Reference Architecture: Splunk deploys faster and more reliably on Diamanti

This week Splunk users will gather virtually for .conf20 where Splunk leaders will lay out their vision to bring data to every question. To fulfill that vision, Splunk needs to ingest data and perform consistently and with speed to bring value to your organization.

Falling victim to indexing latency, skipped searches, and slow searches can be detrimental to an organization’s ability to uncover accurate, real-time insights from their data. To deploy Splunk Enterprise and Splunk Enterprise Security successfully, users need a solution that will scale with their organization’s needs.

Diamanti and Kinney Group collaborated to create a best-of-class reference architecture for deploying and running Splunk Enterprise and Splunk Enterprise Security on a purpose-built Kubernetes platform. The Diamanti + Splunk Reference Design underscores the benefits of deploying Splunk on the Diamanti platform, utilizing Diamanti’s advanced storage and networking data plane capabilities and the simplicity and scalability that comes with Kubernetes-based deployments.

Based on Splunk Validated Architectures (SVAs), this Reference Design demonstrates how deploying Splunk Enterprise and Splunk Enterprise Security on Diamanti’s full-stack solution outperforms a similarly built AWS infrastructure.

Key Findings:

For a sustained rate of 5TB, the Splunk environment on AWS saturated at 2TB/day, while Diamanti was able to easily handle the 5TB/day load without any skipped searches and no queue buildups for indexing and searches. Even at a sustained rate of 5TB/day, the Diamanti platform had plenty of resources left for future growth and to handle unexpected traffic peaks.
With equivalent hardware resources, Diamanti outperformed AWS by 3.2X for SVA C1.
SVA C1 was only able to use 2-3% of Diamanti’s storage bandwidth and became CPU-bound, which leaves enough room to run various other more I/O-heavy Splunk designs with the potential to yield 10s of TB of data per day, resulting in 10 to 30X gain.

Download the reference architecture to see how deploying Splunk Enterprise and Splunk Enterprise Security on Diamanti’s full-stack solution is simpler, deploys faster, and has a lower total cost of ownership while outperforming a similarly built AWS infrastructure.

Further Reading:

Blog: Reduce Time-to-Insight Running Splunk on Diamanti
Blog: Fast and Simple Splunk for Kubernetes
Case Study: NBCUniversal Accelerates Insights with Diamanti and Splunk
Download the eBook: Discovering Diamanti for Data Analytics
Infographic: Turbocharge Your Splunk Environment with Diamanti
Video: Deploy Splunk Faster & More Reliably on Diamanti

Reference Architecture: Splunk deploys faster and more reliably on Diamanti

Reference Architecture: Splunk deploys faster and more reliably on Diamanti

Download the Splunk Reference Architecture

With Kubernetes, Entertainment and Media Companies are Keeping Up with the Times

How Mining and Natural Resources Companies Can Unearth Kubernetes’ Value

Keeping the Public Sector Secure and Reliable with Kubernetes