We've tried the rest and now we're back on Splunk!
December 12, 2018
We've tried the rest and now we're back on Splunk!
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise
Splunk is our dumping ground for our logs. We use Splunk to pump the monitoring and statistical logs to, whether for analysis, storage, or for debugging purposes. The main problem it solves is that we have many systems that live in different places, and having one centralized repository for our logging helps us with correlation of bugs to specific times, and monitoring how different infrastructure interacts.
- Handles inputs from many different sources.
- Very easy queries.
- Dashboard support.
- Scaling story.
- Query speed.
- Dashboarding allows us to immediately get value without having to have a query to find things in logs.
- Allows us to troubleshoot bugs faster.
- Having everyone have access to certain indexes is less of a headache for it to manage.
We've tried Sumo before and, while it did improve while we were using it, we ended up often pushing it to its limits, and at times it would fall over. The ingestion limits would at times be restrictive and our systems would generate more than it could handle, which would force us to develop a pipeline to handle logs and ensure they got to Sumo without being lost in translation.