Several companies have noticed a tremendous new, purely commercial use of popular Splunk data analysis solutions, originally intended for mass analysis of system logs. As it turned out, in-depth analysis of system logs can provide a lot of valuable information for new ideas and strategies to the main activity of the enterprise.
Until now, many companies did not realize that their IT-infrastructure constantly reinforces perfect picture of what is going on with their business. The advantage of full indexation is the ability to conduct an effective examination of IT-infrastructure through consolidation and visualization of data, enabling rapid troubleshooting and identifying trends to improve the information system.
The Splunk application is designed to collect machine data, provide consolidation and reporting based on a number of different magazines, notices, events, and changes in the whole IT-environment. Performing the collection and indexing in real-time, Splunk handles physical, virtual and cloud data, ensuring their availability and ease of use.
IDC forecasts that the commercial big data products were worth $3.2 billion in 2010 and is expected to increase an average of 40% per year through 2015. In the age of big data, other vendors have jumped in to log management business to help manage the rising tide of log data, providing direct competition to Splunk business.
Sumo Logic, the startup log management and analytics company, delivers its service through a dashboard providing continuous updates on network and application performance and identification of performance patterns. Like Splunk, it monitors visualizes performance metrics through bar graphs and other illustrations, making it easier for stakeholders, including executives, operations managers and application developers to easily understand system performance issues.
Sumo Logic’s unique new cloud-based dashboards streaming query engine, allows teams to troubleshoot, monitor, and extract operational and business insights from large amounts of data from the entirety of an IT infrastructure. Sumo Logic dashboards provide immediate insights that enable IT and business executives to make critical business decisions based on the freshest data available.
In addition, the LogReduce feature provides a more efficient analysis, which enables real-time root cause analysis and reduce Mean Time to Identification (MTTI) and Mean Time to Resolution (MTTR).
HP ArcSight Logger
HP ArcSight Logger is a universal solution for log management, unifying search functions, reporting, notification, and analysis of audit logs and information of any kind, with unique capabilities for data collection, analysis and storage of large amounts of data that are generated in modern information systems. It supports multiple deployment options such as an appliance, software, virtual machine, or within the cloud and can be installed both in software and in hardware form.
ArcSight Logger is supplied with built-in software modules that can be used to monitor information security, application development and control of IT operations. Additional modules that track compliance standards such as PCI and SOX are available as a package of additional solutions and correspond to well-known standards such as NIST 800-53, ISO-17799 and SANS.
With HP ArcSight Logger you can collect up to 750MB of log data per day and store 500GB of uncompressed logs.
NetWrix Change Reporter Suite is designed to audit changes in the various components of the IT-infrastructure. The software perform reporting of Active Directory, Group policies, Virtual environments and System Center Virtual Machine Manager, MS Exchange, SharePoint, SQL Server, File servers and storage devices, Network devices (Cisco and Checkpoint) and Server Configuration.
NetWrix Change Reporter Suite prepares reports with complete information on every single change that has occurred in the organization: who, where, when, and what has changed and the values before and after the change. Data can be filtered by various criteria, such as the name of the person who made the change or view data, time, and other settings. If necessary, changes can be rolled back through the Rollback Wizard.
Another unique NetWrix technology, AuditIntelligence, enables raw audit data into meaningful and actionable intelligence to drive security and compliance efforts.
This comprehensive solution addresses the widest range of systems management including real-time reporting and alerts, 3rd-party SIEM integration including SCOM, powerful storage options, advanced reporting, predefined and custom reporting with subscription capabilities, and rollback capability.
Splunk biggest competitor TIBCO’s operational intelligence offerings analyze Big Data, including machine data generated from across their various systems, to gain comprehensive, real-time insights into critical business questions relating to compliance, security and operations.
TIBCO LogLogic Analytics platform offers dynamic data visualization and discovery logging schemes, enhanced data logging information from heterogeneous sources for better visibility, integrated tools for predictive analysis and statistics, faster access to compliance issues, security and service level, discovery of previously unknown relationships and their consequences and possibility of anticipating failures, maximize network resources and predict trends.
XpoLog develops and operates XpoLog Analytics platform to access, monitor, parse, and index log data on multiple servers allowing analysis across complex data centers from the users Web browser. The XpoLog Manager, log management and application data analysis platform collects, monitors, reports, views, filters, searches, and analyzes various log sources from a single point.
XpoLog features include browse, access, and manage all logs from a single point of reference, logs collection and archive management, log viewer, log analyzer and complex filter rules – in real time, generate compliance and statistics reports, export and transform logs data and analyzing log from any source and format.