Before going deeper into Hunk, let's clarify what Hunk does not do:
Hunk does not replace your Hadoop distribution
Hunk does not replace or require Splunk Enterprise
Interactive but no real-time or needle in the haystack searches
No data ingest management
No Hadoop operation management
Hunk is a full-featured platform for rapidly exploring, analyzing, and visualizing data in Hadoop and NoSQL data stores. Based on years of experience building big data products deployed to thousands of Splunk customers, Hunk drives dramatic improvements in the speed and simplicity of getting insights from raw, unstructured, or polystructured big data—all without building fixed schemas or moving data to a separate in-memory store. Hunk delivers proven value for security, risk management, product analytics, a 360-degree customer view, and the Internet of Things.
While many big data initiatives take months and have high rates of failure, Hunk offers a unique approach. Hunk provides a single, fluid user experience designed to drive rapid insights from your big data. Hunk empowers self-service analytics for anyone in your department or organization to quickly and easily unlock actionable insights from raw big data, wherever it may reside.
These are the main capabilities of Hunk:
Full-featured, integrated analytics
Fast to deploy and drive value
Interactive search
Supported data formats
Report acceleration
Results preview
Drag-and-drop analytics
Rich developer environment
Custom dashboards and views
Secure access
Hunk apps
Hunk on the AWS cloud
Let's compare Splunk and Hunk:
|
Features |
Splunk Enterprise |
Hunk |
|---|---|---|
|
Indexing |
Native |
Virtual |
|
Where data is stored and read |
Splunk Buckets on Local or SAN Disks |
Any Hadoop-compatible file system (HDFS, MapR, Amazon S3) and NoSQL, or other data stores via streaming resource libraries |
|
A 60-day free trial license |
500 MB/day |
Unlimited |
|
Pricing model |
Data invested per day |
Number of task trackers (compute nodes in YARN) |
|
Real-time streaming events |
+ |
+ |
|
Data model |
+ |
+ |
|
Pivot |
+ |
+ |
|
Rich developer environment |
+ |
+ |
|
Event breaking, timestamp extraction, source typing |
+ |
+ |
|
Rare term search |
Index time |
Search time |
|
Report acceleration |
Fast: Uses index and bloom filters |
Slow: Requires full data scan within partitions |
|
Access control and single sign-on |
+ |
+ |
|
Universal forwarder |
+ |
NA |
|
Forwarder management |
+ |
NA |
|
Splunk apps |
+ |
Limited |
|
Premium apps |
+ |
N/A |
|
Standard support |
+ |
+ |
|
Enterprise support |
+ |
+ |
In the preceding table + means product support mentioned feature and NA means feature is not supported in a product.
As you saw, there are some differences. But Hunk is designed for another purpose; it is a kind face in the complex world of big data. Throughout this book, we will introduce the various features of Hunk and you will definitely learn this amazing tool.
Let's look closely at Hunk and try to understand how it works.