud native tracing, all the KPI's, >> Frushour: Sure. >> You now have massive volumes of data coming in. You got core business operations with IOT things all instrumental. >> Sure, sure. >> As a security offer, that's a pretty big surface area. >> Yeah. >> How do you look at that? What's your philosophy on that? >> You know, a lot of what we do, and my boss, the C-SO (mumbles) we look at is endpoint protection and really driving down to that smaller element of what we complete and control. I mean, ten, fifteen years ago information security was all about perimeter control, so you've got firewalls, defense and depth models. I have a firewall, I have a proxy, I have an endpoint solution, I have an AV, I have some type of data redaction capability, data masking, data labeling capability, and I think we've seen.. I don't think security's changed. I hear a lot of people say, "Oh, well, information security's so much different nowadays." No, you know, I'm a military guy. I don't think anything's changed, I think the target changed. And I think the target moved from the perimeter to the endpoint. And so we're very focused on user behavior. We're very focused on endpoint agents and what people are doing on their individual machines that could cause a risk. We're entitling and providing privilege to end users today that twenty years ago we would've never granted. You know, there was a few people with the keys to the kingdom, and inside the castle keep. Nowadays everybody's got an admin account and everybody's got some level of privilege. And it's the endpoint, it's the individual that we're most focused on, making sure that they're safe and they can operate effectively in hospitals. >> Interviewer: What are some of the tactical things that have changed? Obviously, the endpoint obviously shifted, so some tactics have to change probably again. Operationally, you still got to solve the same problem: attacks, insider threats, etc. >> Frushour: Yeah. >> What are the tactics? What new tactics have emerged that are critical to you guys? >> Yeah, that's a tough question, I mean has really anything changed? Is the game really the game? Is the con really the same con? You look at, you know, titans of security and think about guys like Kevin Mitnick that pioneered, you know, social engineering and this sort of stuff, and really... It's really just convincing a human to do something that they shouldn't do, right? >> Interviewer: Yeah. >> I mean you can read all these books about phone freaking and going in and convincing the administrative assistant that you're just late for meeting and you need to get in through that special door to get in that special room, and bingo. Then you're in a Telco closet, and you know, you've got access. Nowadays, you don't have to walk into that same administrative assistant's desk and convince 'em that you're just late for the meeting. You can send a phishing email. So the tactics, I think, have changed to be more personal and more direct. The phishing emails, the spear phishing emails, I mean, we're a large healthcare institution. We get hit with those types of target attacks every day. They come via mobile device, They come via the phishing emails. Look at the Google Play store. Just, I think, in the last month has had two apps that have had some type of backdoor or malicious content in them that got through the app store and got onto people's phones. We had to pull that off people's phones, which wasn't pretty. >> Interviewer: Yeah. >> But I think it's the same game. It's the same kind to convince humans to do stuff that they're not supposed to do. But the delivery mechanism, the tactical delivery's changed. >> Interviewer: How is Splunk involved? Cause I've always been a big fan of Splunk. People who know me know that I've pretty much been a fan boy. The way they handle large amounts of data, log files, (mumbles) >> Frushour: Sure. >> and then expand out into other areas. People love to use Splunk to bring in their data, and to bring it into, I hate to use the word data leg but I mean, Just getting... >> Yeah >> the control of the data. How is data used now in your world? Because you got a lot of things going on. You got healthcare, IOT, people. >> Frushour: Sure, sure. >> I mean lives are on the line. >> Frushour: Lives are on the line, yeah. >> And there's things you got to be aware of and data's key. What is your approach? >> Well first I'm going to shamelessly plug a quote I heard from (mumbles) this week, who leads the security practice. She said that data is the oxygen of AI, and I just, I love that quote. I think that's just a fantastic line. Data's the oxygen of AI. I wish I'd come up with it myself, but now I owe her a royalty fee. I think you could probably extend that and say data is the lifeline of Splunk. So, if you think about a use case like our medication analytics platform, we're bringing in data sources from our time clock system, our multi-factor authentication system, our remote access desktop system. Logs from our electronic medical records system, Logs from the cabinets that hold the narcotics that every time you open the door, you know, a log then is created. So, we're bringing in kind of everything that you would need to see. Aside from doing something with actual video cameras and tracking people in some augmented reality matrix whatever, we've got all the data sources to really pin down all the data that we need to pin down, "Okay, Nurse Sally, you know, you opened that cabinet on that day on your shift after you authenticated and pulled out this much Oxy and distributed it to this patient." I mean, we have a full picture and chain of everything. >> Full supply chain of everything. >> We can see everything that happens and with every new data source that's out there, the beauty of Splunk is you just add it to Splunk. I mean, the Splunk handles structured and unstructured data. Splunk handles cis log fees and JSON fees, and there's, I mean there's just, it doesn't matter You can just add that stream to Splunk, enrich those events that were reported today. We have another solution which we call the privacy platform. Really built for our privacy team. And in that scenario, kind of the same data sets. We're looking at time cards, we're looking at authentication, we're looking at access and you visited this website via this proxy on this day, but the information from the EMR is very critical because we're watching for people that open patient records when they're not supposed to. We're the number five hospital in the country. We're the number one hospital in the state of New York. We have a large (mumbles) of very important people that are our patients and people want to see those records. And so the privacy platform is designed to get audit trails for looking at all that stuff and saying, "Hey, Nurse Sally, we just saw that you looked at patient Billy's record. That's not good. Let's investigate." We have about thirty use cases for privacy. >> Interviewer: So it's not in context of what she's doing, that's where the data come in? >> That's where the data come in, I mean, it's advanced. Nurse Sally opens up the EMR and looks at patient Billy's record, maybe patient Billy wasn't on the chart, or patient Billy is a VIP, or patient Billy is, for whatever reason, not supposed to be on that docket for that nurse, on that schedule for that nurse, we're going to get an alarm. The privacy team's going to go, "Oh, well, were they supposed to look at that record?" I'm just giving you, kind of, like two or three uses cases, but there's about thirty of them. >> Yeah, sure, I mean, celebrities whether it's Donald Trump who probably went there at some point. Everyone wants to get his taxes and records to just general patient care. >> Just general patient care. Yeah, exactly, and the privacy of our patients is paramount. I mean, especially in this digital age where, like we talked about earlier, everyone's going after making a human do something silly, right? We want to ensure that our humans, our nurses, our best in class patient care professionals are not doing something with your record that they're not supposed to. >> Interviewer: Well John, I want to hear your thoughts on this story I did a couple weeks ago called the Industrial IOT Apocalypse: Now or Later? And the provocative story was simply trying to raise awareness that malware and spear phishing is just tactics for that. Endpoint is critical, obviously. >> Sure. >> You pointed that out, everyone kind of knows that . >> Sure. >> But until someone dies, until there's a catastrophe where you can take over physical equipment, whether it's a self-driving bus, >> Frushour: Yeah. >> Or go into a hospital and not just do ransom ware, >> Frushour: Absolutely. >> Actually using industrial equipment to kill people. >> Sure. >> Interviewer: To cause a lot of harm. >> Right. >> This is an industrial, kind of the hacking kind of mindset. There's a lot of conversations going on, not enough mainstream conversations, but some of the top people are talking about this. This is kind of a concern. What's your view on this? Is it something that needs to be talked about more of? Is it just BS? Should it be... Is there any signal there that's worth talking about around protecting the physical things that are attached to them? >> Oh, absolutely, I mean this is a huge, huge area of interest for us. Medical device security at New York Presbyterian, we have anywhere from about eighty to ninety thousand endpoints across the enterprise. Every ICU room in our organization has about seven to ten connected devices in the ICU room. From infusion pumps to intubation machines to heart rate monitors and SPO2 monitors, all this stuff. >> Interviewer: All IP and connected. >> All connected, right. The policy or the medium in which