Cisco Blogs

Cisco Blog > Data Center

Cisco @ Strata-Hadoop World Wrap-Up: If we can make it there, we’ll make it anywhere…



We made it…another successful Strata-Hadoop World show for Cisco’s Big Data & Analytics team. This year we had a few unique challenges – the Pope was leaving town when we arrived; then the UN General Assembly made traffic a bit more difficult than normal; finally towards week’s end the threat of ‘The Hurricane’ for the East Coast…

Cisco had an active presence at Strata this year with several newsworthy and interesting highlights:

• Introducing Cisco Data Preparation. Cisco Data Preparation (Data Prep) makes it easy for non-technical business analysts to gather, explore, cleanse, combine and enrich the data that fuels analytics. Read Kevin Ott’s Data Prep blog here. Read More »

Tags: , , , , , , , , , , , , , , ,

Enhancing the Splunk experience with Cisco UCS

According to scientists, the age of smartphones has left humans with such a short attention span that even a goldfish can hold a thought for longer. On an average, human attention span has fallen from 12 seconds in year 2000 to 8 seconds in today’s smart-world.

What does this mean for Splunk Enterprise ? Read More »

Tags: , , , , , , , , ,

Tales of a Fourth-Grade Something: Big Data with Cisco & Splunk at .conf & Strata

Someone at a meeting recently told me how cool it was that big data was finally moving out of the early adopter phase. He’s lucky I wasn’t drinking a beverage at the time, or he might have ended up wearing it.

I’m accused of being sort of a unicorn when it comes to the Big Data ecosystem, having worked with engineered Big Data environments since 2004 or so and Hadoop proper since 2009. And while some individual companies may be emerging from early adopter, it’s hard to say that Big Data itself is that new. You just have to look at the conference world to see how big this ecosystem has become, and how it’s shifted from theory and skunkworks projects and resume fodder, to technology solutions for new and metamorphic problems in business.

Some people will say “But surely there’s only been a competitive landscape for Hadoop distributions since 2012, right?” That’s true, but as I’ve said in 20 or more presentations in the past year, Big Data is more than Hadoop. And don’t call me Shirley.

One of the oldest companies driving Big Data software predates commercial Hadoop by a couple of years. In fact, they’re just about old enough to go into fourth grade (with apologies to Judy Blume for my title on this post). And you still have time to join Splunk (and Cisco) for their seventh annual worldwide user conference the week of September 21, 2015.

Buttercup at the .conf Search Party courtesy Lily Wai (@lgwai)

Buttercup at .conf Search Party via Lily Wai (@lgwai)


.conf is Splunk’s annual worldwide user conference, attended by thousands of customers and partners and users of Splunk’s suite of products.

Cisco has been attending, and presenting, for a while now, and 2015 is no exception. We will have a booth in the expo at .conf 2015, and you can join members of the Cisco team at two IT Operations breakout sessions.

  • Thursday, September 24, 11:15am: Cisco and Splunk: Under the Hood of Cisco IT (with Robert Novak and Cisco IT’s George Lancaster)

Learn how Cisco IT uses Splunk software to gain deep operational visibility into applications, accelerate problem resolution, and drive better business outcomes.

  • Thursday, September 24, 1:15pm: Event-Driven SDN with Splunk and Cisco’s Open SDN Controller (with Steven Carter and Friea Berg)

This session presents and demonstrates a system using Splunk and the Cisco Open SDN Controller for steering large data flows around firewalls and other devices that could disturb their performance while actively blocking threats.

Read More »

Tags: , , , , , , , , ,

Why I Love Big Data Partner Series 5: Cisco and Splunk: The Weapons of a Security Warrior

In this 5th why I love big data blog series, I am joined by Jeff Aboud from Splunk to outline why big data security analytics is essential to today’s security challenges.

Untitled SplunkJeff Aboud, Sr. Solutions Marketing Manager, Security Markets, Splunk Jeff Aboud has more than a dozen years in various areas of the security industry, spanning from the desktop to the cloud, including desktop AV, gateway hardware and software, encryption technologies, and how to securely embrace the Internet of Things. His primary focus today is to help business and security professionals understand how to visualize, analyze, and alert across a broad range of data sources in real time to maximize their security posture.



