Amazon Redshift is a hosted data warehouse solution, from Amazon Web Services.
$0.24
per GB per month
Splunk Cloud Platform
Score 8.0 out of 10
N/A
Splunk Cloud Platform is a data platform service thats help users search, analyze, visualize and act on data. The service can go live in as little as two days, and with an IT backend managed by Splunk experts.
If the number of connections is expected to be low, but the amounts of data are large or projected to grow it is a good solutions especially if there is previous exposure to PostgreSQL. Speaking of Postgres, Redshift is based on several versions old releases of PostgreSQL so the developers would not be able to take advantage of some of the newer SQL language features. The queries need some fine-tuning still, indexing is not provided, but playing with sorting keys becomes necessary. Lastly, there is no notion of the Primary Key in Redshift so the business must be prepared to explain why duplication occurred (must be vigilant for)
Splunk is excellent when all your data is in one location. Its ability to correlate all that data is intuitive (once the hurdle of learning the query language is overcome). It is also easy to standardize the presentation of information to the company. When data is siloed/standalone, other systems can be cheaper and faster to implement.
[Amazon] Redshift has Distribution Keys. If you correctly define them on your tables, it improves Query performance. For instance, we can define Mapping/Meta-data tables with Distribution-All Key, so that it gets replicated across all the nodes, for fast joins and fast query results.
[Amazon] Redshift has Sort Keys. If you correctly define them on your tables along with above Distribution Keys, it further improves your Query performance. It also has Composite Sort Keys and Interleaved Sort Keys, to support various use cases
[Amazon] Redshift is forked out of PostgreSQL DB, and then AWS added "MPP" (Massively Parallel Processing) and "Column Oriented" concepts to it, to make it a powerful data store.
[Amazon] Redshift has "Analyze" operation that could be performed on tables, which will update the stats of the table in leader node. This is sort of a ledger about which data is stored in which node and which partition with in a node. Up to date stats improves Query performance.
This SIEM consolidates multiple data points and offers several features and benefits, creating custom dashboards and managing alert workflows.
Splunk Cloud provides a simple way to have a central monitoring and security solution. Though it does not have a huge learning curve, you should spend some time learning the basics.
Splunk Cloud enables me to create and schedule statistical reports on network use for Management.
We've experienced some problems with hanging queries on Redshift Spectrum/external tables. We've had to roll back to and old version of Redshift while we wait for AWS to provide a patch.
Redshift's dialect is most similar to that of PostgreSQL 8. It lacks many modern features and data types.
Constraints are not enforced. We must rely on other means to verify the integrity of transformed tables.
Just very happy with the product, it fits our needs perfectly. Amazon pioneered the cloud and we have had a positive experience using RedShift. Really cool to be able to see your data housed and to be able to query and perform administrative tasks with ease.
The support was great and helped us in a timely fashion. We did use a lot of online forums as well, but the official documentation was an ongoing one, and it did take more time for us to look through it. We would have probably chosen a competitor product had it not been for the great support
Splunk Cloud support is sorely lacking unfortunately. The portal where you submit tickets is not very good and is lacking polish. Tickets are left for days without any updates and when chased it is only sometimes you get a reply back. I get the feeling the support team are very understaffed and have far too much going on. From what I know, Splunk is aware of this and seem to be trying to remedy it.
Than Vertica: Redshift is cheaper and AWS integrated (which was a plus because the whole company was on AWS). Than BigQuery: Redshift has a standard SQL interface, though recently I heard good things about BigQuery and would try it out again. Than Hive: Hive is great if you are in the PB+ range, but latencies tend to be much slower than Redshift and it is not suited for ad-hoc applications.
Search Processing Language really is a game changer for writing easy-to-understand and maintainable queries on your data base logs. Once understood, setting up and validating a query can be done in no time- which leaves us the option to focus on more monitoring and improved services. We have no other tools that utilizes data this efficiently
Redshift is relatively cheaper tool but since the pricing is dynamic, there is always a risk of exceeding the cost. Since most of our team is using it as self serve and there is no continuous tracking by a dedicated team, it really needs time & effort on analyst's side to know how much it is going to cost.
Our company is moving to the AWS infrastructure, and in this context moving the warehouse environments to Redshift sounds logical regardless of the cost.
Development organizations have to operate in the Dev/Ops mode where they build and support their apps at the same time.
Hard to estimate the overall ROI of moving to Redshift from my position. However, running Redshift seems to be inexpensive compared to all the licensing and hardware costs we had on our RDBMS platform before Redshift.