they're connected changes. Some are ZP and Bluetooth and hard line and WiFi, and we've got all these different protocols that they use to connect. We buy biomedical devices at volume, right? And biomedical devices have a long path towards FDA certification, so a lot of the time they're designed years before they're fielded. And when they're fielded, they come out and the device manufacturer says, "Alright, we've got this new widget. It's going to, you know, save lives, it's a great widget. It uses this protocol called TLS 1.0." And as a security professional I'm sitting there going, "Really?" Like, I'm not buying that but that's kind of the only game, that's the only widget that I can buy because that's the only widget that does that particular function and, you know, it was made. So, this is a huge problem for us is endpoint device security, ensuring there's no vulnerabilities, ensuring we're not increasing our risk profile by adding these devices to our network and endangering our patients. So it's a huge area. >> And also compatible to what you guys are thinking. Like I could imagine, like, why would you want a multi-threaded processor on a light bulb? >> Frushour: Yeah. >> I mean, scope it down, turn it on, turn it off. >> Frushour: Scope it down for its intended purpose, yeah, I mean, FDA certification is all about if the device performs its intended function. But, so we've, you know, we really leaned forward, our CSO has really leaned forward with initiatives like the S bomb. He's working closely with the FDA to develop kind of a set of baseline standards. Ports and protocols, software and services. It uses these libraries, It talks to these servers in this country. And then we have this portfolio that a security professional would say, "Okay, I accept that risk. That's okay, I'll put that on my network moving on." But this is absolutely a huge area of concern for us, and as we get more connected we are very, very leaning forward on telehealth and delivering a great patient experience from a mobile device, a phone, a tablet. That type of delivery mechanism spawns all kinds of privacy concerns, and inter-operability concerns with protocol. >> What's protected. >> Exactly. >> That's good, I love to follow up with you on that. Something we can double down on. But while we're here this morning I want to get back to data. >> Frushour: Sure. >> Thank you, by the way, for sharing that insight. Something I think's really important, industrial IOT protection. Diverse data is really feeds a lot of great machine learning. You're only as good as your next blind spot, right? And when you're doing pattern recognition by using data. >> Frushour: Absolutely. >> So data is data, right? You know, telecraft, other data. Mixing data could actually be a good thing. >> Frushour: Sure, sure. >> Most professionals would agree to that. How do you look at diverse data? Because in healthcare there's two schools of thought. There's the old, HIPAA. "We don't share anything." That client privacy, you mentioned that, to full sharing to get the maximum out of the AI or machine learning. >> Sure. >> How are you guys looking at that data, diverse data, the sharing? Cause in security sharing's good too, right? >> Sure, sure, sure. >> What's your thoughts on sharing data? >> I mean sharing data across our institutions, which we have great relationships with, in New York is very fluid at New York Presbyterian. We're a large healthcare conglomerate with a lot of disparate hospitals that came as a result of partnership and acquisition. They don't all use the same electronic health record system. I think right now we have seven in play and we're converging down to one. But that's a lot of data sharing that we have to focus on between seven different HR's. A patient could move from one institution to the next for a specialty procedure, and you got to make sure that their data goes with them. >> Yeah. >> So I think we're pretty, we're pretty decent at sharing the data when it needs to be shared. It's the other part of your question about artificial intelligence, really I go back to like dedication analytics. A large part of the medication analytics platform that we designed does a lot of anomaly detections, anomaly detection on diversion. So if we see that, let's say you're, you know, a physician and you do knee surgeries. I'm just making this up. I am not a clinician, so we're going to hear a lot of stupidity here, but bare with me. So you do knee surgeries, and you do knee surgeries once a day, every day, Monday through Friday, right? And after that knee surgery, which you do every day in cyclical form, you prescribe two thousand milligrams of Vicodin. That's your standard. And doctors, you know, they're humans. Humans are built on patterns. That's your pattern. Two thousand milligrams. That's worked for you; that's what you prescribe. But all of the sudden on Saturday, a day that you've never done a knee surgery in your life for the last twenty years, you all of a sudden perform a very invasive knee surgery procedure that apparently had a lot of complications because the duration of the procedure was way outside the bounds of all the other procedures. And if you're kind of a math geek right now you're probably thinking, "I see where he's going with this." >> Interviewer: Yeah. >> Because you just become an anomaly. And then maybe you prescribe ten thousand milligrams of Vicodin on that day. A procedure outside of your schedule with a prescription history that we've never seen before, that's the beauty of funneling this data into Splunk's ML Toolkit. And then visualizing that. I love the 3D visualization, right? Because anybody can see like, "Okay, all this stuff, the school of phish here is safe, but these I've got to focus on." >> Interviewer: Yeah. >> Right? And so we put that into the ML Toolkit and then we can see, "Okay, Dr. X.." We have ten thousand, a little over ten thousand physicians across New York Presbyterian. Doctor X right over here, that does not look like a normal prescriptive scenario as the rest of their baseline. And we can tweak this and we can change precision and we can change accuracy. We can move all this stuff around and say, "Well, let's just look on medical record number, Let's just focus on procedure type, Let's focus on campus location. What did they prescribe from a different campus?" That's anomalous. So that is huge for us, using the ML Toolkit to look at those anomalies and then drive the privacy team, the risk teams, the pharmacy analytics teams to say, "Oh, I need to go investigate." >> So, that's a lot of heavy lifting for ya? Let you guys look at data that you need to look at. >> Absolutely. >> Give ya a (mumbles). Final question, Splunk, in general, you're happy with these guys? Obviously, they do a big part of your data. What should people know about Splunk 2019, this year? And are you happy with them? >> Oh, I mean Splunk has been a great partner to New York Presbyterian. We've done so much incredible development work with them, and really, what I like to talk about is Splunk for healthcare. You know, we've created, we saw some really important problems in our space, in this article. But, we're looking, we're leaning really far forward into things like risk based analysis, peri-op services. We've got a microbial stewardship program, that we're looking at developing into Splunk, so we can watch that. That's a huge, I wouldn't say as big of a crisis as the opioid epidemic, but an equally important crisis to medical professionals across this country. And, these are all solvable problems, this is just data. Right? These are just events that happen in different systems. If we can get that into Splunk, we can cease the archaic practice of looking at spreadsheets, and look up tables and people spending days to find one thing to investigate. Splunk's been a great partner to us. The tool it has been fantastic in helping us in our journey to provide best in-class patient care. >> Well, congratulations, John Frushour, Deputy Chief Information Security Officer, New York Presbyterian. Thanks for that insight. >> You're welcome. >> Great (mumbles) healthcare and your challenge and your opportunity. >> Congratulations for the award winner Data to Everything award winner, got to get that slogan. Get used to that, it's two everything. Getting things done, he's a doer. I'm John Furrier, here on theCube doing the Cube action all day for three days. We're on day two, we'll be back with more coverage, after this short break. (upbeat music)