It’s no secret that advanced threats and malicious insiders present increasing security challenges to organizations of all sizes. Security professionals know that it’s not matter a question of if, but when an attack will successfully breach their network. Visibility is often what makes the difference between a breach and a major security incident, and enables proactive security posture throughout the attack continuum – before, during, and after the attack. It’s also essential to understand that the fingerprints of an advanced threat are often located in the “non-security” data, so the effective detection and investigation of these threats, before your data is stolen, requires security and non-security data.

So what does all this really mean, and how can you use it do dramatically improve your security posture?

You need to integrate and correlate the data from your firewalls, intrusion prevention, anti-malware, and other security-specific solutions along with your “non-security” data such as the logs and packet information from your servers, switches, and routers. This is no easy task with the large number of different security solutions present in most enterprise networks. But having all your data at your fingertips will help you improve your detection capabilities and automate the remediation of advanced threats.

But how can you do this, since Security Information and Event Management (SIEM) systems only look at traditional security sources? The partnership between Splunk and Cisco is the answer. Splunk is integrated across Cisco security platforms, as well as other places throughout the network including various Cisco switches, routers and Cisco Unified Computing Systems (UCS) to deliver broad visibility across your environment.

Together, Splunk and Cisco provide security and incident response teams the tools they need to quickly identify advanced threats, visualize them in real-time across potentially thousands of data sources, and take automated remediation action on Cisco firewalls and intrusion prevention systems. Read More »

Tags: , , , , , ,

Find and Fix Problems Faster with New Splunk Integration for Cisco UCS

IT infrastructures are increasingly complex and include a broad range of technologies and platforms hosted in physical, virtual and cloud environments. Cisco UCS has become a world leading server platform in large part because the unique UCS architecture enables organization to harness the power of virtualization and dramatically simplify infrastructure management.

Splunk is a great complement to Cisco UCS because Splunk also helps organizations deal with the complexity of vast multi-vendor, multi-product, and multi-site environments.  Splunk is a platform for real-time big data analytics which enables end-to-end, cross-tier visibility across applications, physical, virtual, and cloud infrastructure.

Do you need insights into your UCS server performance? Would it be valuable to troubleshoot application issues across server, storage, networking, and other domains? Are you already using Splunk to “… make machine data accessible, usable and valuable…”? Then you need to be using the just updated Splunk Add-on for Cisco UCS.

Splunk’s first (and only) out-of-the-box integration for server environments, Splunk integration with Cisco UCS provides real-time operational visibility not just across Cisco UCS domains but across multiple applications and infrastructure tiers.  This enables organizations to identify & resolve problems faster, proactively monitor systems & infrastructure, track key performance indicators & understand trends & patterns of activity & behavior.

The Splunk add-on for Cisco UCS allows a Splunk Enterprise administrator to collect UCS performance, inventory, and fault data from Cisco UCS Manager using the UCS XML API. All the data is and can be integrated with other Splunk applications for products such as Cisco ASA Firewalls or Cisco Nexus Switches or Microsoft Exchange. Did you know that Splunk has over 20 integrations for Cisco products?

If you are thinking about adding Splunk insights into your environment, this is even more of a reason to do it on Cisco UCS servers. Last November, Ragu Nambiar blogged about a joint reference architecture with Splunk that improves performance up to 25x over the Splunk reference hardware. Cisco also published a Solution Brief. Look for updates on the reference architecture from Ragu soon.

Will you be at Cisco Live next week? Be sure to go to Splunk’s booth (#2319) to see the UCS app in action (or a number of the other integrations) or join the Big Data Analytics Demonstrations Booth Tours and find Splunk in Cisco’s Connected Transportation IoT, Security Solutions and Enterprise Networks Pavilions.

Example Splunk App for Cisco UCS Dashboard

Example Splunk App for Cisco UCS Dashboard

Tags: , ,