Book Image

Learning Hunk

By : Dmitry Anoshin, Sergey Sheypak
Book Image

Learning Hunk

By: Dmitry Anoshin, Sergey Sheypak

Overview of this book

Hunk is the big data analytics platform that lets you rapidly explore, analyse, and visualize data in Hadoop and NoSQL data stores. It provides a single, fluid user experience, designed to show you insights from your big data without the need for specialized skills, fixed schemas, or months of development. Hunk goes beyond typical data analysis methods and gives you the power to rapidly detect patterns and find anomalies across petabytes of raw data. This book focuses on exploring, analysing, and visualizing big data in Hadoop and NoSQL data stores with this powerful full-featured big data analytics platform. You will begin by learning the Hunk architecture and Hunk Virtual Index before moving on to how to easily analyze and visualize data using Splunk Search Language (SPL). Next you will meet Hunk Apps which can easy integrate with NoSQL data stores such as MongoDB or Sqqrl. You will also discover Hunk knowledge objects, build a semantic layer on top of Hadoop, and explore data using the friendly user-interface of Hunk Pivot. You will connect MongoDB and explore data in the data store. Finally, you will go through report acceleration techniques and analyze data in the AWS Cloud.

Related Content you might be interested in

Current Title:

Small book image
Learning Hunk
Dmitry Anoshin | Sergey Sheypak
Dec, 2015 | 156 pages
No titles found
Table of Contents (14 chapters)
Learning Hunk
Learning Hunk
Credits
Credits
About the Authors
About the Authors
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Meet Hunk
Meet Hunk
Big data analytics
The big problem
The elegant solution
Getting to know Hunk
Hunk architecture
Setting up Hadoop
Starting the VM and cluster in VirtualBox
Big data use case
Summary
2
Explore Hadoop Data with Hunk
Explore Hadoop Data with Hunk
Setting up Hunk
Exploring data
Controlling security with Hunk
Summary
3
Meeting Hunk Features
Meeting Hunk Features
Knowledge objects
Introducing Pivot
Summary
4
Adding Speed to Reports
Adding Speed to Reports
Big data performance issues
Hunk report acceleration
Hunk accelerations limits
Summary
5
Customizing Hunk
Customizing Hunk
What we are going to do with the Splunk SDK
Dashboard customization using Splunk Web Framework
A description of time-series aggregated CDR data
Implementation
Custom map components
The final result
Summary
6
Discovering Hunk Integration Apps
Discovering Hunk Integration Apps
What is Mongo?
Counting by shop in a single collection
Counting events in all collections
Summary
7
Exploring Data in the Cloud
Exploring Data in the Cloud
An introduction to Amazon EMR and S3
Integrating Hunk with EMR and S3
Converting Hunk from an hourly rate to a license
Summary
Index
Index

The elegant solution

What if we could take Splunk and put it on top of all the data stored in Hadoop? This is what Splunk actually did. The following shows the names Hunk was derived from:

Let's discuss some goals that Hunk's inventors were thinking about when they were planning Hunk:

  • Splunk can take data from Hadoop via the Splunk Hadoop Connection App. However, it is a bad idea to copy massive amounts of data from Hadoop to Splunk, it is much better to process data in-place, because Hadoop provides both storage and computation; why not take advantage of both of them?

  • Splunk has the extremely powerful Splunk Processing Language (SPL) and it has a wide range of analytic functions. That's why it is a good idea to keep SPL in the new product.

  • Splunk has a true on-the-fly schema. Data that we store in Hadoop changes constantly. So, Hunk has to be able build a schema on-the-fly independently of the data format.

  • It is a very good idea to provide the ability to make a preview. As you know, when searching you can get incremental results. It can dramatically reduce outage. For example, we don't want to wait till a map reduce job finishes; we can look at the incremental result and, in the event of a wrong result, we can restart the search query.

  • Deployment of Hadoop is not easy, and Splunk tries to make the installation and configuration of Hunk easy for us.

Supporting SPL

Let's discuss more closely the reasons for supporting SPL. You are probably familiar with Splunk and SPL and know how powerful and flexible this language is. These are some of the advantages of SPL:

  • Naturally suitable for MapReduce

  • Reduces adoption time for people who are already familiar with Splunk

There are some challenges in integrating SPL and Hadoop. Hadoop is written in Java but all SPL code is in C++. Does SPL need to convert to Java or reuse what Splunk has provided? Finally, it was decided to reuse C++ code entirely.

Intermediate results

No one likes to look at a blank screen. A lot of people using other tools such as Pig or Hive have to wait until the query is finished and you have no idea what the query is actually retrieving for you. Maybe you made a mistake, but you didn't know about it; you will have to wait till the job is completed. It is a kind of frustration—running queries and waiting for hours.

That's why the Hunk team gave their users the ability to preview the result. You will be able to play with this in future chapters.

Previous Section
End of Section 4
Next Section