Splunk - I love it!
veritas_libertas
Member Posts: 5,746 ■■■■■■■■■■
in Off-Topic
How many others love using Splunk? Custom queries and Splunk Alerts is what I use it for mostly.
Comments
-
JeanM
Member Posts: 1,117
Used at my old job, and have a free license that I use at home from time to time.
Do you have forwarders etc?2015 goals - ccna voice / vmware vcp. -
Cert Poor
Member Posts: 240 ■■■□□□□□□□
I want some of this Splunk action. Is it just some awesome log file tool that can make sense out of logs from a million systems and sources?In progress: MTA: Database Fundamentals (98-364)
Next up: CompTIA Cloud Essentials+ (CLO-002) or LPI Linux Essentials (010-160)
Earned: CompTIA A+, Net+, Sec+, Server+, Proj+
ITIL-F v3 2011 | ServiceNow CSA, CAD, CIS | CWNP CWTS -
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
I setup rsyslog and loganalyzer recently, good stuff. Never tried splunk, how far does the free license get you? -
wes allen
Member Posts: 540 ■■■■■□□□□□
In the middle of a POC with Splunk and love it so far. Super powerful, but stays out of your way much better then the other SIEM's I have used. Plenty of really good documentation out there as well, which is also a change. -
veritas_libertas
Member Posts: 5,746 ■■■■■■■■■■
Powerful indeed and the apps (some of them you have to pay for) are great. You can pretty much "eat" anything that logs to a text file.
-
DevilWAH
Member Posts: 2,997 ■■■■■■■■□□
Looked at Splunk but decided that it did not quite do what we needed with out a bit of work, I am not the monitor guy so wiped my hands of it. Very powerful, and used it at home a bit, but the monitor guy is going "trustwave" which is aimed more at security and deal with more stuff out of the box.- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
One of our vendors uses it and from what I saw it seemed pretty good.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
pitviper
Member Posts: 1,376 ■■■■■■■□□□
I've used it for call reporting in a Cisco CM environment with some 3rd party add-ons - they we're pretty cheap compared to the alternatives.CCNP:Collaboration, CCNP:R&S, CCNA:S, CCNA:V, CCNA, CCENT -
PurpleIT
Member Posts: 327
I want some of this Splunk action. Is it just some awesome log file tool that can make sense out of logs from a million systems and sources?
More or less - throw data at it and you will be able to quickly search and analyze it. It is really fairly simple especially given how powerful it is.I setup rsyslog and loganalyzer recently, good stuff. Never tried splunk, how far does the free license get you?
This is where they get ya - 500 MB/day of indexing. If you can stay below that limit you are golden, if you go over, get your checkbook out.WGU - BS IT: ND&M | Start Date: 12/1/12, End Date 5/7/2013
What next, what next... -
lsud00d
Member Posts: 1,571
Can you use it as a replacement for Nagios?
is it better at alerting?
No. At the core of it, Nagios does proactive checks and Splunk parses logs. You can attach actions to alerts in Splunk to do notifications but it is not an infrastructure monitoring solution like Nagios is. -
pram
Member Posts: 171
If you're looking for a free alternative to splunk check out Logstash with Elasticsearch.
Elasticsearch.org Logstash | Overview | Elasticsearch
