Search fuels one small firm's dream of big data success

Splunk Inc., a San Francisco-based enterprise software provider with an unusual name, has been selling its search-engine product to the federal government since 2006. Now it is doing what so many other IT companies have done before it: expanding its footprint in the Washington, D.C., area.

The company recently moved into a 10,000-square-foot office facility in Bethesda, Md., which also will be home to the Splunk Center of Excellence, a hands-on cybersecurity and analytics lab and training center.

The company was founded by data center managers Erik Swan, Rob Das and Michael Baum, who wanted to create a search solution that could be used for rapid and secure searches across multiple sources of IT data, similar to what Google and Yahoo! were doing commercially, he explained.

They initially thought of banks and financial institutions as their targeted market.

Tony Ayaz, Splunk’s vice president of federal sales, said the company had been tackling big data for some time and got into to the federal sector just as cybersecurity was becoming a hot ticket item.

“We’ve come up with a way to understand multi-sources of data; we can take multiple sources of data at one time; in other words you don’t have to parse the data” before attempting to discern patterns and glean information, he said.

“This allows people, if you will, to use us as a kind of Google data center,” Ayaz said. “They can ask any type of questions they want to ask of their data – whether it’s cybersecurity related, whether it’s basically finding a needle in a haystack [in] a very complex environment.”

The company’s sole software product can be used for a multitude of search tasks that probe deep into data from a variety of sources, a technology that spawned the name Splunk, from the cave exploring pastime known as spelunking.

Splunk gained its footprint into the federal market through targeted banner ads online and trade show demonstrations to reach the systems integrators and the program developers.

Ayaz recounted the story of a State Department technical director who learned of Spunk’s software when one of his analysts downloaded the program from the company website.

He then successfully completed a year-long project within 48 hours and at one-quarter of the price.

“That’s our entry point,” Ayaz said. “It’s very cheap when you come in. You don’t have to sign a half-million dollar or a seven figure contract with us. You can start small or you can start large.”

He compared Splunk’s sales model to that of the cell phone industry. Annual and perpetual licenses – which begin at about $5,000 – are sold according to clients’ anticipated monthly usage with some overage allowed at no extra cost.

“It’s how many minutes you use. But we also look at how much data you’re analyzing in a 24-hour period. The more data you use, the price goes up. If you’re not using it, we don’t care how many seats, how many users [there are].”

Splunk didn’t target agency CIOs to gain market entry. It went after the contractors because they could use the company’s software without first having to jump through many government hoops just to make a presentation, he said.

“In the government, even if a C-level [executive] comes in and tells them to use something, they’ll use what they think is proven. So we use the strategy that if we can prove it to these guys to solve their problems, we’re going to have advocates for us,” Ayaz explained.

He credits some of the larger integrators such as Lockheed Martin, General Dynamics IT, and Northrop Grumman with helping Splunk software gain a larger footprint in the federal marketplace.

“SAIC actually is another key integrator,” he said. “They’ve deployed us internally for the management of their data centers. The integrators really get the value of this. They’re really in the front lines.”

The State and Energy departments were among Splunk’s first federal customers. They were followed by the intelligence community and the Centers for Medicare and Medicaid Services – all of which have an unending need to crunch big data.

“Some agencies still do sole-source justification to get Splunk inside their environment because there is nothing else out there like us and we’re known for security, forensics, scaling with lots of data, etc.,” he said.

In 2011, Splunk added the Federal Emergency Management Agency and the National Oceanic and Atmospheric Administration as government clients.

“Army is another big customer of ours,’ Ayaz said. “They use us anywhere from operations management down to cybersecurity.”

In fact, the private company recently experienced year-over-year total revenue growth of 95 percent for the quarter ending in October 2011, Ayaz said.

“Another thing that we’re doing now is continuous monitoring, it’s a big topic” for data center security, he said. “You have all this stuff running in your data center [so] how do you get the operations guys to talk and share with the security guys?”

Splunk can correlate the usually siloed data center information with security information and pinpoint any breach or anomaly, he said.

Looking ahead, Ayaz said big data and the cloud are the areas in which the company wants to grow “because that is really the core of why the company was founded, to take these really complex problems in the data center and monitor them, and alert you to what’s wrong.”

He predicts that Splunk’s next big client will be the Defense Department “just in terms of sheer volume of data that’s changing every day and the big challenges they have in front of them.”