Washington, DC

May 16, 2013
Ronald Reagan Building


Please join us at SplunkLive! Washington DC - and learn how more than 5,200 enterprises, universities, government agencies and service providers in over 90 countries use Splunk Enterprise to gain Operational Intelligence that deepens business and customer understanding, improves service and uptime, reduces cost and mitigates cyber-security risk.


Is your mind already churning with ways Splunk can help you to address challenges in your environment? Our customers share their stories to provide further inspiration.

Godfrey Sullivan 
Chairman and Chief Executive Officer
Michael Chertoff 
Co-Founder and Chairman, The Chertoff Group
Former Secretary, U.S. Department of Homeland Security
Jesse Trucks 
Cyber Security Engineer
Oak Ridge National Laboratory (ORNL)
Chris Butler 
Technical Director, IT
CGI Federal
Don Mahler 
Manager, Enterprise Performance Management
An American Defense Company that Provides Scientific, Engineering, Systems Integration and Technical Services and Solutions
International Financial Institution 


The support of our sponsors is very important to us. SplunkLive! Washington DC is sponsored by AppDynamics, Carahsoft, Coraid, Extrahop, FileTrek, FireEye, Function1, Hurricane Labs, Palo Alto Networks and Prelert.



  • 9:00am – Welcome, Agenda Overview
    Presented by Bill Cull, VP Public Sector, Splunk
  • 9:10am – Splunk Overview
    Presented by Godfrey Sullivan, Chairman and Chief Executive Officer, Splunk
  • 9:40am – Operational Intelligence Demo
  • 10:00am – Guest Speaker
    Michael Chertoff, Co-Founder and Chairman, The Chertoff Group and Former Secretary, U.S. Department of Homeland Security
  • 10:40am – Customer Presentations
      » Jesse Trucks, Cyber Security Engineer, Oak Ridge National Laboratory (ORNL)
      » Chris Butler, Technical Director, IT, CGI Federal
      » Don Mahler, Manager, Enterprise Performance Management, An American Defense Company that Provides Scientific, Engineering, Systems Integration and Technical Services and Solutions
      » International Financial Institution
  • 12:00pm – Lunch
  • 1:15pm – New Technical Sessions, 1-4
      » New to Splunk: Splunk 5.0 - Splunk Enterprise 5 is our newest release and delivers fast reports, enterprise-class scale and resilience built-in, and a powerful platform for enterprise apps. We'll walk you through the new features including report acceleration, dynamic drilldowns, integrated PDF generation, index replication, modular inputs and much more. We’ll also discuss how the Splunk platform can provide better interoperability for Hadoop users.
      » Splunk Essentials: Search Language, Beginner - Did you know you can do crazy useful things with Splunk's search language? Sort, use fields, apply wildcards - but even better, it allows you to drill down into the results using Splunk's Search interface timeline. This session will show some concrete examples of how to use Splunk with web access and other types of commonly used data so you can craft simple but powerful searches based on what's interesting in your data. Learn the basics of the Splunk search language in this beginner class.
      » Splunk The Platform: Splunk Big Data Architectural Patterns - In this talk, we’ll examine architectural patterns for integrating big data technologies, delivering rapid visibility and insights to IT professionals, data analysts and business users that accelerate the adoption of big data in the enterprise. The session will dig into the technical details of what it takes to process terabytes to petabytes of data a day. We will review best practices to scale your Splunk using Splunk with Hadoop and Splunk with database environments.
      » Get your Security Geek On: Search and Discover the Bad Guys in 60 Minutes or Less - Splunk Search Processing Language (SPL) – in concert with selected Splunk Apps – can provide valuable insight even to the most advanced intrusion analyst. Beginning with a clean install of Splunk and the addition of appropriate Splunk Apps, you’ll experience how Splunk SPL Language can be used to maintain situational awareness on threats and identify bad actors, compromised hosts, internet attackers and suspicious users. 
  • 2:15pm – New Technical Sessions, 5-8
      » New to Splunk: Splunk App for VMWare - Are you experiencing a rise in data volume within your virtualized environment? Is complexity becoming overwhelming as you link application, virtual machine, and other infrastructure data sources to boost performance? Attend this technical session to learn how you can gain operational insights and analytics into performance, availability, security, capacity and change tracking using the updated release of Splunk App for VMware. See how you can correlate virtualized data with all other technology tiers including applications, operating systems and hardware infrastructure for holistic visibility and monitoring across your IT operations. Deployment and installation of the App will also be addressed.
      » Splunk Essentials: Architecting for Scale - Best practice guidelines for an architecture system suggest one indexer per 100GB. But, what about systems beyond 100GB? What should you consider prior to starting, or growing, to a multi-server system? What approach should you take? This session will dive deep into scaling hardware for indexing and searching in a distributed environment.
      » Splunk The Platform: Introduction to Splunk’s Developer Platform - Customize and extend the power of Splunk. Learn how you can develop on Splunk as a platform using Splunk’s APIs and SDKs. We will walk through some sample code and cool demos using the Splunk’s SDKs.
      » Get your Security Geek On: Extending Splunk with Machine Learning, 3 Use Cases - Machine learning predictive analytics can extend and accelerate the value you derive from Splunk by automatically detecting normal behavior patterns in your data and identifying changes that can impact performance or cause security issues. Through Rich Collier's work across a broad spectrum of organizations implementing advanced analytics, he has identified 3 key use cases of significant benefit to Splunk users from the early stages of Splunk adaption through to expert applications.
  • 3:00pm – Happy Hour hosted by AppDynamics, Carahsoft, Coraid, ExtraHop, FileTrek, FireEye, Function1, Hurricane Labs, Palo Alto Networks and Prelert


