Splunk 4.2 released

Splunk provides the ability for users to search, monitor and analyze live streaming IT data as well as terabytes of historical data, all from the same interface.

Splunk 4.2 features new real-time alerting, user productivity and enterprise management functionality, as well as performance improvements.

Real-time alerting
Immediate notification and response for events, patterns, incidents and attacks as they occur. Set up real-time alerts on individual and correlated events, keywords, values, patterns and statistical outliers. Take immediate action when an incident or attack occurs to send automated emails, run scripts, or post to an RSS feed.

Universal Forwarder
New dedicated forwarder delivers secure, distributed, real-time data collection from thousands of endpoints. Uses significantly less system resources while offering more resiliency than previous Splunk forwarders.

Easier and faster
New ways to visualize data, quick start guides for new users and integrated workflows for common tasks. Search experience is up to 5X faster for single-server deployments and up to 10X faster for distributed deployments.

Easier management
New centralized deployment monitoring and license management enables the management of multiple Splunk instances from a single location.