2017-07-20T20:23:00Z

Splunk as an Enterprise Class monitoring solution -- thoughts?

it_user438393 - PeerSpot reviewer
  • 8
  • 17
PeerSpot user
10

10 Answers

it_user536142 - PeerSpot reviewer
Consultant
2017-07-24T11:22:42Z
Jul 24, 2017

Hi,

Well I will summarize my answer in the simplest possible way.

It all depends on what's your business pains againest your expectations from the solution.

First and foremost Splunk by it's functionality definition is a log analytics tool not an APM solution, as it doesn't provide you with end to end User Experience, in brief no real user monitoring, no code-level monitoring, no machine monitoring as far as I know and no Transaction/Business Analytics.

So again it depends on what you are looking for, but if you're looking for E2E user visibility from aservice availability and performance perspective then Splunk is not the answer.

Hope it helps. Thanks.

Search for a product comparison in Application Performance Monitoring (APM) and Observability
it_user708444 - PeerSpot reviewer
Consultant
2017-07-24T13:00:17Z
Jul 24, 2017

Totally agree. Splunk is mainly an IT Ops Analytics solution (log manaegment, event collector, metrics warehouse), but it is not an APM or generally speaking "probe" solution. I'd suggest rather to use splunk as a collector of data coming from several monitoring tools / probes. HIH. Cheers. L

it_user340284 - PeerSpot reviewer
Real User
2017-07-25T23:22:54Z
Jul 25, 2017

While Splunk is sometimes used for application, network, or server monitoring, primarily via insights garnered from logs, customers looking for insights into applications, server, or network may well be better served with solutions that focus on collecting and making sense of data from those sources.

Take for example, CA APM. The APM solution collects deep performance data of Java, .NET, Node.JS, and more with easily deployed agents that automatically determine the correct metrics to collect. In addition, these solutions can track transactions from the user end point, through application & middleware layers, and right on into backend environments such as the mainframe. By automatically collecting this data, the CA APM solution removes the need for development organizations to retrofit applications to log the appropriate content.

Add to this the ability to manage mobile applications, collect crash data, analyze user session data, and determine application flow data, and the integrated APM and Mobile APM solutions provide a robust picture of your IT Applications.

CA UIM extends this automatic expertise into the server, storage, and infrastructure layers, as does CA ADA within the network. This data can be collected automatically with no, or negligible footprint. Data collected via specialized approaches depending on type can then be fed into an open, powerful analytics engine built on ELK to further understand this data.

Vendor
2017-07-24T17:08:44Z
Jul 24, 2017

Even better..
Took us about 10 minutes to install new relic on a site and another 10 minutes to start collecting information
Their system handles it all and you do nothing much than put a small piece of tag/code in your app

it_user707325 - PeerSpot reviewer
Vendor
2017-07-24T16:05:02Z
Jul 24, 2017

Splunk is more to do with Data Analytic and analyzing the area's of problem in general while correlating the events from multiple sources for same or multiple applications to recognize problem and use that data for log time as a trend. Whereas as a true APM can provide specific information for a particular application and it's related/integrated servers/apps. APM can provide end-user experience, web UI and other problems specific to Application and back-end DB server relationship etc. Calls being made from user to apps server and how they are shaping up to complete the transaction from start to finish e.g. Web calls, app-db calls, db query slowness, call stalled, calls slow, transaction hung/error etc.

Hope this helps.

it_user603243 - PeerSpot reviewer
Vendor
2017-07-24T14:26:58Z
Jul 24, 2017

https://www.splunk.com/blog/2012/01/18/splunk-named-an-application-performance-management-apm-innovator.html

Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
it_user252126 - PeerSpot reviewer
Vendor
2017-07-24T14:11:03Z
Jul 24, 2017

As developers reach down the stack and network engineers stretch upward, they must meet in the middle with visible, integrated data from both ends. You need visibility to everything, and Splunk is that platform where you have access to all that data throughout all.

Vendor
2017-07-24T13:06:27Z
Jul 24, 2017

Given everything new relic does, its much better and why bother with splunk in this case?
I have created external dashboards for upper management
Can track the APM, the Browsers, and Ajax as well as Java or MS server software
You can write your reports against what they collect..
And I have shown upper management their subscribing to ping tests is a waste of money
With new relic I have written small scripts that go to the server, call up a page, try to log in, then log out on a dummy account
This has reported when our consultants have cheated and taken down the server at 3am to change prod code!!!
While the pings said nothing because the server box/instance itself was running fine, they just cycled the service for the application

Thx for my two cents…

Vendor
2017-07-24T12:50:54Z
Jul 24, 2017

I prefer New Relic
Once I saw what splunk was at its core…

it_user476328 - PeerSpot reviewer
Real User
2017-07-24T12:33:40Z
Jul 24, 2017

Splunk alone can’t be used nor defined as one “primary enterprise monitoring system.”

Splunk is to centralize and analyze your logs. It is capable of generating alerts so I can see how this functionality can be confused with Nagios. But Nagios is an infrastructure and services monitoring and alerting solution. It can monitor things that don't necessarily have logs like cpu usage, number of processes, even check for ssl certificates about to expire. Logs may not tell you that apache has stopped responding to http requests where Nagios can.

Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent...
Download Splunk Enterprise Security ReportRead more

Related Q&As

Application Performance Monitoring (APM) and Observability experts

Nagendra Nekkala. - PeerSpot reviewer
Shibu Babuchandran - PeerSpot reviewer
Jay Vekaria - PeerSpot reviewer
Alex Kabugo - PeerSpot reviewer
Faustine Chisasa - PeerSpot reviewer
Akhilesh Mishra - PeerSpot reviewer
NM
RS