Splunk = Binoculars on your logs
June 04, 2014

Splunk = Binoculars on your logs

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Software Version

5.0.8

Overall Satisfaction with Splunk

I am using Splunk everyday to know what is going on in production. All our services logs are indexed in it and we can easily fetch data with the sample query language offered by Splunk. It really helps us to detect threats before any client complains about it. Moreover, we use it to output stats about the performance of our services.
  • Alerts on any specifics searches help to detect a threat before any client observes it.
  • Dashboards is a nice way to output useful and cool information about how our services are used in production.
  • Easy powerful query language makes Splunk fun to use and any fetched data is not trivial because it's fun! It's really powerful.
  • Documentation is very nice and Splunk is supported by a community.
  • Sadly, splunk is not an open source project.
  • Definitively, we catch everything in production before customers observe it.
  • Help us to document bugs with simple queries.
  • Give us stats about how our services are used, it's important to have performant services in our domain.
When a company has a lot of services with a lot of logging, Splunk is very useful to find anything you want. Basically, we can see it as grep, plus there are a lot of libraries to manipulate data. If you have a small company with few products, using Splunk could be an overhead.

Using Splunk

It's useful everyday and it's clearly like having binoculars on our logs. We could make our own grep++ but Splunk already does it nicely. So why would we waste our time to code something that's already done nicely?