Splunk – ease of searching large amounts of data.
Improvements to My Organization:
Splunk – real time alerts on critical indicators, compliance reports, troubleshooting and predictive abilities using trends.
Use of Solution:
Splunk – 3 years
Splunk – Had one issue requiring a support call regarding the configuration of the automated configuration deployment package. Quickly resolved.
Splunk – None.
Splunk – Not needed yet.
Splunk – Splunk has a very knowledgeable support staff and the Splunk support website is outstanding. The message boards are very active and often using them will often prevent having to call support.
Splunk – Easy, but can get very complex depending on the type of logs to ingest. While Splunk, out of the box, handles most common types. The extraction of data from custom logs can be problematic. Although Splunk does provide tools for accomplishing this.
Both Splunk and LogLogic excel at their intended purpose. If you are looking for an appliance that you can stick in the rack, minimally configure and then forget about, you will like the LogLogic solution. If you need to regularly search different logs for different data you will like Splunk better.