How can we facilitate a users interaction with terabytes of log data?

Our guess: by allowing them to step through it one step at a time. 

Our Goal: create a interface that allows a user to physically ask questions of the data by directly interacting with objects on screen.

The Graphistry investigation interface was created to allow a user to pull in data from multiple supported sources like Splunk or ElasticSearch, shape and correlate the data, and ingest it into a single visual environment.

Within that environment, we focused on the users ability to understand an overview of the data, zoom into the details of an area of the graph, and continue to dig details on the relationships out by using context menus and other drill down mechanism.

We also supported the ability for a user to create a template from their workflow, and save and share these hands-on “playbooks” to team members who might want to ask the same questions about a similar incident or dataset.