 Live from the MGM Grand Hotel in Las Vegas, extracting the signal from the noise. It's theCUBE, covering splunk.com 2015. Brought to you by Splunk. Now, here are your hosts, John Furrier and George Gilmore. Okay, welcome back everyone. We are here live in Las Vegas at the MGM Grand. This is Silicon Angles theCUBE, our flagship program. We go out to the events and extract the signal from the noise. I'm John Furrier, the founder of Silicon Angles. George Gilbert, Wikibon's big data analyst. Our next guest is Kevin Davis, VP of the public sector with Splunk. Welcome to theCUBE. Thank you very much. It's great to be here. Thanks for coming on, sharing your insights. Obviously, talking to all the execs at Splunk. Let's break and get all the data and share the information. Public sector, government, I'll see. We've been seeing, certainly during the Obama administration, a huge off-boarding of siloed to more cloud. You're seeing more democratization, use that word. That's all great for politics. Making it all work in an agile way. Cloud has been an answer there. Big data, certainly. Share with what's going on with public sector within Splunk and how that's tied into, certainly your relationship with Amazon, so we've seen some stuff there. What's the update? Yeah, so the public sector business for Splunk is a very fast growing one. Both in terms of new folks joining my team, as well as customers across state and local government, higher education, and of course, federal as well. Cloud is definitely a strong buzzword and focus for us. There's a cloud-first mandate out there. Where it seems to be most applicable for my customers is the state and local business. We're seeing them go a little bit more quickly into that area. It's a little bit easier for them to do that. In fact, the city of Austin and the city of LA are here at .conf, speaking actually, on our behalf. So just, yeah, very excited about that. Just a quick follow-on on that. That seems to fit with our assumption that smaller organizations are squeezed for the skills to get some of these distributed systems up and running. Is that the reason for moving to the cloud for them? That's right. We refer to it sometimes as the easy button. I think it's a little bit easier when you've got a smaller infrastructure, a smaller footprint, and some of my customers, understandably, have a lot more things that they need to worry about. Department of Defense is an obvious one, where they've got a lot more checks and balances that they need to go through and mission-critical systems before they just jump into the cloud and move over that way. So security's been a big theme here, right? So obviously, public sector, you know, you got out of the Snowden link, we could discuss that till the cows come home. But still, more importantly, there is a data issue, right? Sharing the data, what data can you have access to? It's almost like a zillion IT departments sprinkled all through the government. But yet, open data has been a big theme. What's your take on that? How are you guys vectoring into that trend? What products are you guys selling into and enabling for the government market? Yeah, so you're right, security is a huge part of my business. It's the majority, it's over 50% of my business is security-related. The open data mantra, we have something called Splunk for Good. And that's something where we've actually have a team of folks that look at some of these open source, open data, and how can we do some good back for our customers? But security, who has access to the information, is a critical one, right? You need to make sure that you've got these big data systems, that you're setting them up properly, that you're setting security in the proper way so that folks aren't getting in and seeing information that they shouldn't be. So in terms of your customer base, is there like a preference for certain cloud? I know Amazon has had a great success with the CIA deal. They kind of trumpet that around, oh, look at, see where we can win the government, now there's been some, you know, some shadows around IVM involved, but even to the day, provisioning and getting stuff up and running fast is the theme. Yes, it is, you know, AWS, we are all in on AWS, where they're very strong partners of ours. We many times go on multiple meetings together with our customers, and so that continues to be a push for us in an area of focus for that. We are excited to be in GovCloud, we are focused and headed, we're all in for headed towards FedRAMP as well, and that will be part of the AWS Cloud. So Kevin, following on the AWS, even if they've simplified the sort of raw infrastructure, as we were talking earlier about, you know, you're at a scale, the government is at a scale of agencies where they have so many clusters of Hadoop and potentially Splunk, there's a scale where we haven't solved the problems of how to get the information out, because in a cluster, we know how to do it. What about when you have dozens, hundreds, thousands? Yeah, it's one of those that folks really jumped into Hadoop, they've gone with those systems. However, I, personal opinion, I think they're still struggling with what to do with all that data, how to get it out, especially when you're going across clusters, across systems as well. That's still something to be figured out. Now, can Splunk layer over some of these things and give you a view