I met with Adam Bidwell, Kurt Geiger's development manager at this week's Splunk user conference in Las Vegas. He has been working on proactive problem solving.
Splunk was first brought into the company in an attempt to get control of its IT estate. He said:
We got Splunk originally because we are running a lot of websites, got a lot of servers, quite a lot of traffic, each of these servers has logs and things all over the place. So when there was some kind of incident we were writing all sorts of home brew scripts to pull it together. That was a chore. We were finding out about problems way after the incident. We kind of got an idea about Splunk, there was a free trial and we installed it. We went from there.
The customer was telling us about the problem because the way of finding out what was going on with the servers was so unwieldy. One server out of 50 would have a problem and you would only find out about that when the customer finds out.
That condensed this immediate problem of getting logs together and seeing what was going on in real time.”
Kurt Geiger is currently hosted on Amazon Web Services. That added to the complexities involved in identifying problems. Amazon's automatic scaling up and down meant that Kurt Geiger's IT team were often unsure about where the issue was occurring.
Just sitting here at the conference for a couple of days I've been phoning my boss saying we need to prepare for doubling the license. One example of that is our Amazon costs, we can do analysis of what boxes we are firing up where, what projects and stuff, so we are not looking at Splunk as being this expense, it's about what we are going to save in Amazon costs.
Bidwell is putting together additional use cases for Splunk, including security. Splunk offers advanced behavioral analytics that quickly spot anomalies and allow control centers to intervene. Bidwell believes the platform could have a number of security related applications. He said:
The systems that we are working with are becoming more and more complex, this isn't a job anymore that you would have a little group of guys that reassure you that you can sleep at night. This is the kind of thing where you want good analytics. We need to consider everything from swipe activity on our doors through to people on our website.
Despite wanting to increase the company investment in Splunk, Bidwell had one gripe he hopes Splunk addresses in future. Splunk's comfort zone is log data ingestion. However, it can be difficult to parse complex extracts. Bidwell said:
[One of the challenges has been] around the tools of getting the data in. There is a little bit of complexity to that. It's kind of a strange situation really, it's often easy to get data in, but then sometimes for some reason it's really hard. Things like logs, it's clearly been designed around that from the outset.
Then perhaps you want to cross reference stuff that isn't so systems orientated, that becomes a littlebit more complex. We analyze stuff that's like historical data in databases, which is in a table format, whereas Splunk is based on events. So this conversion from flat table into events, isn't a natural thing. We have had to write some middleware to deal with that.
However, Bidwell is quick to note Splunk's positive impact on Kurt Geiger's daily operational performance. He said:
The stand out benefits include bringing everything together in one pot. There is a team of people that do reports, a business analysis kind of thing. There are the groups of people that have their own systems, where they are doing Excel spreadsheets and are passing those around. The main thing is that we kind of have it all together now, so that we can cross reference things that are happening in the business. We are not reporting on what happened yesterday anymore, we are looking at what's happening now. That's a major difference in the way we are doing things.