Splunk Enterprise

Vorteile

The system is highly intuitive to use. It is faster than other solutions I've used on the market and has a huge library of 3rd party plugins to get more from the system. It is easy to create scheduled searches, dashboards, reports etc. but there are a number of additional plugins (at an extra cost) to help with security, single pane of glass and metric collection.

Nachteile

It offers challenges for a decentralized working model. Where Splunk is centrally managed, it is easy to ensure that best practices are maintained. Where the system is opened up for an entire department to utilize and on-board their logs, it becomes more difficult. However, with some creative thinking and good process, this issue can be overcome.

Vorteile

Splunk makes it easy to search through various data including logs. In the past I have had to pour through logs in order to find the one lines among the 100 of thousands of lines. Splunk allows me to search through those logs in a matter of seconds vs the hours it used to take.

Nachteile

Most of enterprise setup is done through the command line. It would be nice to have cluster configuration (index creation) as part of the UI.

Vorteile

Splunk Visually represents the logs mainly from production servers in the web UI .

People who Usually has no access to logs in production servers, will access the logs through splunk UI with very simplified and friendly search query.

It has lot of features like you can query for particular date and time range with specific characters. The search engine is very fast which will bring the query response effectively.

we can access all types of logs including XML and JSON.

we can create a custom dashboard with custom query for each projects and can relatively trigger the email to the support team in case of any issues.

This tool is boon for production support team in any enterprise company.

Nachteile

Licensing cost is quite higher for enterprise usage.

Query response time will be slow when you are searching for relatively longer history(Eg. 3 months old data)

Vorteile

Love the ease of being able to log various performance statistics for our applications whether it’s documenting response times or any failures

Nachteile

Some things like figuring out the ways plunk structures it’s queries for search is difficult. Seems like documentation is not very straightforward

Vorteile

It allows me to bring a lot of information into one friendly view. It's a great security audit tool.

Nachteile

It has limited functionality. It is a very memory intensive system. It does not integrate with Lennox.