 Welcome back everybody. We are live here in the cube from Las Vegas, the Cosmopolitan Hotel at dot com 2012. That's of course Splunk's annual user conference. We're talking about big data, machine generated data, finding kind of nuggets in the gold of that data if you will. My name's Jeff Kelly with Wikibon.org and I'm here with my co-host Jeff Brick from SiliconANGLE. Hello everybody, welcome back. I'm glad to say we've been here in Vegas for a couple of days and we've and you know we had sun now we have rain but now we finally have somebody that's a little bit more Vegas centric. We've got a company that's in gambling and money and lots of fun stuff, the Swiss lottery. So we're happy to welcome George Buffery to the cube from Swissos. It's great to have you here and I know I know the gambling profession or the gaming profession before it was actually shooting people and running around in the pod, used a lot of big data and was probably ahead of the curve in analyzing data for trends and what people are doing and how they react and which machine do they play. So welcome to the cube, curious to hear about what you're doing and how Splunk has changed your business. Good question. Why don't we first start off with what do you guys do? Tell us about kind of Swissos, what do you guys do and we'll go from there. We're actually at the Swiss lottery, selling lotteries, instant ticketing and our bed as well and we have 6,000 point of sales in Switzerland and 400,000 online users on internet platform, we have our own internet platform for gaming, online gaming, instant tickets on the sports as well. On sports as well? Yeah, what we're trying to do is to have happy customers because we are actually a non-profit organization so we are not allowed to make profits. The world profit goes back to the Swiss folks, they have to use it for sport, for art, for good, how do you say that? For good? For the common good for those kind of activities that benefit the society as a whole. So if you play in our company and you lose it's not bad because you know it's for the common good. So tell us about your role there. I'm in charge of the network team and since the beginning of September as a system management team as well so a lot of stuff to do now. It's very interesting because we have 3,000 point of sales are online connected to a central in Basel in Switzerland so we have to monitor that, we have to check that everything's okay and yeah there's a lot of a lot of work to do because we also have very small teams, a small company with 200 co-workers and only 30 are working in the IT so that's not many people know what a complicated system it sounds like. So talk to us a little bit about kind of how you came to work with Splunk. It sounds like maybe digging into some of the challenges you have because it sounds like especially with such a small team you've got a big job in terms of understanding how the network is operating, any potential, probably some security issues so dig into that a little bit for us. Yes we don't have time to check at our logs every day so we have to have a tool to do that for us so the most problem that we have is that we are we are known brand in Switzerland so we're into the platform is attacked daily so we have to trace attacks to find attackers and to block them as soon as possible and we have to make sure that our gaming systems are online 24 hours seven days because if people can't play we are losing money so every downtime is related with losses so we have to make sure the money come in and people are happy to play and to win as well of course. And what we had before we had a Tivoli Enterprise console from IBM and that was our event managing system we had that for 10 years and this product was End of Life and our internet platform was outsourced and we take it back in our data centers so we generated a lot more logs and wanted to show so to dig in that logs to find out what we could improve in our platform and we was in search for new tool and we evaluated a lot of tools like RSA and vision and BMC products and other open source tools and Pat and Splunk and Splunk was a good thing for us because we tried to replace Tivoli Enterprise console first and then could do a lot more stuff with Splunk. Okay and when you were going through that process I mean part of the whole Splunk story and a lot of software companies now are well you know here take it download it load some data and go crazy so did you go through that process and just find it was tremendously successful or did you go do more of a formal kind of old-school you know kind of RFP feature functionality shoot out that kind of process. We defined one first use case to implement Splunk in our data center and that was to replace Tivoli Enterprise console and to do one to one exactly the same that we were doing for with Tivoli Enterprise console. Okay so we first found a partner and see system in Switzerland to do that and they helped us to get the best practice out to use Splunk and to shorten this learning curve that you have when you buy such such a product and we make one day workshop and then everything was clear what we had to do. Oh wow. And it took six days to replace Tivoli Enterprise console so we had thousands of lines of code that we have written in Tivoli Enterprise console rules classes a lot of stuff and we could we could make that so make it change from Tivoli Enterprise console to Splunk in six days. Wow. Ten years and then six days. It's a new world right. So characterize some of the I guess the challenges and opportunities that creating all this data bringing your your operating internet operations back in-house you know you you realize you're creating all this data so obviously on the one hand it's a challenge certainly there are you know compliance issues you've got to worry about there's you know the cost money to store the data on the other hand it's an opportunity now you've got all this data maybe we can find some ways to improve our business. Yes. So kind of how did you how did you how did you do the problems what did it end did it change as you kind of evolved and started using Splunk and some other other technologies. Yes it was actually a lot of benefits for us because it was not scary to to have all the data and to have to store them and it was actually fun with Splunk to dig in that data to find what your user had for problems and to try to fix that. So we're doing a lot of security stuff as well and after we when we've we were finished with tech, how do we say that? Implementation. Yeah implementation to change tech and we had a lot of experience with with Splunk and we could make a lot of use case and other use case with fun and find out actually what for ideas we could have with Splunk in the future so it was very interesting so we made a lot of security security stuff with Splunk to find out who are who is attacking us okay who's trying to to steal data you know databases and stuff like that so it wasn't scary at all it was it was either fun. Interesting