>>live from Las Vegas. It's the Cube covering Splunk dot com. 19. Brought to you by spunk >>Welcome back, everyone to keep live coverage here in Las Vegas for Splunk dot com. 10th anniversary. 10 years of doing their big customer shows. Cubes. Seventh year of covering Splunk I'm John Ferrier, Host Cube. Our next guest is Cube. Alumni seem Haji, senior director and head of platform on industry for Splunk Knows the business way last topped. 2014 Great to see you. >>Good to see you again, John. You've been busy. I have. It's been a busy time. It's Plunk. >>You have been in the data business. We've been following your career for the years. Data stacks now Splunk on other endeavors. But you've been in the data, even swim in the data business. You've seen clouds scale, you understand. Open source. You understand kind of big dynamics. Splunk has a full enabling data platform. Started out with logs keeps moving along the by companies that interview. But this'll platform concept of enabling value valued customers has been a big part of the success that it continues to yield success every year. When people say no, what is successful data playful because everyone wants to own the data layer because we just want to get value on the data. So what as a product market, our product person, what is the date of platform? >>So it's really a question and, you know, you gonna hit the nail on the head when you said we've been talking about the data platform for several years, like decades. Almost so if you think about, you know, data platform, like, way back when and I'm dating myself. When I graduated from college, you know, people were looking for insights right there. Like give me a report, give me a dashboard way. Went into data, databases of data, warehouses. Enabling this you actually think about the data platform or data to everything. Platform is, as we explore. Call it. It has five critical elements in my in my mind. You know, the first is how do you get all of your information? Like the data that's coming in from networks, logs, applications, people, you and I generate a ton of data. How do we get this all together into a single place so you can get insights on it? 1 may think that it's pretty easy, but the truth is, we've been struggling as an industry with for decades. So it's fun to think what super unique is you can actually bring in any of the data. And some of the challenges that customers have had in the past is way forced them to structure this state of before they can ask questions of it. What's wrong? It's free form. You can bring it in any information and then structured when you're ready to ask that question. So you know a data platform. Number one is flexibility in the way you bring your data second. And you know this being the business is getting real time insights, alerts on your phone, real time decision ing and then you have, you know, operating in different ways on cloud on premises, hybrid environments. That's the third. And I think the fourth and the fifth are probably the most important, and into related is allowing like a good data platform caters to everyone in the or so from your most non technical business user to the most technical data admin I t. Guy security analysts with giving them the same information but allowing them to view it in many different ways and ask different questions of it. So we call this, you know, explained is from a product marketing in a business standpoint way Refer to it as many lenses on your same data. Good data platforms do that while allowing an empowering different users. So those are the five in my >>love kicking out on platform converses. Second, we could talk for now, but I know you got busy. I want to ask you all successful platforms in this modern era of rocket texture. When you get cloud scale, massive data volumes coming in need key building blocks. Take me through your view on why Splunk been successful plateau because you got a naval value from the dorm room to the boardroom. So we've gotta have that use case breath what you do. What key building blocks of this point. Data platform. >>Great question. And, you know, we've we've kind of figured this out is a cz. Well, a cz have been working on building out these building blocks at a most critical customers, right? Did you think about it? You start with the core, the index, if you will. And that's your place to bring you know, slung started with all your logs together and it's your single go to place then, as you think about it, with working with customers, they need massive date engines. So what we just announced today the general availability of data stream processor and data fabric search. It allows you to have those two massive engines from How do I bring my streaming data in to have Can I do massive scale processing? Thea other elements around a machine learning right. So in a world where we're moving to automation, that's super critical to the success. And then you have consuming the way you consume insights or uses consuming sites. If you think about you and I and this amount of time we spend on our phone, how do we make it easy for people to act on their information to those your core platform building blocks give index. You have your date engines, you have a I am l. You have your business analytics and then you have your portfolios on top, which is use case specific, if you will. For I t for security and then for de mops. >>That's awesome. And let's get into the news you were your product. Kino today? Yes, they was opening day. But I want to read the headline from Lung press release and commentary. Don't get your reaction to it. Splunk Enterprising X Man's data access with data fabric search and data stream processor powers Uses with context and collaboration keywords context in their collaboration. House search is a hard problem. Discovery. We've seen carnage and people trying things. You guys do a lot of data. Lot of diverse date has been a big team here, right? Your customers have grown with more data coming in. Why these two features important. What's the keys? Behind the fabric search on the data processor is that the real time is the date acceleration. What are some of the key value points? What people know about the fabric surge processor. >>So actually, let me start with the data stream processor. You know, with DSP, what we're really doing is looking at streaming data. So when you think about the real time customers I ot sensor data, anything that's coming on the wire data stream processor lets you bring that in display. Now, the uniqueness of data stream processor is you wanted Thio, you didn't have to bring it in. Splunk. You can actually like process that live on the wire and it works just as well. Not do fabric search. It's, you know, you alluded to this earlier. It's how do you search across your massive data leaks warehouses that exist without having to bring it all in one place. So in the product, he notes Demo. Today we showed a really cool demo of a business and bliss user, really solving a business problem while searching across S three Duke and data that's sitting in instruct and then with the fabric search, you can also do massive, like federated, like global size searches on the context and collaboration. That's really once you have all this data in Splunk, how do you How do you like your users? Consume it right? And that's the mobile connected experiences A cz well, a cz Phantom and Victor Rapps like really activating this data in automating it. >>I want to get your thoughts on something that we've been seeing on the Q. And I've been kind of promoting for about a year now, and it really came back for you. Go back to the early days of duping big data. And, you know, you know, those days getting diverse data is hard. And so because it's a different formats on the database scheme is Andorran structured to find that databases in a way hamper hinder that capability. We've been saying that diverse data gives a better machine, makes machine learning better. Machine learning is a day I provides business benefits. This flywheel is really important. And can you give an example of where that's playing out and spunk? Because that seems to be the magic right now. Is that getting the data together, knowing what day it is? No blind spots. As much as that is, it's possible. But getting that flag will doing better. Better diverse data, better machine learning better. Ay, I better I better business value. I >>think it comes down to the word divers, right? So when you're looking at data coming in from many different sources, you also get a holistic perspective on what's going on in your business. You get the insight on what your customers may be doing in engaging with your business. You get insight on how your infrastructure is performing and the way you can optimize people to the business from you know you need to. The ops and operations is to like how customers are working and interacting with your business. The other piece is when you think about machine learning in the I A. CZ, you automate this. It's a lot easier when you have the holistic context, right? So, you know, diverse data means more context. More context means better insight into what you're trying to get to. It's just gonna rounds out. The perspective I often refer to it is it's adding a new dimension to something you already know >>and opens up a whole nother conscious around. What is the practitioners? Role? Not just a database administrator is setting up databases because you're getting at, you know, context is important. What's the data about the data? What dough I keep what should be addressable foran application. Is this relevant content for this some day, it is more valuable than others at any given time, so address ability becomes a big thing. What's your vision around this idea of data address ability for applications? >>So, you know, just going back to what you said about the administrators and the doers we call them the doers there. The innovators right there. The bill, people building the cool stuff. And so when you actually can bring these elements in for them, you really are giving them the ability to innovate and do better and have that accessibility into the information and really kind of like, you know, like Bill the best that they could write. So, you know, we've been saying Turn data into doing and it really is true. Like these are again the architects of what's happening and they're the people, like taking all this diverse data, taking the machine, learning, taking the technology of the building blocks and then turning it into, like, hold doing that we d'oh! >>It's interesting with markets change him. It actually changed the role of the database person makes them broader, more powerful. >>Yes, and because you know they're the ones fueling the business. >>Thanks for coming. I really appreciate the insight. I wish we had more time on a personal question. What's exciting You in the industry these days? Actually, you're exploring. Companies continue to grow from start up the i p o massive growth now to a whole nother level of market