Splunk is a tool to search, report, monitor and analyze real-time streaming and historical IT data. It collects logs from a variety of sources and makes them searchable in a unified interface.
For downloads and more information,
visit the Splunk homepage.
This is one of the best security tools we have. Real Time monitoring of servers isn't really what it's good at, but the sheer power of this thing is incredible.
It can also scale endlessly - they have the ability to cluster.
I'm using Splunk to generate usage reports based on syslog analysis. Is very easy to implement and use and has a free version that allows 500MB of logs per day. It's great!!
Splunk is basically Google Search for logs. Excellent for a single user or two doing analysis and forensics but I would not use it for real time monitoring. It is very resource intensive. It didn't scale well for me in the number of users that could simultaneously use a dashboard with a few queries on it.
This is one of the best security tools we have. Real Time monitoring of servers isn't really what it's good at, but the sheer power of this thing is incredible.
It can also scale endlessly - they have the ability to cluster.
5 minutes to learn and a lifetime to master. It is the single best tool we have purchased in the last 6 years. It is expensive and worth every penny.
I'm using Splunk to generate usage reports based on syslog analysis. Is very easy to implement and use and has a free version that allows 500MB of logs per day. It's great!!
Splunk is basically Google Search for logs. Excellent for a single user or two doing analysis and forensics but I would not use it for real time monitoring. It is very resource intensive. It didn't scale well for me in the number of users that could simultaneously use a dashboard with a few queries on it.
I really love Splunk as it takes what we like to produce (syslog, raw data) and makes it into a Manager Pie.
It also makes it fairly easy to spot when something goes horribly wrong in your network.
And on a side note, they give away t-shirts on congresses =P
Splunk is the bomb. Just throw everything into it and make data soup.