Friends who are using splunk strictly as a logger liked it. We had hell of a lot of pain implementing 4.0. They don't understand the concept of dropping privs, so it has to run as root. My company does not allow the non-os team to have root. So endless fucking around with permissions and "hey unix team, can you please do this so that we can continue troubleshooting".
And to top that, 4.0 through about 4.09 were feature *and* bug rich. They have agents which have to be installed and upgraded manually each time. Few hundred servers and that starts to get a bit old. And sux on aix (ok, that's our fault - the asshole who bought it bought a p520 instead of a x86 box. Before a solution/product was even finalized). And some kind of buffer overflow issue which I think is fixed now. So, if you're looking for something to sit on 512 and other assorted ports to receive logs, and index them, and give you a pretty interface to do searches on non-normalized data on linux, splunk's pretty nice. If you need to use some of their "additional" features (agents, etc) test it out first before doing it. Fortunately, you can get an annual 500meg/day license for free by just asking. On 8/14/10, Toni Mueller <openbsd-m...@oeko.net> wrote: > On Fri, 13.08.2010 at 14:36:21 +0100, Kevin Chadwick <ma1l1i...@yahoo.co.uk> > wrote: >> What do people think of monit. > > Ok, I'll chime in: What do people think of Zenoss and splunk? > > I'm so far leaning twoards trying Zenoss, but it surely has a high > barrier-of-entry, and I'm only interested in splunk for comparison. > > > Kind regards, > --Toni++ > > -- Sent from my mobile device http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=30v_g83VHK4