Who Should Attend

Already using Splunk and a pro?

Great, join us for the customer presentations and breakout sessions in the afternoon. SplunkLive! is a great opportunity to swap ideas and start to form the Users' Groups you'll help to keep running throughout the year.

Intermediate level Splunk and looking to ramp up your instance?

You can always learn from customer and the solution area presentations. Stick around for the Advanced training session to build the dashboards of your dreams.

New to Splunk?

The overview, gives a primer on the value Splunk delivers. Customer and solution area presentations give you ideas of where you can go. The beginner tech session will help you to get started.



Thursday, May 16, 2013

From 9:00am to 4:00pm


Ronald Reagan Building & International Trade Center
1300 Pennsylvania Avenue NW
Washington, DC 20004

T: 202.312.1300
Hotel Website


Do More With Splunk

Apps and add-ons extend the capabilities of Splunk and make it easier to use. Download a few or share your own creations on Splunkbase.

Have questions? Splunk Answers!

Have questions about how to do something in Splunk? Get answers fast!

Splunk life!

Follow your favorite Splunker on Splunk>Blogs.

What Splunk customers are saying

"I was amazed at what Splunk was capable of doing basically right out of the box. Now I'm looking for other ways to use it."
VP of IT Infrastructure, Insurance and Business Services Company

"SplunkLive! ROCKED! I am glad I got the opportunity to attend and meet people who are growing their business through the use of Splunk. It gave me a lot of new ideas on how we can leverage Splunk to make our lives more efficient and exciting."
Information Security Manager, Leading Global Entertainment Content Company



Do I need to pay to attend?

No, SplunkLive! is free to all. Join us in the morning and learn what other Splunk Customers are using Splunk for and attend the workshops in the afternoon.

Should I bring my laptop?

Yes! Make sure to download Splunk first: http://www.splunk.com/download

Will there be wireless internet?

Yes! There will be an announcement at the beginning of the day covering network and passwords.

What time should I show up?

We start promptly at nine - make sure to arrive by 8:30 am to ensure a good seat!

Is there a dress code?

Dress code is business casual. If you want show your Splunk pride by wearing your favorite Splunk t-shirt—that's also welcome!

Will parking be included?

Unfortunately Splunk doesn't cover parking expenses but we'll include lunch and a collector's t-shirt!

Does SplunkLive! count towards any certifications or accreditations?

Yes, attending SplunkLive! counts as Continuing Professional Education Credits (CPEs) for ISC2 certifications, including: CAP, CSSLP, SSCP and CISSP certifications. Contact education@splunk.com to obtain proof of your attendance.