leadership to defend that you put some good products out there. What? What are you getting excited about these days from tech standpoint? >>You know, I think it's we're finally getting it. We're finally getting what you know. Being a data to everything. Platform is, for example, right after the keynote. I had more than a few people come up to me and say, Well, you know, that made sense, right? Like when we think about Splunk is the data to everything platform on what data platforms are meant to dio and how they should operate. So I think the industry is finally getting their What's exciting me next is if you look behind us and all the industry traction that we're seeing. So you know, taking technology and data beyond. And really enabling businesses from financial service is to healthcare to manufacturers to do more. You know, the businesses that traditionally, like, maybe have not been adopting technology as fast as software companies. And now we're seeing that, and that's super exciting. >>You know, I always get into these kind of philosophical debates with people. Either on the Cube are are off the Cube, where you know what is a platform success look like, you know, I always say, I want to get your reaction to this. I always say, if it's got applications or things being enabled value on a healthy ecosystem, so do you agree with that statement? And if so, what's the proof points for Splunk on those two things? What is defining that? What a successful platform looks like? >>You know that I do agree with you. And when I think about a successful platform, it's if I look around this room and just see how you know, like New York Presbyterian as using Splunk Thio like we heard from Dell today an intel. So when you see the spectrum of customers using Splunk across a variety of successes, it's that super exciting to me that tells me that you know what it is everything when you say date it. Everything >>all right? We got a fun job these days. >>D'oh to be here. So it's great. >>Great to see you. Thanks for coming back on the Cube. I'm looking forward to catching up. I'm John Kerry here on the Cube. Let's see what she's awesome. Cube alumni from 2014. Now it's blonde leading the product efforts and marketing. I'm John. Where were you watching the Q. Be right back after this short break

>>live from Las Vegas. It's the Cube covering Splunk dot com. 19. Brought to you by spunk. >>Okay, welcome back. Everyone's two cubes. Live coverage in Las Vegas. Force plunks dot com This is their annual conference. A 10 year anniversaries. Cubes coverage. For seven years I've been covering this company from Start up the I P O to Grove to now go on to the next level as a leader and security. Our next guest is Scott Ward, principal solutions architect for AWS. Amazon Web service is obsolete, reinvents coming up. I'm sure you're super busy, Scott, but you're here at Splunk dot com there big partner of AWS? Yeah, >>Yeah, definitely. I mean flux. Ah, great partner that we've had a strong relationship was flown for quite a long time. Both sides of the house eight of us and slugger are leaning in thio help add value to our mutual customers, say, even building on that spokesman, a >>longtime customer. And so you guys are really focused on cloud security had your inaugural reinforce event in Boston this year, of which we broadcasted live videos on YouTube, youtube dot com says silken angle interested. But this was really kind of, Ah, watershed moment because it wasn't your classic security show. He was a cloud security. >>Yeah, it was definitely. It was very much focused on just kind of focusing in, and in some ways it actually allowed People who don't normally get to come to a native of this event or focus on security really got deeper into security. Security of us is our top priority, and we want to make sure that our customers really understanding and being able to execute on that and be able to feel confident in what they're doing on running on AWS >>and spunk has become a very successful on. Some people call him the one in the number 1/3 party vendor in security for workload. APS. Elsie Long files it What single FX for Tracing Micro Service's around the corner. A lot of good things there. But as the cloud equation starts to come in, where the operation's need to have security and on premises edge clouds, roll of Amazon and your partner's air super important, you talk about that relationship and how that's evolving. >>Yeah, I don't think you talk about our partners. It's definitely very important, you know, we have, you know, it says lots of different service is on its platform that we allow customers to use. But those partners come in and help fill out the gaps where customers need somebody to be able to provide Maura or Extra, especially look at security so that that shared responsibility model we have, where the top half is the customers responsibility and a lot of flexibility and what they could do. And that means that they can bring in the partners they want, help them to be able to accomplish the things that they wanted to >>tell. What the security hub. Amazon's best security, huh? What's that about? >>Sure, Security Hub is a service that we actually launched out. Reinforce it. Generally available. Then it's focused on really giving customers visibility into high severity security alerts and their compliance status while they're running across. All the eight of US accounts allows them thio, aggregate, prioritize and sort all of this data coming from from multiple data sources, and we talk about those multiple data source. It really is a couple of different areas. Amazon Guard duty and was on inspector names on Macy. Also third party products. If customers using third party security products that can feed into security up to kind of give them that visibility. And then it's also running continuous compliance checks against the customers. AWS account's gonna let them know where they stand when it comes to compliance, where they need to go and correct things with a counter, the resource level. So really, you know, labeling customers to kind of get a lot more visibility and what's going on with US >>environment. We've been covering this and reporting on the story, but Amazon on cloud providers of general Amazon Azure, Google Cloud Platform customers relying more and more on you guys for security. But you have a relationship with slung, say 1/3 party. How did they fit in that a Splunk fit into that security hub model? How's that going? Is just clarified that relationship six. Plunk and Security >>Yes. So when you talk about Splunk in security, if there's actually a couple different angles there, one is Splunk enterprise product. It is a consumer of all the data that is in a customer security have environment so you can feed all that data into the enterprise product. Be able to kind of go ask the questions and take all the data that security provided, as well as all the other data that's unspoken, really be able to get some deep insights and what's going on in your environment. And then on top of that is the Splunk Phantom integration, which I'm really, really excited about. Because spunk is with Fantomas, Long customers actually take action on their security data, so customers have often told us like it's great you're making all this data available to me on I can see it, But what do I actually do with it? What? How am I gonna do something with it? So way advocate a lot for customers to be able to automate what they're doing when it comes to their security findings and get the humans out of the way as much as possible so they can really be adding a lot of value. So security feeds us to phantom and Phantom can run play books that will do as much or as little on that security. Finding data to kind of integrate that finding into the customers operational work flows and collect the right information are hopefully ultimately remediated that security findings so that customers can get some sleep and they can focus on other things that are more important. >>Talk about fancy for a minute, just to kind of change. Usually you mentioned that, obviously, I thought Oliver interview and reinforce. And here recently, he's one of the team's bunked with company. What is wise, faith and so >>popular? I think Phantom is popular because a couple things one. It is allowing customers, too, to resolve, intermediate and address an issue with what works for them and work full that works for them. It's not making them thio clearly fall into a particular box. They can add or remove pieces. The fact that it's it's very python based. It's usually in the security community so that they can probably find Resource is that can actually orchestrate build these playbooks and then then, once the bill playbooks that could reuse those pieces to address other issues or things that are coming up. So I get A allows them to really kind of scale, be able to kind of be able to accomplish these things when it comes to automation and addressing with security alerts as they continue to grow, you know, >>it makes things go faster, frees up people's time for productivity. >>I totally feel that that's That's one of the main reasons that people are looking at this. >>So someone's using Splunk for its own sake. I'm a Splunk customer. Okay, Security hub. Why should I use both? What's sure just clarify that peace >>is a couple of reasons where I would say that somebody would want to use both. One is security. Obvious is the continuous compliance check. So today, security have offers checks based on the Center for Internet Security. Eight of US bench work. So we are continuously running those cheques. There's about 43 rules that we are running. Each of those checks against your AWS accounts or resource is in those accounts until you where you are not in compliance. Get overall score. You could dig into what, what, where you needed to do further there. Security. Look at it's a central integration spot to get stuff into Splunk as well, so you can have guard duty, Macy inspector and third party stuff coming into security help and then you that one stop shop to get all that data into spunk, enterprise or phantom, and then The third thing is the fact that security it gives you that security view across multiple eight of US accounts. You can designate a master account, invite all your other organization accounts to share those findings, and your security team could go into security up and have one view of your overall security landscape. Be able to look at one single piece of glass, but across all of your organizations like those, those are some key value points. I would say that in addition to spunk in a customer might use security. >>Well, Scott's been great insight on thanks for clarifying the Splunk 80 relationship. Let's pretend I'm a customer for a minute. I'm like, Hey, Scott, you're switching Architect. Thanks for the free consulting with you Live on Cube. So I'm a Splunk customer. Log files. I see they got some tracing stuff going cloud native going to the cloud. We're employing Amazon. I'm a buyer customer Splunk And they got a lot of new stuff and seems awesome. Sore identified. 