The security industry is increasingly embracing Hadoop as the standard for large-scale analytics. Sqrrl, Inc. is now offering to help  customers make more of the batch processing platform – and their machine-generated logs – through newly expanded integration with Splunk, Inc.’s Hunk data visualization tool.

The venture-backed Sqrrl was founded in 2012 by former NSA engineers to commercialize Apache Accumulo, a graph database the company developed as part of their work on the agency’s unique security requirements. The platform uses the Hadoop File System (HDFS) to store information and provides an added layer of control that allows administrators to control which user accesses down to the cell level, which is a level of granularity that its creators claim remains unrivaled by alternatives three years after the product.

Splunk introduced Hunk last June with the goal of making the capabilities of its flagship log management tool available for use in Hadoop clusters that are so large that moving the contents to a separate silo for analysis is impractical.  The offering packs a broad feature set that spans functions ranging from interactive search and analysis to data visualization and reporting.

As of version 6.1, which rolled out three months ago in conjunction with the corresponding release of Splunk Enterprise, the platform includes the ability to extract data from a wide range of NoSQL systems, among them Accumulo. But the integration is geared first and foremost towards the needs of Splunk customers, which means that it falls short when it comes to shuffling information in the opposite direction.

Sqrrl hopes to address that shortcoming with Sqrrl App for Hunk, which makes it possible for users to apply the graph search and cell-level access control capabilities of Accumulo to machine-generated logs. The connector also allows  customers to preview and query information stored in the database in near real-time via the Splunk interface, the startup said. That functionality that can help analysts be more efficient in uncovering insights.

Although it might come handy in other scenarios, the integration is designed primarily to support security use cases, a common focus for Sqrrl and Splunk that is only set to move higher up the shared agenda as organizations tap into their data for greater visibility of internal and external threats.The app is available immediately on Splunk’s online app store.

photo credit: Yuri Yu. Samoilov via photopin cc