I imagine with that you know the lottery there's people are going to want it you're going to see some bad guys essentially that are going to want to hack in there so tell us about some of the security specific use cases because we hear a lot about kind of there's two kind of core uses we're seeing as people start with Splunk kind of monitoring the IT environment but also the security so we'll tell us about some of the unique things you're doing in security wise. So the first thing we're tracing all firewall laws in this plan as we have we have not only one firewall appliance as you can imagine we have more lines of defense in our in our internal platform so we have we have front end firewalls we have web application firewalls we have the second line firewalls and what we're doing we're trying to correlate all those logs because it's multi-vendors of course so we have to we have to correlate those multi-vendors logs in in one GUI or one one big log to find out if we can find some some behaviors some suspicious behavior and also the the web server logs so Apache logs for example to correlate that with these firewall logs or web application logs to find out if someone is trying to make some slow attacks in scan scan or servers or so everything they can DNS or whatever. Yeah so you don't you don't use Splunk to keep the kid from just going down to the the copy shop and writing in the winning numbers on his ticket and go into the store. Yeah so so you mentioned a lot of security stuff what in terms of actually growing the growing the lottery growing the usage of people is Splunk helping you there and also I'm curious I don't know that we have online lottery here I guess I haven't played lately you know you got to go down to the to the local five-in-diamond and buy your tickets. How is the online presence of the games impacted or is impacting kind of the retail participation the game is in is that an interesting conversation. Yeah so nowadays as of today it's it's we're selling 10 percent of our tickets in the internet but it's growing okay and of course internet is generating a lot more logs so that's that's that's also an opportunity to know what our customers are doing and yeah we are trying to to improve the user experience on our platform so we can also trace that in Splunk to know how many logging failures do we have how many reasons password reasons requests do we have correlate that of course the whole thing is correlated with our jackpots because when we have big jackpots people are trying to play more and yeah we're trying to to do to give the user a better experience on our platform and what we will do in the future we will have more games and more user activity or also between the users they will have the possibility to chat so we will have to to monitor that as well to to show what's going on on such platforms. So so right now is it pretty much one game and then in the future potentially you have different games that appeal to different people and you can A-B test and those kind of things or the mini games? We have a lot of games you can play all of our games online so lotteries sports games and instant tickets you can play them online as well so okay we are trying to you to make all of our games available on the internet if it's possible of course. No that's that's that's wild. Yeah because that's you know as you as you grow obviously the internet side of the business that's going to create as you mentioned a lot more yeah while getting a lot more machine generated data so again challenge but also an opportunity to kind of find new insights into actually you'll have even deeper metrics that you can go to when you're looking to kind of market your game or other kind of business activities you want to do. Yes. But it's also scaling it's scaling issue. So how from from that perspective are you planning to kind of tackle that as you start to increase the amount of data you've got you've got to store it you've got a you've got a tool like Splunk to help you mine it what are the impact of this kind of big data explosion we're seeing on your organization? So of course we have to plan new storage and stuff like that but we planned it for one half year so I hope we will we will be able to deal with the data for the next four years but we are we're thinking now of buying new Splunk licenses to to bring more data because what we what we've seen is that our manager also like to see dashboards and what we're trying to to put business data now in Splunk to see how we're selling or where we're selling why we're not selling well or stuff like that so that's actually one of our next business case to have more business data in Splunk and find out why the seller went well or not. Right and how did the business guys discover that they could do that they just looking over your shoulder looking at that report can I get can I get can I get one of those on my desk or? Actually it's most of the time is where it's when we have problem with the platform and then they're they're most of the time amazed oh quick we can fix the problem and find out where the problem is okay and they're asking our developer as well are asking every day how do you find that so quickly and we said yeah Splunk so look at this there's an animality here so and we can we can point the animal to you with a finger and say okay it's here and they're they're learned to to know Splunk works when when we have to problem right yeah. So I'm sure you still have plenty of challenges around yeah strong correlations where are there some of the things you're gonna gonna be looking at going forward that you hope to tackle either with Splunk or other tools but some of the where you're kind of pressing issues maybe the next six 12 months that you're hoping to tackle. Um well good question there's a lot of stuff so what you've done to try to do is to monitor all of the storage to know when we have ice here in the earth so that's the kind of stuff and we would like to know exactly what our customers are doing so maybe to trace behavior click behavior you know stuff like this and to to be able to to to make our web platform easier to use yeah so that would be the next big challenge. Great well we hope you'll come back to the cube and let us know how it goes. I will thank you. Well thanks so much for joining us today really appreciate it. Thank you. We are here of course live at dot com Splunk user conference live in Las Vegas at the cosmopolitan hotel I'm Jeff Kelly with wikibon.org I'm here with my co-host Jeff Frick from Silicon Angle. Yep and it's fun to finally talk a little gaming here here in Las Vegas and again and I I forget who I was telling you about oh like Call of Duty or uh yeah no no like real gaming but uh yep we're here live we're going cover to cover we've got a few more great guests lined up for tonight we've got a full slate for tomorrow so we hope we'll stay with stay with us and we'll be back in just a few minutes with the next guest thanks a lot to us thank you Jeff and Jeff