Systems Management
Gold Award:
Splunk 3.3
"Splunk has managed to establish itself as a solid new entrant into IT management," one judge said. "They found a hole in the tool-chain of operations people -- search -- and have worked diligently on filling that hole. On the business side, they've managed to partner with other players, large and small, and have been doing good work to become a mature company."
"Splunk turns your logs from simply being a compliance and research tool to a real-time situational awareness tool at a fraction of the cost of a full blown security information and event management (SIEM) system," Splunk's reference customer said. "The speed and intuitiveness of the interface is amazing. You can get a ton of info without having to build complex SQL queries. The ease of use and pricing model allows me to provide access to all my support teams, who can simply surf the logs if they need to investigate a problem.
"It brings the Unix admin mindset to the Windows world, where the provided log tools are awful. I also like the openness, where other applications can query Splunk using simple Web service interfaces."
The latest version of Splunk offers:
- Continuous crawling: Continuously crawls your IT infrastructure and notifies or adds new data sources based on configurable settings. This feature also allows new data sources to be viewed inside Splunk before adding them to your index, assuring that the addition is going to be of value to the data center.
- Windows Management Instrumentation (WMI) input: WMI provides Splunk with performance and system health information, and is a method for polling servers remotely for data (such as event logs). WMI inputs expand options for scaling the collection of data.
- Windows Registry input: Tracks installations, configuration changes and addresses complex application failures on Windows, directly from a single console.
- Application enhancement for Splunk 3.3 included Splunk for Change Management, Splunk for Microsoft Windows, Splunk for VMware and Splunk for Network Security.
"Splunk is quick and easy to set up on almost any platform," another user reference said. "We pointed our log files at it and its automatic extraction segmented events and fields. Splunk handles all our aggregation and log file forwarding. We did an Active Directory integration in minutes. It has been like Google for our log files -- so much like Google that I put it in the hands of our support reps with no training and they got instant value from it."