Splunk Makes Its Platform Play

A Massachusetts company called Prelert released a new application yesterday that combines machine learning and predictive analytics to detect and report anomalous behavior emanating from  IT infrastructure. If that sounds a lot like what Splunk does, you’re right.

In fact,  Anomaly Detective is a downloadable app that runs on top of Splunk Enterprise. The release ties into Splunk’s push to position Splunk Enterprise as a Big Data application development platform as much as a suite of Big Data applications itself. Splunk released a software development kit for JavaScript to GA in October, followed by two new SDKs, one for Java and another for Python, in December.

Speaking about the SDKs in December, Splunk’s Paul Sanford said, “We want to empower developers to build big data applications on the Splunk platform and to understand that you don’t need large-scale development efforts to get big value. That’s a key driver behind the development of these SDKs, helping developers quickly get started with Splunk software, leveraging their existing language skills and driving rapid time to value.”

Splunk originally developed and sold software to IT departments to make sene of machine-generated data, mostly log files from corporate data centers, and over time built an impressive library of task-specific applications like network management and application monitoring. With its suite of SDKs, Splunk believes it can develop a new and profitable revenue stream by opening up Splunk Enterprise to outside developers.

Ideally for Splunk, outside developers like Prelert will build applications on top of the Splunk platform that compliment it or fill holes in Splunk’s own library of applications.

For example, Prelert CEO Mark Jaffe said Splunk makes it easy for a hypothetical retail flower shop to bring together all the machine-generated data associated with a customer order that failed to execute. But to identify the cause of the problem requires a person to drill-down into the data and investigate. Anomoly Detective, he said, iuses machine learning to pin-point the root cause of the failed order without human intervention.

The move to position itself as a platform is a smart one by Splunk, not unlike Apple’s decision to open up iPhone apps to outside developers in 2007. The move makes it easier and more likely that existing customers will extend their use of Splunk with new apps from ISVs and outside developers, and could attract new customers with highly-customized needs. The risk is that outside apps begin to cannibalize Spunk’s existing application business.

But that’s a risk worth taking. Splunk was the first Big Data pure-play to go public (in April 2012) and the company is under the usual pressure from investors to continue its strong quarter-over-quarter growth. The company reported $52 million in revenue in its fiscal Q3. Splunk is also the subject of acquisition rumors, with Oracle and IBM the most likely suitors.

Its also good for the market. The application layer is where the real value of Big Data will be realized, but we’ve seen pitifully little activity in this space over the last couple of years, Splunk being a welcome exception. By making its popular platform open to outside developers, Splunk could play an important role in jump-starting the Big Data application market.