Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
N/A
SolarWinds SQL Sentry
Score 10.0 out of 10
N/A
SolarWinds SQL Sentry is designed to help data professionals optimize SQL Server database performance
in physical, virtual, and cloud environments. SQL Sentry delivers metrics to help users find and fix database performance problems
and provides scalability, boasting demonstrated success monitoring 800+ SQL
Server instances with one monitoring database. With
SQL Sentry, the user can monitor:
SQL Server
Azure SQL
Database
SQL Server
Analysis…
It's well suited for what I do, which is network security operations. And that's for anything from troubleshooting incidents, troubleshooting performance, troubleshooting for the purpose of a compliance and auditing. It's not best suited for users who are new in terms of they're new to the product and they have expectations that probably Splunk cannot meet.
This solution is perfect for a team with a large server count and, at least, moderate experience supporting a SQL Server environment. If the environment is smaller or the team has less experience working with SQL Server performance tuning methodologies, then the tool may be overwhelming for the users.
The Top SQL functionality has been extremely useful for identifying poorly performing queries by resource consumption.
The flexibility of creating your own Advisory Conditions has allowed us to integrate our custom internal alerts into a centralized dashboard and alerting platform.
Being able to highlight any chart on the dashboard and then tool-matching that window across all the other charts makes it much easier to correlate the different performance metrics against each other.
Tuning advice: With all the graphs and data available, it's not always easy to determine the best thing to do. I'd like to see SentryOne provide some best practice analysis based on the historical information collected for the server being looked at.
They could add help tips or links to help documents, when you select a graph on the dashboard. Inexperienced users tend to put blinders on and focus on one thing when they see a high counter or something out of the ordinary. It would be very useful to include a link that provides underlying help. The link would provide an explanation of the counter in detail and offer possible explanations as to why the counter is off.
We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.
Absolutely. SQL Sentry is an absolute must have for any company with a SQL Server estate. It provides a force multiplier to effectively manage SQL Server, and the feature sets are second to none. The support and expertise at SentryOne is incredible. They are very supportive of both the platform users and helping your business with the product
You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.
I accept that the flexibility of the alerting comes at a price. Other than the alerting SQL Sentry's interface is intuitive. Connecting to a new SQL instance, given that all the needed ports are open in your firewalls is straight forward. Reviewing the performance and queries for an instance is available in with a right click. As you dig in new tabs are created to present the detailed data. I find the ability to filter and rollup metrics on a query very helpful in dealing with the "it's running slow". You can easily compare the metrics of run times for the same query to let the user know, it's probably data your doing a billion reads instead of the usual 100 thousand.
The system is working perfectly in capturing data, but we do experience issues with SQL Timeout when viewing results in the remote clients. This may be due to the fact that our monitoring service is consuming most of the CPU, and it is the same server that is hosting the SQL Repository. We could probably fix the issue by separating the SQL instance from the monitoring service.
In most cases the pages load very quickly. In our particular case, we need to do some movement of services to separate our monitoring service to separate infrastructure from the repository. When we first started with SQL Sentry on 5 licenses, we did not have any issues. Since we have now grown that to 25, we are experiencing some challenges. We do not believe this to be a tool problem
Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.
From their infancy as a smaller company to now as a global player they have always kept focus on prioritising he customer. They know their product and the technology it supports and are easily accessible for both resolving problems with the product all the way to adding value through additional training and assisting with getting return on investment through utilisation of the many features the product provides.
The online course was simple clear and described the main capabilities of the solution. There is also an initial module that can be done for free so anyone can familiarize themselves with the functionality of this solution. On the other hand, however, there could be more free online courses. Maybe even with a certificate, this would broaden the group of people who are familiar with the platform while increasing familiarity with the solution itself.
Was suggested that we install the process monitors on a dev or qa database server, but we found it more useful to create an IT db server and put it there (along with a few other apps that we use for monitoring).
I didn't get to fully evaluate Logstash as our corporation was already using Logstash, but both seemed like viable solutions to the problem that we were having. I wanted to evaluate Logstash some more, both did seem like they would work for the business needs that we had, we went with splunk as many teams were already using it.
SQL Sentry offers more features and is customize-able to fit our business needs. It has more centralized management and support. The company's technical support is also top notch. It is also worth mentioning that SentryOne Team Blog is an excellent source. One can find lots of valuable troubleshooting skills on the blog site - very educational and informational.
We are running 25 instances through a single monitoring service and it is able to keep up. We are finding that this many instances in our environment is about as many as can be handled. We will need to deploy additional monitoring services. Luckily, there is no additional licensing costs to deploy additional monitoring services. For us, it's just an additional Azure VM.
I don't have any numbers to share but Splunk has positively served as a 24/7 monitoring tool that has saved hours of work by self-detecting, saving statistics and alerting problems in the system or from external interfaces as soon as they happen.
Splunk dashboards does a solid job in collecting, analyzing data and creating reports that contain an entire day's activity and then automatically sent out to the business.
Splunk is very easy to learn and very useful to any program or business application.
Better customer service as it alerts me automatically to loss of service issues so I can react and either get things fixed before it impacts the customers or to let my management know as soon as possible
It helps me find expensive SQL so our customers get better performance and we make better use of our resources