of that, and also going back to a previous question on security, does Splunk tell you after the fact that you've had a problem, or can it tell you your policies as they're being designed are proper? Yes, so the first question there about being able to layer over those new clusters, the answer is yes. From a security posture standpoint, the answer is absolutely. And in fact, I'm very excited about what we saw today with the IT service intelligence, and being able to really display the dashboards. What are the SLAs? What are the things that are important to you, the postures that you can catch it in real time? And I've got a customer example of somebody within one of my customer base that actually did just that. So many of the organization, their email system went down, my customer using Splunk was actually able to catch, it was a phishing attack, and they were able to catch that, put basically a fence around that, and eradicated from their system, and their system did not go down to the level that the other customer did. So part of our, when we look at the customer sort of maturity model, we see one pilot and it takes often two years to get into production. You're obviously in a very different world. When you've got Splunk looking across some of these clusters, what's the scope of visibility? Yeah, and it's interesting, Crawl Walk Run is a typical customer for us. Nobody's got really a line item in government yet for something that is Splunk or Splunk-like. We're very disruptive in that manner, which is why we're here in September, the end of the federal fiscal year, and it's going to be a significant time for my business because they're just kind of figuring out how to get their arms around this. But back to the Crawl Walk Run, many of my customers start with a very small use case, but then they start to see the power of what's possible, especially around security. We're also introducing different groups within the agencies. One is using it for IT operations, another is for security. I've got a real world example where two of them have come together and now they're working from the same room, a single pane of glass, both doing different functions with Splunk. It's very exciting. Well, how about the consumption? You mentioned Walk Before You Can Run. That's government. It's always a procurement nightmare on one level, but it's also proved your business case, right? So it's very much show me the model. So like you guys have that model. Can you give us an example of where you guys have been successful? Also, government doesn't have a lot of IT. Sure. So a lot of those things are kind of circulating around. Yeah. Yes. So right now with the unfunded requirements, right? They stack-rank what they need and then they buy on that Splunk. Unlike any other company I've been with, Splunk is at the top of those lists. We're number one for these unfunded requirements. If I look at somebody like the Department of Energy who continues to do just amazing things with our product, specifically around security and some other areas as well, Pacific Northwest National Labs was actually one of the beta testers for ITSI. And so we see this adoption of really getting the understanding, the value of Splunk quickly. What's your take on ITSI? Okay, intelligence, service intelligence is a big deal. You're kind of getting into the service management business through security and operational intelligence. So IT ops meets security in real time. Yes. What's your take on this trend and what does it mean to the customers out there? I think it's a very strong answer for the executive. I was out in Sacramento just last week, very strong Splunk customer. And when we started to kind of give them a read ahead on comp, they couldn't believe it. They were very excited. In fact, they sent, I think three people here for comp to see that. I think it's a game changer. I think when you've got all of this data and the ability to ask it questions, but now a lot of the Splunk folks want to get the visibility to the executives and ITSI I think is an opportunity to do that. So on your, on the customer journey, take us through an example where someone's kind of walked, now they're running. Okay. Yeah, you know, try to think of the best ones. So I look at probably the United States Postal Service, right, that started off with just monitoring who is buying labels, right? And are they shipping, are they using stolen credit cards, shipping things abroad for free, right? And stolen goods, right? So it starts at a security mantra, security posture there, but then getting into IT operations and looking at the applications that are running. That's a traditional kind of use case in how we evolve across our customers. Talk about the number one conversations that you're in. What are the top three conversations that you're involved with customers? Yeah, one of the big ones right now and as we've talked about the adoption of our customers and as they go to the walk and run, it's around adoption and how do they do it without breaking the bank? So we have these, what's called enterprise adoption agreements that we've put in place to really help with fiscal budgets, as well as just making sure that we don't break the bank. And so it's a strong focus area for me and my team and working with our customers there. All right, so give us the breakdown on cloud. So tomorrow is day two. We're talking