[colug-432] splunk?

Rick Troth rmt at casita.net
Fri Oct 14 13:01:40 EDT 2016


At my place of work, we ship Splunk embedded in appliances.
I gather that it is a closed source log handler which _can talk SYSLOG
protocol_ and presses its affinity for CEF (Common Event Format). CEF
strikes me as a good thing because SYSLOG traffic can be way too
free-form for enterprise processing. (Just too little structure for huge
volumes of log traffic to be processed effectively without something
like CEF.)

I found Splunk's gigabyte licensing to be annoying. A customer can bump
into the wall and lose traffic. (I forget the details of the failure mode.)

-- R; <><


On 10/14/2016 12:36 PM, Evan Miller wrote:
> Splunk is widely used at enterprise level. It is closed-source and
> generally licensed on a by-the-gigabyte basis. I've deployed it myself
> in a production environment and it does a great job. That said on the
> open source side something like Graylog or ELK (elasticsearch,
> logstash, kibana) is a common comparison to the features and function
> of Splunk. Hope that helps! Evan
>
> On Fri, Oct 14, 2016 at 12:33 PM Jeff Frontz <jeff.frontz at gmail.com
> <mailto:jeff.frontz at gmail.com>> wrote:
>
>     Anybody heard-of/using splunk?  Is it a widely-deployed platform?
>
>     I try to keep a list of upcoming events that are "code-centric" --
>     things that would be of interest to individual contributors (vs.
>     the pointy-haired and the marketeers) in IT/software/systems --
>     and send them out at the bottom of code camp email blasts. 
>     Usually I can suss-out the purely marketing/spammy ones and
>     recognize the good stuff.  However, "splunk" is something I'm not
>     familiar enough with, so...
>
>     I need some feedback on whether the upcoming Columbus stop of
>     "Splunk live" (http://splunklive.splunk.com ) is worthy of
>     inclusion in my list.
>
>
>     Oh, just for reference, here's my current list (please let me know
>     if you are aware of any others):
>
>       * BLK Hack Tech Townhall
>         <https://www.eventbrite.com/e/tech-townhall-tickets-28060566911> is
>         Oct 17
>       * new José Valim (creator of Elixir & Devise) at CRB
>         <http://www.meetup.com/meetup-group-wEkWWOXK/events/234246784/> on
>         Oct 17.
>       * Columbus Code Camp <http://columbuscodecamp.com/> is Oct 22.
>       * Global Day of Coderetreat
>         <http://coderetreat.org/events/global-day-of-coderetreat-2016-columbus-oh-usa?referer=CCC2016> is
>         Oct 22.
>       * Ohio Digital Government Summit
>         <http://www.govtech.com/events/Ohio-Digital-Government-Summit.html?referer=CCC2016> is
>         Oct 25-26.
>       * GDEX - Game Developer Expo
>         <https://www.thegdex.com/?referer=CCC2016> is Oct 28-30.
>       * DevOpsDays Ohio
>         <http://www.devopsdays.org/events/2016-ohio/welcome/?referer=CCC2016> is
>         Oct 31-Nov 1.
>       * Startup Weekend Columbus
>         <http://www.up.co/communities/usa/columbus/startup-weekend/9968?referer=CCC2016> is
>         Nov 11-13.
>       * Ohio DevFest <https://ohiodevfest.com/?referer=CCC2016> is Nov 19.
>       * new QA or the Highway
>         <https://qaorthehighway.com/?referer=CCC2016> is Feb 7, 2017.
>
>
>     Thanks
>     Jeff
>     _______________________________________________
>     colug-432 mailing list
>     colug-432 at colug.net <mailto:colug-432 at colug.net>
>     http://lists.colug.net/mailman/listinfo/colug-432
>
>
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20161014/697440ab/attachment-0001.html 


More information about the colug-432 mailing list