Splunk 4.2.2
Indexing, searching and reporting tool for networks
PROS
- Performs analysis, reporting and alerting
- Well presented and thought out.
- Fairly straightforward to configure
CONS
- Doesn't work with all browsers
- Security could be a concern
You may also like
Splunk is a web based tool for IT administrators that need to search and navigate IT data from applications, servers and network devices in real-time.
The tool allows you to log, configure systems, run scripts, search code, and much more. The developer claims that if your machine can generate it then "Splunk can eat it". Splunk is a handy monitoring tool that can alert you to changes in scripts, configurations, capture files and even connect to network ports. You can be sent notifications by RSS, email and SNMP.
While the indexing, searching and reporting aspects of Splunk are impressive, the presentation is also excellent. It feels like a Google-style analytical tool, offering clear and easy to read reports, and a fairly easy setup procedure. However, anyone trying to use this on a small network with little IT administration knowledge will find it tricky. It's definitely aimed at the advanced group of network administrators out there.
Splunk is a fully comprehensive monitoring, alert and reporting app that will appeal to experienced administrators working on large networks.
Changes
- Real-time alerting Real-time alerting and management gives you the ability to react at the speed of your IT Data. Get instant notification when an alert is triggered and manage your alerts from within Splunk. Trigger-based real-time alerts Alert history and management Alert throttling Universal forwarder The Splunk universal forwarder package is a compact but full featured tool for centralizing IT data. Without any unnecessary Splunk components, the universal forwarder still supports all Splunk input types - including robust file monitoring, syslog, and all Windows specific inputs. Indexer acknowledgement Smaller footprint Real-time Windows performance monitoring Native Windows forwarder support Administration enhancements Administering distributed Splunk deployments is now easier thanks to several new enhancements. These include distributed license reporting and management, the pooling of search heads for availability, and visibility into the health and activity of Splunk forwarders. Distributed Splunk monitoring Distributed licensing Recoverable indexes Search head high availability User interface simplification Using Splunk on a daily basis is now easier whether you are an admin trying to figure out how to add data to Splunk to to a first time user creating your first alert. Check out your new launching pad at Splunk Home and see for yourself. Splunk Home Quickstart recipes and data input workflows Streamlined app install and update Quick search, alert, and dashboard creation Login coaching New visualizations Gauge visualizations Speed improvements Splunk Web speed improvements Search speed improvements New OS support FreeBSD 7 and 8 support
