How Splunk Is Riding IT Search Toward an IPO

Anyone who’s walked the exhibition floor of a large IT tradeshow might recognize Splunk for its cleverly emblazoned T-shirts and bumper stickers. It’s hard to miss tag lines such as “Finding your faults, just like Mom,” “Log is my copilot” and “Because ninjas are too busy.” But beyond quirky sayings, there’s real value in Splunk’s IT search and monitoring product. The company raised $40 million between 2004 and 2007, has more than 2,000 paying customers across 75 countries and is on pace for more than $60 million in revenue this year. It’s also planning an IPO in 2012.

So, how did Splunk get so successful it has been able to resist the siren song of acquisition and feel confident going public? The real magic is in the product, which lets users search and monitor mountains of machine-generated data via a slick, web-style interface. (I saw the product in action in early 2009, and it was incredibly intuitive even then.) It began as a tool for troubleshooting IT issues by poring through logfiles – still an incredibly useful capability – but it now lets users search, monitor and analyze even streaming data. Splunk CEO Godfrey Sullivan says the product has evolved to the point where it’s now disrupting the enterprise software model. “Beyond big data,” he says, “is operational intelligence.”

To define operational intelligence and to illustrate this disruption, he described how a “large radio company” replaced its web analytics software with Splunk after using the product to determine why website visitors were dropping off at a certain page. The customer thought it was content, but when it dug deep into infrastructure-level data with Splunk, it realized the problem was page-refresh time. He also cited “three to four big telcos” replacing their business intelligence (BI) tools with Splunk. They’re looking at traffic straight from the tower for purposes of fraud analysis and traffic-pattern analysis. What makes Splunk so popular in these situations, Sullivan says, is that customers can perform this level of analysis without setting up data warehouses, configuration management databases (CMDBs) or any of the other steps necessary in traditional BI environments.

Splunk Co-Founder and CTO Erik Swan says Splunk is even used as a replacement for, or at least a complement to, Hadoop in certain instances. Where Hadoop might be great for churning through social-networking data and creating a social graph, for example, Splunk is ideal for time-related tasks like monitoring profile changes. In fact, he says, even web sites such as Facebook, Myspace (s nws) and Zynga use Splunk to analyze operational data where Hadoop isn’t appropriate. Sometimes, he says, users try using Hadoop for certain tasks, realize it will require an incredible amount of work to make that happen, and then turn to Splunk.

Splunk has cloud computing connections, too. Swan explained how both (s crm) and its newest line of business – Heroku – use it extensively. In fact, he said, some 30 to 40 groups within use Splunk for various purposes. Swan sees a real business opportunity here. Not only can cloud providers gain valuable insights into their own operations, but they can offer up these insights – or even Splunk itself – as a tool for their customers. Based on discussions with both companies over the past several months, it sounds like a Splunk add-on is on Heroku’s roadmap.

Despite all its success – the company grew 80 percent in 2010 alone – CEO Sullivan thinks an IPO will be an important validation for the company. He thinks Splunk can be as important as the relational database, but some large enterprises are afraid to invest in a private company for fear that it’s unstable. If Splunk has a successful IPO, it will not only validate itself, but also the marketplace of startups it has spawned, including Loggly and Logstash. Of course, Sullivan acknowledged, there’s a lot of work to be done between now and then, which is why he has his “blinders on” to make it happen.

Disclosure: Loggly and Logstash are backed by True Ventures, a venture capital firm that is an investor in the parent company of this blog, Giga Omni Media. Om Malik, founder of Giga Omni Media, is also a venture partner at True.

Image courtesy of Flickr use byte.

Related content from GigaOM Pro (sub req’d):