6.0 is out. How do I What do I do? How do I architect my swan give me more headroom? Grow my swung capabilities with same time. Take advantage. All the radios. Goodness. Would you lay that out? >>I would say I would say, You know, I like your spunk. You kind of You know what? You bought spunk for a particular reason. It's there to answer questions. Is there take data and is lying to kind of move forward? I would definitely architectures long to be able to consume as much data as possible. He did. We have lots of different integrations. Consume that. You shouldn't move away from that. So I would definitely use that. I would use security hub for kind of getting that centralization spot for everything related to your eight of us environments that can then be your central spot into a Splunk. You have people that it's really not necessary for them to be in the Splunk. They don't know Splunk security. It might be a good spot for them to actually do some investigations and learn things as well so that they could do their job. And then you really kind of used with deep technology and quarry capability is slowing to kind of do those deeper dives really understanding what's going on in your environment, something you know as a buyer. I think you could use both. And I think there's a there's room for you to kind of take advantage of both and get the best of both worlds. >>It's really exciting with security going on. It's kind of crazy the same time because you have clouds scale. You guys have been led. The market there continue to be leaders in Cloud Cloud scale, Dev ops. Everything else on the roll volume of data is increased so much. You guys just had your inaugural conference reinforced, and I want to get your thoughts on. This is a solution. Architect of someone in the field difference between traditional security chasing the bad guys defending intrusion, detection. All that good stuff. Cloud security because you have all the security shows out. There are s a black hat. Def Con Cloud Security introduces a new element around howto architect solutions. What should people know about the impact of clouds security as they start thinking ballistically around their enterprise, >>right? I think the important thing I think is you know, the things you mentioned. The vulnerability scanning the intrusion detection is all still important in the cloud. I think the key thing that the cloud offers is the fact that you have the ability to now automate and integrate your security teams more tightly with the things that you're doing and you can. Actually, we always talk about the move fast and stay secure. Customers choose eight of us for self service, the elasticity of the price, and you can take advantage of those unless your security can actually keep up with you. So the fact that everything is based on an FBI you could define infrastructure is code. You can actually enforce standards now where they be before you write a line of code in your dad's office Pipeline were actually being able to detect and react to those things all through code and in a consistent way really allows you to be able to look in your security in a different way and take the kind of philosophy and minds that you've always had around security but actually able to do something with it and be able to maybe do the things you've always wanted to do. But I've never had a chance to do so. I think I think security can actually keep up with you and actually help you different. You're different to your business. Even more than maybe it didn't. >>New capabilities are available now with new options. Exactly. Great stuff. Conversations here at dot com for in Vegas Splunk conference. I'll see they're using You guys have reinvent coming up people be their first week of December. You got a music festival to intersect, which is gonna be fun, But I'm not 10 that. Yeah, don't fall over and die from all these. What are you talking about here? What are the key conversations you're having here? Sure. Here at swan dot com, on your booth to customers. What is it? What's the mean? Sure, >>I think the main talking point is and I'm actually presenting it in the breakout theater this afternoon. We're talking about that taking action portion of like, Data's insecurity or data's in eight of us. How do you do something with what are we enable? And how does a partner like Splunk come in? And what is that? Taking action actually looked like to allow you to be able to do things that scale and be able to leverage on take advantage of your precious resource is and use them in the best way possible something. But that's a lot of the conversation that we're having and things that were focused. >>And what do you hope to walk away packs tonight? It's gonna be for people leaving that session. >>I think I think people should should walk away and understand that it is within their reach to be able to actually be able to to kind of have this nirvana of being able to sit to react to security events and not have to have a human engaged in every single thing. It is a crawl, walk, run type approach you're gonna need to figure out. How do I know when I see this one of the things I want to do? How do I automate that? Validate that that's actually true and then implement it and then go back and do the next thing that really like customers to walk away to know that that is possible on that, with a little bit of investment, they can make it happen and that at a certain point it will really have benefits. >>Well, eight of us have been following you guys for eight years of Cuba's will be our ninth year, I think for reinvent been fun to watch Amazon growing. I'm sure they'll be. Thousands of new announcements every year is always away with volume of new stuff. Give a plug for a second on the Amazon partner. Never was your part of your arm and scope of relationships with third party partners how important it is. And what are some of the cool things going on? Sure. So I >>mean the elves on Partner Network we're focused on partnering with, You know, it's really that cell with motion where we're going out and AWS is selling the partners selling. We work with technology providers and solution systems integrators, and we're really focused on just working with them to make sure that the best solution possible is being created four customers so that they could take advantage of the partner solution and the eight of us cloud, and that they're getting some sort of a unique value that they're going to get by using the cloud and that partner solution together to help them be security or or any other sort of area that they feel more confident. That could be more successful in the crowd through a combination of both of us and >>there's a whole team. It's not like a few guys organization, hole or committed. Thio Amazon partners. >>Yes, yes, yes. I mean, you know, I'm one of many solution architects on the part of team way have partner managers. We have market. We have the whole gamut of people that are working globally with our partners to help them really kind of have a great success. And in a great story to tell about >>people throw on foot out there. Amazon doesn't work with partners. Not true. >>We have tens of thousands of partners, and that's my job. I'm working with partners on a daily basis. I would events like this. Someone phone calls I'm providing guidance is very much a core thing that we're focusing on. >>Harder Network has got marketplace. Amazons are really putting. Their resource is behind with mission of helping customs with partners. >>Yes, definitely. And and we do that a lot of our ways way have partners and go through tears way have confidence sees that we actually allow partners to get into, so customers can really go find who's who's the best or who should I be looking at first when I have this particular problem to solve their we've got a security confidence. He may have confidence season really working to help our customers understand. Who are these partners and how can they help that with >>We've been following Terry. Wisest career is an amazing job. No, he's handed the reins over to new new management is gonna chill for awhile. Congratulations on all your success with Amazon and appreciate it. Thanks for Thanks for having me, Scott War Pretty Solutions for AWS Amazon Webster's here inside the Cube at Splunk dot com 10th year of their conference, Our seventh year covering with Cuba, John Kerry will be back with more after this short break.

