As one of the fastest-growing subsets of data in the enterprise, machine-generated logs can be expensive to retain for extended periods of time, which leaves CIOs with a dilemma. They either have to foot the bill, or discard old information after a certain point and lose potentially valuable insight into their operations. Splunk Inc. wants to ease the trade-off for its users by shipping cost optimization functionality with the latest iteration of its analytics platform that provides the ability to customize storage settings according to an organization’s budget.

The feature can make keeping logs in the platform between 40 and 80 percent cheaper than before at the expense of some query performance, according to the vendor. Customers run the risk of noticeably slowing response times at the higher end of the spectrum, but seeing how historical analysis projects aren’t particularly urgent by their nature, that should be an acceptable price in many environments. Another factor working in favor of the feature is the fact that Splunk Enterprise 6.4 packs new data sampling functionality for the event that a user does find themselves having to create a report on short notice.

The addition removes the need to work directly with an organization’s main dataset by making it possible to extract a small subset that can be processed much faster and easier. Analysts are able to reduce amount of time it takes to create a new dashboard even further using the new pre-built graph templates added in conjunction, which require only a limited amount of customization before they’re ready to be delivered. The end result is that decision-makers gain access to important information faster without having to spend significant more on storage capacity.

Customers can take advantage of the functionality to speed up the analysis of a wide range of machine-generated data workloads, including several new types that Splunk is adding to the list on occasion of the launch. Its platform is now able to ingest operational logs from AWS, the Akamai content delivery network and ServieNow’s cloud-based automation platform.  The release also introduces support for two of the world’s most popular authorization services, Okta and Active Directory, to help organizations prevent unwanted activity in their deployments.

The integration makes it possible to ensure that users only access into the platform from end-points that have been approved by the IT department and meet certain security standards. It’s complemented by new access controls designed to similarly restrict what administrators can do in their Splunk environments so as to prevent a hacker from causing too much damage if they somehow manage to take over a privileged account. The functionality is available immediately for both the on-premise and cloud-based editions of the software.

Image via Geralt