about cloud and security. It's going to be a big focus. We'll have a head of products on. Cloud is a big deal. So what are some of the cloud computing trends that validate the governments to feel okay about going into the cloud? And what are some of the threshold issues that need to be addressed for public sector to be, quote, cloud native? What we're really seeing is that the barrier for entry, the cost for entry is very low. The ability to size and scale their system very quickly as well. And I think what we'll start to see now is the integration, right? The integration in the cloud. One of the real keys of Splunk is the ability to work in a hybrid model as well, right? So my customers, they can't go all in just yet. So we'll work on-prem and we'll work in the cloud as well. A hybrid model seems to be really working well for us. Can you share any color or insight into around access to data? Huge issue, right? Is that my data? Who's got what data? Sharing is a great thing. We're in a sharing economy, but yeah. Yes. Well, absolutely. If you look at my customer base, right? From the IRS and Treasury to HHS, Health and Human Services, that is critical. And making sure that we're setting up the security parameters for the folks with access to that data is critical. And it needs to be part of your architecture as you set that up. Encryption, part of that. Do you see encryption being a big role? I do, and I think it's more just about preventing or allowing access to the right person. You know, one of the things that we found when we surveyed sort of customer maturity model is this, the very most sophisticated customers, the Googles, the LinkedIn, Facebook, they can pick and choose from hundreds of open source projects. And in fact are the source of many of them. But the further you get down the maturity model, perhaps earlier in the deployment, the more homogeneous it is. Do you find that as well? And is that advice you would give to your customers? And if I think if I hear your question correctly, it's kind of, in my world, it's kind of the open source first mantra that they follow. At the high end, but it's how many vendors? Cause it could be like, you know, one vendor could tie together sort of a Hadoop ecosystem into a package, sort of. Sure. But all the way at the extreme is, you know, run Databricks as a service or run, you know, Cloudera as a service. Sure. So we are absolutely seeing that in, and the systems integrators are very much in the line with trying that. I think as we hit into the production models, and you know, I talked about the easy button before, competing with a Splunk-like product, creating that from the ground up. We do have open source competitors. Always happy to do the Pepsi challenge with them, but I think what the customer base is really seeing is the time to value the ability to scale working in production. Oh, this is, all right. So then I wasn't articulating quite right because I'm thinking of Splunk as helping to manage that mess. I gotcha. And you know, for the very, very large customers who can tolerate that mess, maybe not as much need for Splunk, but as we move down the maturity curve. Gotcha. You know, there's greater need because the burden's too great. And really whether it's open source or what it is, the complexities of those applications are just permission critical, obviously. And so Splunk's ability to really, and we look at like the joint strike fighter, the connections, right, the different applications and how they're using Splunk to make sure that your APIs are working, that your connections are working, and making sure that your systems are stood up. Whether it's open source, one of the major vendors out there, Splunk is very good in working in that type of environment. Kevin, last question, because we got a break here. For the folks watching this live broadcast that aren't here, what's happening at the show? What are the important things to watch here and why is this year different than last year for them a customer standpoint? So I was day eight putting at Conf last year. I was here one week and one day. And I think the really great thing that you're seeing is the acquisition of Caspita and now renamed UBA, right, and ITSI. And so you're seeing the investments that Splunk is making, whether we're going on and buying companies or homegrown, that that now is such an exciting time, it's fantastic. Yeah, you guys are doing more this one in a quarter than how they have traditionally done in the years, our fourth year, sixth year of the Dock's Conference. So huge growth, I mean, they're a big company now. They're one of the big boys. Yes, and for me, what I'm even more excited about, so I've, security business is obviously very strong for us. But when I saw Snehal and our CTO talk about the internet of things, right, and analytics, those are areas that my customer, with all the data that we talked about before, they have what a great opportunity for us. Making sense of the data, using that into the software, making, having good software that's data-enabled, data-centric, George, your systems of intelligence report. Looking good right now, looking like you're on the right vector there, right trend lines. The Cube, we're here live in Las Vegas for Splunk.Converse, hashtag SplunkConf. Join the conversation on ProudChat. This is the Cube, we'll be right back with more after this short break.