>>live from Las Vegas. It's the Cube covering Splunk dot com. 19. Brought to you by spunk. >>Okay, welcome back. Everyone secures live coverage in Las Vegas response dot com. I'm John Ferrier, host of the Cube. We're here for three days is a spunk. Spunk dot com 10 anniversary of their end user conference way Got some great guests here. They talk about diversity, inclusion breaking the barrier. Women in tech We got some great guests. Jane Heights, I add Si io National government service is Thanks for joining us. Appreciate it. Carol Jones, CEO Sandy and National Labs from Albuquerque Think coming on to CEOs of excited Suzanne McGovern. Diversity and inclusion talent leader for Splunk Thanks for guys joining us. Really appreciate it. I want to get into a panel you guys discuss because this is the area of really important to the workforce. Global workforce is made up of men and women, but most of the software text built by mostly men. But we get that second. I want to get in, find out what you guys are doing in your rolls because you guys, the journey is breaking through the barrier. Start with you. What's your role. What do you do? Their CEO. >>So I am CEO for National Government Service Is we do Medicare claims processing for the federal government. We also have a number of I t contracts with CMS. And, um, I organ. I have an organization of 331 people. Very different organization, Data center, infrastructure security gambit of I t, if you will. A great group of people divers were in Baltimore. Where? In Indianapolis. We're out of the kingdom office. How >>long have you been in 19 >>My career. So yes. Yeah. The waves. Yes. I have seen the waves have Daryl >>Jones and I'm c i o same National Laboratories. It's a federally funded research and development center. So we do research and development from on behalf of the U. S. Government. I have about 500 employees and 400 contractors. So we provide the I T for Sadia, all gametes of it, including some classified environments. >>A lot of security, your role. What's wrong? >>I'm the chief diversity officer. It's Plus I get the pleasure to do that every day. A swell, a cz. It's everyone's job. Not just magically explode. But I'm very honored to do that. How to look after talent. >>I want to compliment you guys on your new branding. Thank not only is a cool and really picking orange, but also that position is very broad and everything is trade message. But the big posters have diversity. Not a bunch of men on the posters. So congratulations, it's anger. Representative is really important. Worth mentioning. Okay, let's start with the journey. The topic you guys just talked about on a panel here in Las Vegas is female leaders smashing the glass ceiling. So when you smash his last ceiling, did you get caught? Was her bleeding? What happened? Take us for your journey. What was big? Take away. What's the learnings? Share your stories. >>Well, a lot of it, as I shared today with Panel, is really learning and be having that Lerner mindset and learning from something that you do, which is part of your life. And I use the example of I'm married to an Indian Muslim, went to India, spent some time with his family, and they told me Let's be ready at 6 30 and I said, Okay, I'm ready. I'm ready. Dressed in 6 30 nobody else was ready. And everyone in the room said, Well, we're gonna have Chai first we're gonna have some tea And I was like, Well, you said 6 30 and I'm ready And, um, everyone said, Well, you know, we need to relax. We need to connect. We need to have some time So I took that back and said, You know what? We all need to make time for tea Way. All need to connect with our people and the individuals that work with us, And I've kind of taken that on through the last 20 years of being married, Tim. But connecting with individuals and your teams and your partner's is what's important and as what Lead Meeks. I've built those allies and that great group of people that >>being people centric, relationship driven, not so much chasing promotions or those kinds. >>That's what's worked for me. Yes, >>Carol, it's been your journey. Stories >>start a little bit of beginnings. I've been in Tech over 30 years. I got a bachelor's and marketing, and then I was looking to get my master's. So I got, um, I s degree, but I didn't know even to go into that field. So my professor said you needed to go into my s, so don't know that's too hard. You can't do that. You know, you could do it. So it's always been challenging myself and continuing learning. I worked at IBM then I was there in the time when they did great layoffs. So no, e he was 93 right to left. Only wonder he's gonna be left by the end of the year. >>You know, for the younger audience out there M I s stands from management information systems. Before that, there was data processing division which actually relevant today. Quite a journey. What a great spirit. What's the one thing that you could share? Folks, this is a lot of young women coming into the workforce, and a lot of people are looking at inspirational figures like yourselves that have been there and done that. There's a lot of mentoring going on is a lot of navigation for young women and understand minorities. And they just you guys, there's no real playbook. You guys have experiences. What's your advice, folks out watching >>my number one advice. And I gave this to people who are wanting to go into leadership. Trust yourself. Trust to you. Are you all got to this place because of the successful person you are and just continue to trust yourself to take advantage of those opportunities. Take a risk. I took a risk when my total focus was in Medicare. I was asked to do another job and I took another, you know, position. And it wasn't in Medicare. So you have to take those opportunities and risk and just trust that you're gonna get yourself. >>Carol. You're >>similar. It's to continue to grow and to be resilient, there'll be times in your career like a layoff where you don't know what you're gonna do. You bounce back and make it into uneven. Better job on. Take risks. I took a risk. I went into cybersecurity. Spent 10 years there, continuing learning and the Brazilian >>learnings key, right? I mean, one of the things about security mentioned 10 years. So much has changed, hasn't it? >>Well, it's bad. Guys still outnumber the good guys. That has changed faster. Exactly. Technologies change. >>Just talk about the diversity inclusion efforts. You guys have a Splunk Splunk cultures very open transparent on the technology solutions very enabling you actually enabling a lot of change on the solution side. Now we're seeing tech for good kind of stories because Texas Tech Tech for business. But also you're seeing speed and times value time to mission value, a new term way kicked around this morning. It's time to mission value. >>Yes. So I'm glad you mentioned data, right? We're data company, and we're very proud that we actually whole star diversity inclusion numbers, right? So way moved the needle 1.8% on gender last year, year on year pride, but not satisfied. We understand that there's much more to diversity inclusion than just gender, But our strategy is threefold for diversity. Inclusion. So it's work force, workplace marketplace farces around just where talk is improving our representation so that these women are no longer the only. These are in the minority that were much more represented, and we're lucky we have three women and our board. We have four women in our C suite, so we're making good good progress. But there's a lot more to do, and as I say, it's not just about gender. We want to do way, nor the innovation is fueled by diversity. So we want to try. You know, folks of different races, different ethnicity, military veterans, people with disability. We need everyone. It's belongs to be, since >>you guys are all three leaders in the industry, Thanks for coming on. Appreciate that. I want to ask you guys because culture seems to be a common thread. I mean, I do so money talks and interviews with leaders for all types, from digital transformation to Dev ops, the security and they always talk speeds in fees. But all the change comes from culture people on what I'm seeing is a pattern of success. Diversity inclusion works well if it's in the culture of the company, so one filter for anyone a woman or anyone is this is a company culturally aligned with it. So that's the question is what do you do when you have a culture that's aligned with it? And what do you do? There's a culture that's not allow, so you want to get out. But how do you unwind and how do you navigate and how do you see the size of signals? Because the date is there >>a way to certainly really harness and failed a culture of inclusion. And that's through employee resource groups in particular. So it's plunks. More than 50% of our spelunkers are actually members. Followers are allies on employee resource. So gives community. It gives that sense of inclusion so that everyone could bring their whole Selves to work. So, to your point, it really does build a different culture, different level of connection. And it's super different. >>Any thoughts on culture and signals look for good, bad, ugly, I mean, because you see a good ways taken right. Why not >>take a chance, right? Right. No, I think, you know, like you look at it and you decide, like some young women we were talking to, You know, Is this the right company for you? And if not, can you find an ally? You know, it's a feeling that the culture isn't there and helped educate him on help to get him to be Jack of what does he and his leaders, I think we have to always ask ourselves, Are we being inclusive for everyone >>and mine? I would spend it a little bit. Is that diversity and thoughts And how? When I joined this organization. Culture is a big factor that needs to change and some of the things that I'm working on, but to bring people to the table and hear those different thoughts and listen to them because they all do think differently. No matter color, race, gender, that sort of thing. So diversity and thought is really something that I try to focus in on >>carry. Palin was just on the Cuban CMO of Splunk and top of the logo's on the branding and, she said, was a great team effort. Love that because she's just really cool about that. And she said we had a lot of diversity and thought, which is a code word for debate. So when you have diversity, I want to get your thoughts on this because this is interesting. We live in a time where speed is a competitive advantage speed, creativity, productivity, relevance, scale. These air kind of the key kind of modern efforts. Diversity could slow things down, too, so but the benefit of diversity is