When it comes to mining and making log data searchable, most people will tell you that Splunk is the way to go. With nine figures of revenues every year, a nine figure cash reserve, and a stock price that hovers routinely around the $100 mark, it is easy to see why using them as a primary provider makes sense.
Splunk isn’t just for logs and there isn’t really a direct competitor to what they do, but there are purpose-built log file alternatives that are worth considering if you don’t want to use Splunk. Let’s take a look at them today.
Graylog2 – https://graylog2.org/
One of the primary ways that competitors try to downplay Splunk is that they try to convince others that Splunk simply operates in the cloud. It does not. If, however, you’re looking for an effective open-source log management system, Graylog2 uses its own log format while being built on MongoDB and Ruby on Rails so that you can get done what needs to be done.
OpenTSDB – https://opentsdb.net/
From the makers of StumbleUpon, one of the easiest social ways to increase traffic to a website, comes OpenTSDB. It is an open source database that is specifically designed to help users both visualize and aggregate data. It collects metrics from a thousands of different viewpoints rapidly and best of all, makes it easy for the average person to understand the how and why of what they need. It’s built on Apache Hbase.
Boundary – https://boundary.com/
If open-source isn’t your cup of tea, then a software service that let’s you access network data in order to provide application data might be the way to go. If that’s so, then Boundary is well worth considering. Whereas Splunk will give you a historical picture of all your machine data because it archives it and makes it searchable, Boundary lets you have a real-time look at what is going on at any given moment. This is especially useful if you’ve got a troubleshooting problem that needs to be quickly solved in real-time.
Loggly – https://www.loggly.com/
If you don’t want to go with Splunk, then why not go with a company that was started by former employees of Splunk? Loggly largely offers everything that Splunk offers and it transmits all data over an HTTPS link. It is a cloud-based service, which is probably why you’ll often hear competitors talking about Splunk being cloud-based as well. Filters, visual tools, and trends are all easily searched so that you can spot the root causes of trouble and quickly eliminate them.
Sumo Logic – https://www.sumologic.com/
And finally, if you’re looking for specific common patterns within your data that can help you provide alerts, the anonymous data you’ll get from customers through this logging service will help you out exponentially. The primary advantage seen with this Splunk competitor is that it can potentially help you to troubleshoot and fix your systems before a real problem ever occurs.