{"id":4661,"date":"2018-01-09T10:14:24","date_gmt":"2018-01-09T10:14:24","guid":{"rendered":"http:\/\/www.scmgalaxy.com\/tutorials\/?p=4661"},"modified":"2018-01-09T10:14:24","modified_gmt":"2018-01-09T10:14:24","slug":"log-management-tools-using-splunk-and-other-alternatives","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/log-management-tools-using-splunk-and-other-alternatives\/","title":{"rendered":"Log Management Tools using splunk and other alternatives"},"content":{"rendered":"<p><strong>Splunk<\/strong><\/p>\n<p>Splunk (the product) captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.<br \/>\nSplunk aims to make machine data accessible across an organization and identifies data patterns, provides metrics, diagnoses problems and provides intelligence for business operation. Splunk is a horizontal technology used for application management, security and compliance, as well as business and web analytics.Splunk has over 7,900 customers worldwide.<\/p>\n<p><strong>Graylog2 + Elasticsearch + MongoDB<\/strong><\/p>\n<p>based on elastic search and Open Source. Graylog2 has powerful real-time text-based search, basic analytics, dashboards, and flexible alerts. Graylog2 is under heavy development. Graylog2 is Java. Both are no real equivalent to SPLUNK, SPLUNK is multiple years ahead, but it&#8217;s possible that these tools are also meet your requirement. Graylog2 is an open source log management system. It\u2019s built with Ruby on Rails and MongoDB and uses its own JSON-based log format called GELF (Graylog Extended Log Format).<\/p>\n<p><strong>Apache Flume + Elastic Search + Apache Lucene<\/strong><br \/>\nCloudera CTO Jeff Hammerbacher suggests using Apache Flume, an open source log aggregation tool, and Elastic Search, an open source search system based on Apache Lucene, to create an open source log file search system<\/p>\n<p><strong>Fluentd + Elasticsearch + Kibana<\/strong><\/p>\n<p>Elasticsearch is an open source search engine known for its ease of use.<br \/>\nKibana is an open source Web UI that makes Elasticsearch user friendly for marketers, engineers and data scientists alike.<br \/>\nFluentd is an open source data collector, which lets you unify the data collection and consumption for a better use and understanding of data.<br \/>\nBy combining these three tools (Fluentd + Elasticsearch + Kibana) we get a scalable, flexible, easy to use log search engine with a great Web UI that provides an open-source Splunk alternative, all for free.<\/p>\n<p><strong>Logstash + Elasticsearch + Kibana<\/strong><\/p>\n<p>logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching). Speaking of searching, logstash comes with a web interface for searching and drilling into all of your logs.It is fully free and fully open source. The license is Apache 2.0, meaning you are pretty much free to use it however you want in whatever way.setting it up is way more complicated than setting up Splunk, but it offers similar &#8211; but not as complete &#8211; feature set. Elasticsearch is an open source search engine known for its ease of use. Kibana setting it up is way more complicated than setting up Splunk, but it offers similar &#8211; but not as complete &#8211; feature set.<\/p>\n<p>Elasticsearch &lt;=&gt; Indexer<br \/>\nLogstash &lt;=&gt; Heavy Forwarder<br \/>\nKibana &lt;=&gt; Search Head<\/p>\n<p><strong>OpenTSDB<\/strong><br \/>\nOpenTSDB is an open source database sponsored by StumbleUpon. It\u2019s designed for aggregating and visualizing machine data. It\u2019s built on top of Apache Hbase and boasts the ability to \u201ccollect many thousands of metrics from thousands of hosts and applications, at a high rate (every few seconds).\u201d<\/p>\n<p><strong>Sumo Logic<\/strong><br \/>\nSumo Logic is a cloud-based log management and analytics service that leverages machine-generated big data to deliver real-time IT insights<\/p>\n<p><strong>Reference &#8211;\u00a0<\/strong><br \/>\n<a href=\"http:\/\/softwarerecs.stackexchange.com\/questions\/16\/free-equivalent-for-splunk-log-manager\" rel=\"nofollow noopener\" target=\"_blank\">http:\/\/softwarerecs.stackexchange.com\/questions\/16\/free-equivalent-for-splunk-log-manager<\/a><br \/>\n<a href=\"http:\/\/docs.fluentd.org\/articles\/free-alternative-to-splunk-by-fluentd\" rel=\"nofollow noopener\" target=\"_blank\">http:\/\/docs.fluentd.org\/articles\/free-alternative-to-splunk-by-fluentd<\/a><br \/>\n<a href=\"http:\/\/www.infoworld.com\/article\/2610524\/log-analysis\/splunk-feels-the-heat-from-stronger--cheaper-open-source-rivals.html\" rel=\"nofollow noopener\" target=\"_blank\">http:\/\/www.infoworld.com\/article\/2610524\/log-analysis\/splunk-feels-the-heat-from-stronger&#8211;cheaper-open-source-rivals.html<\/a><\/p>\n<p><a href=\"http:\/\/kmlbblog.co.in\/entries\/general\/splunk-vs-elk-elasticsearch-logstash-kibana\" rel=\"nofollow noopener\" target=\"_blank\">http:\/\/kmlbblog.co.in\/entries\/general\/splunk-vs-elk-elasticsearch-logstash-kibana<\/a>&#8211;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Splunk Splunk (the product) captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations. Splunk aims to make machine data accessible across an organization and identifies data patterns, provides metrics, diagnoses problems and provides intelligence for business operation. Splunk is a horizontal technology used&#8230;<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","_joinchat":[],"footnotes":""},"categories":[2],"tags":[4669,4670,4666,988,990,4667,4673,4672,1013,987,4671,4668,991],"class_list":["post-4661","post","type-post","status-publish","format-standard","hentry","category-uncategorised","tag-apache-flume","tag-apache-lucene","tag-elasticsearch","tag-fluentd","tag-graylog2","tag-kibana","tag-log-analysis","tag-log-management","tag-log-management-tools","tag-logstash","tag-mongodb","tag-opentsdb","tag-splunk"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/4661","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=4661"}],"version-history":[{"count":1,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/4661\/revisions"}],"predecessor-version":[{"id":4662,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/4661\/revisions\/4662"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=4661"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=4661"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=4661"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}