more thought, more access to data. So the question is, what do you guys think about how companies or individuals could not lose the speed keep the game going on the speed and scale and get the benefits of the diversity because you don't want things to grind down. Toe halts way Slugs in the speed game get data more diverse. Data comes in. That's a technical issue. But with diversity, you >>want a challenge that, to be honest, because we're a data company in the details. Irrefutable. Right? So gender diverse Teams up inform homogeneous teams by about 15% if you take that to race and ethnicity was up to 33%. Companies like ourselves, of course, their numbers see an uptick in share price. It's a business imperative, right? We get that. It's the right thing to do. But this notion that it slows things down, you find a way right. You're really high performance. You find a way best time. So it doesn't always come fast, right? Sometimes it's about patients and leadership. So I'm on the side of data and the data is there. If you tickle, di bear seems just perform better, >>so if it is slowing down, your position would be that it's not working >>well. Yes, I know. I think you got to find a way to work together, you know? And that's a beautiful thing about places like spun were hyper cool, right? It's crazy. Tons of work to do different things were just talking about this in the break way have this unwritten rule that we don't hire. I'll see jerks for >>gender neutral data, saris, origin, gender neutral data. >>Yeah, absolutely no hiring folks are really gonna, you know, have a different cultural impact there. No cultural adds the organization way. Need everyone on bats. Beautiful thing. And that's what makes it special. >>I think you know, is you start to work and be more inclusive. You start to build trust. So it goes back to what Jane was talking about relationships. And so you gotta have that foundation and you can move fast and still be reversed. I >>think that's a very key point. Trust is critical because people are taking chances whether they're male or female. If the team works there like you see a Splunk, it shouldn't be an issue becomes an issue when it's issue. All right, so big Walk away and learnings over the years in your journey. What was some moments of greatness? Moments of struggle where you brought your whole self to bear around resolving in persevering what were some challenges in growth moments that really made a difference in your life breaking through that ceiling. >>Wow. Well, um, I'm a breast cancer survivor, and I, uh, used my job and my strength to pull me through that. And I was working during the time, and I had a great leader who took it upon herself to make sure that I could work if I wanted. Thio are not. And it really opened that up for me to be able to say, I can still bring my whole self, whatever that is today that I'm doing. And I look back at that time and that was a strength from inside that gave me that trust myself. You're going to get through it. And that was a challenging personal time, But yet had so many learnings in it, from a career perspective to >>story thanks for sharing Caroline stories and struggles and successes that made him big impact of you. Your >>life. It was my first level one manager job. I got into cybersecurity and I didn't know what I was doing. I came back. My boss of Carol. I don't know what you did this year, and so I really had to learn to communicate. But prior to that, you know that I would never have been on TV. Never would have done public speaking like we did today. So I had to hire a coach and learn hadn't forward on communications. Thanks for sharing stories, I think a >>pivotal moment for me. I was in management, consultants say, for the first half of my career, Dad's first child and I was on the highway with a local Klein seven in the morning. Closet Night started on a Sunday midday, so I didn't see her a week the first night. I know many women who do it just wasn't my personal choice. So I decided to take a roll internal and not find Jason and was told that my career would be over, that I would be on a track, that I wouldn't get partner anymore. And it really wasn't the case. I find my passions in the people agenda did leadership development. I didn't teach our role. I got into diversity, including which I absolutely love. So I think some of those pivotal moments you talked about resilient earlier in the panel is just to dig, dying to know what's important to you personally and for the family and really follow your to north and you know, it works out in the end, >>you guys air inspiration. Thank you for sharing that, I guess on a personal question for me, as a male, there's a lot of men who want to do good. They want to be inclusive as well. Some don't know what to do. Don't even are free to ask for directions, right? So what would you advise men? How could they help in today's culture to move the needle forward, to support beach there from trust and all these critical things that make a difference what you say to that? >>So the research says that women don't suffer from a lack of mentorship. The sucker suffer from a lack of advocacy. So I would say if you want to do something super easy and impactful, go advocate for women, go advocate for women. You know who is amazing I there and go help her forward >>in Korea. And you can do that. Whatever gender you are, you can advocate for others. Yeah, also echo the advocacy. I would agree. >>Trust relationships, yes, across the board >>way, said Thio. Some of the women and our allies today WAAS bring your whole self. And I would just encourage men to do that, to bring your whole self to work, because that's what speeds up the data exchange. That's what it speeds up. Results >>take a chance, >>Take a chance, bring your whole self >>get trust going right. He opened a communicated and look at the date on the photo booth. Datable driver. Thank you guys so much for sharing your stories in The Cube, you think. Uses the stories on the Cube segments. Cube coverage here in Las Vegas for the 10th stop. Compass Accused seventh year John Ferrier with Q. Thanks for watching.

>>Live from Las Vegas. It's the cube covering splunk.com 19 brought to you by Splunk. >>Hey, welcome back. Everyone's the cubes coverage here in Las Vegas for Splunk's dot com I'm John, the host of the cube. This is Splunk's 10th year user conference is the cube seventh year. We've been riding on the same wave with Splunk over the years and just watching the phenomenal growth and changes at the level of data at scale we've been covering. We can remember I said from day one data at the center of this, not just log files is now gone. Beyond that, we're here with Carrie Pailin, the CMO, chief marketing officer for Splunk. Welcome to the cube. Thanks for coming on. Thank you so much. It's great to be here. The folks that know us know about spunk. Notice the color changes in the background, the popping kink, burning yellow, orange underneath, new branding. You're new to Splunk story, career in technology. Um, this is exciting. And then portfolio, there's all the news is a phenomenal good news flow. >>Very relevant, right on Mark. Data is now creating value and datas like software. It's enabling value. Splunk software and solution platform has done that and this new new grounds to take. But you're now setting the agenda for the brand and the company tell us, I mean, it's a marketer's dream. What can I say? It's a, you know, I joined nine months ago and when I was interviewing for the role, I remember Doug Merritt saying to me, Hey, you know, we might be the only $2 billion enterprise software company that nobody's ever heard of. Amy said, I want to go solve for that. Right? Like the folks who know Splunk and our customers, they love us, our product is awesome and our culture is awesome, but the world doesn't know about us yet and we haven't invested there. So I want to go take the brand to the next level. >>And I want the world to understand what data use cases are out there that are so broad and so vast. And we believe that every problem ultimately can be solved through data or almost every problem. And we wanted to set the stage for that with this new brand campaign. Yeah. Just on a personal note. And following the journey of Splunk, a scrappy startup goes public and growth modes. When you're a growth Moe is hard to kind of lay down foundational things like branding and whatnot. But now sponsor leader, we did a poll within our community and for cloud and on premise security, Splunk's the number one supplier for just laws with workloads. And then now cloud security is kicking in. So the relationship to Amazon, Google cloud platform and Azure is a critical part of Splunk is now the leader. So leaders have to do things like make sure that their brand's good. >>This is what you're doing. Take us behind the scenes of the branding, the things you chose and data for everything. Yeah. D the little small nuance data to everything. Um, and the reason behind that was we believe you can bring and we can enable our customers to bring data to every question, every decision and every action to create meaningful outcomes. And the use cases are vast and enormous. We talked about some of them before the show started, but helping look at global law enforcement, get ahead of human trafficking through SPOHNC and spelunking. What's going on across all sorts of data sources, right? Helping zone Haven, which is our first investment from Splunk ventures, which startup that's actually helping firefighters figure out burn burn patterns with fire wildfires. But also when temperatures and humidity change where sensors are, they can alert firefighters 30 to 45 minutes earlier than they would usually do that. >>And then they can also help influence evacuation patterns. I mean it's, it's remarkable what folks are doing with data today and it's really at the, at the core of solving some of the world's biggest issues. It's hard to tell a story for a company that solves some of the use cases. Yes. Because depending on who you talk to, that's the company. This is what we should be telling them. I know you do this over here, so when you're horizontally creating this kind of value, yeah, it's hard to kind of brand that because it will get a lot of opinions because you're doing a lot of different things. There's not like one vertical. That's right. So this is the challenge that most B to B marketers will fall on the trip. We do this because we have a lot of customers in this one segment. But yes, you guys are hitting so much more. >>How did you deal with that? Ha, we had a lot of talks about it, a lot of discussions, a lot of debate and I love diversity of thought. It