Options
Splunk - I love it!
veritas_libertas
Member Posts: 5,746 ■■■■■■■■■■
in Off-Topic
How many others love using Splunk? Custom queries and Splunk Alerts is what I use it for mostly.
Comments
-
Options
JeanM
Member Posts: 1,117
Used at my old job, and have a free license that I use at home from time to time.
Do you have forwarders etc?2015 goals - ccna voice / vmware vcp. -
Options
Cert Poor
Member Posts: 240 ■■■□□□□□□□
I want some of this Splunk action. Is it just some awesome log file tool that can make sense out of logs from a million systems and sources?In progress: MTA: Database Fundamentals (98-364)
Next up: CompTIA Cloud Essentials+ (CLO-002) or LPI Linux Essentials (010-160)
Earned: CompTIA A+, Net+, Sec+, Server+, Proj+
ITIL-F v3 2011 | ServiceNow CSA, CAD, CIS | CWNP CWTS -
Options
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
I setup rsyslog and loganalyzer recently, good stuff. Never tried splunk, how far does the free license get you? -
Options
wes allen
Member Posts: 540 ■■■■■□□□□□
In the middle of a POC with Splunk and love it so far. Super powerful, but stays out of your way much better then the other SIEM's I have used. Plenty of really good documentation out there as well, which is also a change. -
Optionsveritas_libertas
Member Posts: 5,746 ■■■■■■■■■■
Powerful indeed and the apps (some of them you have to pay for) are great. You can pretty much "eat" anything that logs to a text file.
-
Options
DevilWAH
Member Posts: 2,997 ■■■■■■■■□□
Looked at Splunk but decided that it did not quite do what we needed with out a bit of work, I am not the monitor guy so wiped my hands of it. Very powerful, and used it at home a bit, but the monitor guy is going "trustwave" which is aimed more at security and deal with more stuff out of the box.- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
Options
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
One of our vendors uses it and from what I saw it seemed pretty good.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
Options
pitviper
Member Posts: 1,376 ■■■■■■■□□□
I've used it for call reporting in a Cisco CM environment with some 3rd party add-ons - they we're pretty cheap compared to the alternatives.CCNP:Collaboration, CCNP:R&S, CCNA:S, CCNA:V, CCNA, CCENT -
Options
PurpleIT
Member Posts: 327
I want some of this Splunk action. Is it just some awesome log file tool that can make sense out of logs from a million systems and sources?
More or less - throw data at it and you will be able to quickly search and analyze it. It is really fairly simple especially given how powerful it is.I setup rsyslog and loganalyzer recently, good stuff. Never tried splunk, how far does the free license get you?
This is where they get ya - 500 MB/day of indexing. If you can stay below that limit you are golden, if you go over, get your checkbook out.WGU - BS IT: ND&M | Start Date: 12/1/12, End Date 5/7/2013
What next, what next... -
Options
UnixGuy
Mod Posts: 4,565 Mod
Can you use it as a replacement for Nagios?
is it better at alerting? -
Optionslsud00d
Member Posts: 1,571
Can you use it as a replacement for Nagios?
is it better at alerting?
No. At the core of it, Nagios does proactive checks and Splunk parses logs. You can attach actions to alerts in Splunk to do notifications but it is not an infrastructure monitoring solution like Nagios is. -
Optionspram
Member Posts: 171
If you're looking for a free alternative to splunk check out Logstash with Elasticsearch.
Elasticsearch.org Logstash | Overview | Elasticsearch
