SPLUNK - Anyone using

[Patrick]

Just wanted to see if anyone has experiences with SPLUNK (free or enterprise) and see what folks are using it for.

I recently signed up and now am trying to figure out what to do with it

 

[dba]

I use it to take in syslog and other application log files. It makes it much easier to look for and alert on specific events and to graph basic trends. It's not as robust as a BI tool, but it's far better than staring at 1TB of raw log files!

For example, I built an alert which will tell me when my Eucalyptus closer has fewer than 12 cores free.

 

[dataoscar]

Its a great log aggregation tool. We used it for all kinds of log and unstructured data.

 

[MiniKnight]

Maybe I will give it a shot too. Log parsing is good.

 

[dataoscar]

The log parsing is just the beginning. It has a log query feature that is very helpful in debugging issues. Then there are the graphs and dashboards you can create from the queries.

Its a great product.

 

[Aluminum]

If you have never had something like it, it will probably seem pretty good. If you are coming from custom in house log parsing...you will want to stab your face. Even so its better than a lot of other trash out there.