usually drives the right outcomes, but we had a lot of this, this is not an easy answer. If it had been, it would have been done years ago and we really talked about setting the stage for where, you know, I love the Wayne Gretzky quote about skate to where the puck is going and that's what he always did and that's why he was so good. We believe there will ultimately be a data platform of platforms and we believe Splunk is that platform, right? And so that's where the industry's going. We wanted to cast a net that would take us there so that this is the beginning of a brand evolution for us and not a total rebrand, but it's setting the stage for a category creation that we believe is coming in the industry. >>A few. You guys are smart and I think my observation would be looking at some of our 10 years of reporting and sharing some on digital is that all the conversations around data is impacting the real world. Yes. You see Mark Zuckerberg and on Capitol Hill having the answer to the date of debacles, he has cybersecurity attacks, national security, um, ransomware taking down cities and towns. This is a real impact. Forest fires disrupting rolling blackouts. So technology's impacting real world lives. That's right. This is really new to tech. I mean usually behind the scenes, you know, coding, but not anymore. We're the front lines of real societal, global. Yes. Jade is at the forefront and it's really exciting. It's also frightening, right? Because we believe data presents the greatest opportunity for humanity, but also some of the greatest threats. And so hence our ability to really dig in on data security. >>It's important to do that while we're actually also surfacing data to solve real world issues. You've been in the industry for a while and when you came to Splunk, boasts a couple of things that surprised you as you, you had some thoughts going in, you knew Splunk. Yes. What are some of the things that surprised you when you got here? Oh, I mean, in such a good way. A few things, you know. Well, here's the story. Three days into being at Splunk, my dad got very ill and I wasted him to Austin for heart surgery and he actually didn't make it. Um, and so it's been a rough year to say the least. And uh, the way that Splunk's culture, I knew about it before I came, but the way that this company treated me, like I had been here 10 years, uh, when I'd really only been an employee three days was something I'll never forget. >>And it's, it's special. Um, and so I believe that companies are successful if they are smart and healthy and in Splunk has the healthy and droves and not just the compassion and the empathy, but you know, a very transparent culture. We debate things, we talk about things, we support each other. We are accountable. And I believe that's a big part of why we've grown so fast because our culture is incredibly healthy and very, um, collaborative as a team. I'm sorry for your loss. Thank you. Um, you mentioned the culture is a big part of Splunk. Yes. In talking to some of the folks that spoke over the years, there's no, I will, I'll totally say this. There's no shortage of opinions, so have not volunteered. These are robustness. Yes. Diversity of thoughts, very actionable communities. How do you, um, how do you look at that? Because that's a, could be a force, a force multiplier. >>Yes. For the brand. How are you going to tie in to everything with the community? How are you going to harness that energy? Yeah. So it's coming and the reality is data to everything is actually a set up to tell the stories of everyone who is using data today. And so the community is going to be one of the first places we go to surface. Some of those amazing stories. Um, and some of the things you see here at the show are actually showcasing that in the keynote today we heard from zone Haman and Porsche and so many others around their use cases. But the community is where it all begins and that's the lifeblood of our sort of spunkiness and a something that we don't take for granted once. One second. Sorry about the Barack Obama. Yeah. Directions with him and his interest in Splunk. Yeah. So we had our big re rebrand a reveal last month we had an event and it was for C suite type of folks. >>That was a very intimate event and we wanted somebody to keynote that and headline that that really brought to life the whole notion that you can bring data to everything. And president Obama was the first POTUS that actually use data in his campaign strategy. He's very open about that. He's the first president to appoint a chief data scientist to the white house. He's actually exceptionally geeky and very data-driven. And so when we asked him to come and headline this, he actually was really excited about it. Um, and you know, in, in great fashion, his communications team was really strict on curating the questions that we had for him. And he was so cute. He showed up to the event and he said, look, um, I'm so thrilled to be here. I love what you guys are doing and you can ask me anything. It's just like ready to go. >>And he was so wonderful and teed up this, this notion of day bringing data to everything so brilliantly. He's kicking, dig and be ad live all the time. He's very colorful as well as personality. Yes. He's kind of nerdy and you know, he was very open and OpenGov too. One of the things that I remember and when big data really started rolling into the scene around 2009, 2010 yes. You saw that opening up data registries from cities and towns and actually created innovation from health care medical supplies? Yes. Yes. So this has been a big part of it. Huge. You guys are doing some things out here and I see the exhibits we're using the day you're doing demos. How do you see you guys helping society with that? Because if you get to the next level, you've got some great use cases. Yes, the public sector is a big part of some news here. >>Fed ramp is one little technicality, but you got some certification, but government's modernizing now. So you know post Obama, you're seeing modernization of procurement roll with cloud, certainly cyber security. Amazon with the CIA, department of defense, role of data in the military and public sector. Yes, education. This is going to be a disruptive enabler for faults on the public impact. I mean, look, there's, you know, Doug touched on this a little bit this morning, the reality in our press conference, but the reality is if you do it right, opening up datasets to communities of people that can do better together and you can get this collective momentum going. For instance, in healthcare, I mean I'm a little bit of a health care nerd and I don't know if you've watched the PBS special on the Mayo clinic, it's spectacular. But one of the reasons the Mayo has been amazing for years is because their doctors all work off the same systems in every discipline in that facility and they can learn more holistically about a patient. >>And I think about the impact that data could have if we could open up those data sets across every health provider for one person or the same illness with every major institution across the U S collaborating and sharing and what we could actually do to make real impact and strides against some of the diseases that are really crippling society today. So I think that the good that we can do with data, if we open up those data sets and do it in a way that, that it's safe. It's remarkable the progress we can make. You know, one of the from machine learning has been a big success story. Machine learning toolkit. Customers are raving about it. Opening up the data creates better machine learning. AI creates better business value. That's right. That's that part of how you guys see things rolling out. Sure. I mean, as a marketer we use AI today and it's really more machine learning. >>It's sad pattern recognition. But we use, uh, you know, my last stand as a CMO, the last company I was at, we use an AI bot to augment our sales headcount for following up on leads. And it looked like a human being. I mean, same thing for Splunk. I mean, the more we can see pattern recognition, proffer up insights, the better off we are to help out our customers. And so Tim Teles team is driving that hard and fast into our innovation curve with everything that we do. Innovation culture, big time here, right? Huge, huge and one of the reasons I came to Splunk is when I interviewed with Tim and I said, Hey, how are you doing on recruiting engineers in the Valley? We all know that that is liquid gold, and he said that he had hired 370 odd engineers in less than a year and from really big brands like Airbnb and I thought, all right, there's some really cool innovation going on here. >>If some of the best engineers in the Valley really want to come work here and they want to work for a great leader, and Tim and his team are that. so.com is 10 years now this year has been riding the wave together. It's been fun. Your first, my very first dotcom. Yes. Your thoughts on this, on this community, this event. Share your, your thoughts. I mean I'm blown away and this is a team sport. I'm so proud of the events team, the creative team, the sales teams, everybody who's come together to make this event so spectacular. It's just sort of mind numbing that a company of our size can put on such an experience for our user community, but I'm also thrilled with the engagement. We have over 300 sessions this week and most of them are user and customer use, case driven and the stories they are telling are magnificent. >>They're doing this all with Splunk, so it's pretty special. And the ecosystem and the app showcase is pretty hot here. You're seeing real applications, people writing code on top of Splunk? Yes, it's, it's, I'm sorry I don't use this word often. I'm 48 but it's rad. It's so cool. Yes. Harry, thanks so much for coming on the cube and sharing your insights. Absolutely. Final thoughts for the people who aren't here at the event, watching on camera, what, how would you encapsulate.com this year? What's the top story that needs to be told? I mean, look, the reality is that we are bringing data to way more than just security and it ops, which has been our core use cases forever, and they will continue to be, but folks are that are not incredibly data literate or through Splunk bringing data to everything and solving some big gnarly issues in the world. And it's pretty exciting stuff. So check us out. All right. Thanks. Gnarly red. Cool. I need a surf board, Jerry. Thanks for coming on Friday. Thank you so much. Coverage here@thetenth.com I'm Jennifer with the cube, bringing you all the action here in Las Vegas. Three days of cubed wall to wall coverage. We've got one more after this short break.