Solved: Splunk vs Monitoring Tools

shahamit · ‎03-25-2013

I have been researching on log management and monitoring tools for our java ee web application. Looking at the features of splunk I am trying to understand the advantages of it over monitoring tools like riemann.

Can you help me in understanding how does using splunk benefit over monitoring tools?

Thank you.

krugger · ‎03-25-2013

I have never tried riemann, but I took a look at the documentation in their site.

Riemann seems to be targeted to an audience which is developing an application and can integrate the framework into their log production. This will produce very integrated metrics for your application. The advantage is that you will be able to get more information because you have to code a application specific plugin that can be integrated with you deployed application. The application is aware of the monitoring.

Splunk is a more general solution and will parse the logs produced by the application. It will consume text files or database entries and you can use a number of predefined functions to analyze the logs. The advantages is that you can quickly integrate new application and systems into your monitoring, but it will only yield you metrics that are in the logs. The application is oblivious of the monitoring.

If you only want to monitor the java web application and the servers it is running on and you have a development team, probably riemann is the way to go. If you want to parse the application logs and server logs and then start monitoring network devices and firewall probably splunk is the way to go.

View solution in original post

krugger · ‎03-25-2013

I have never tried riemann, but I took a look at the documentation in their site.

Riemann seems to be targeted to an audience which is developing an application and can integrate the framework into their log production. This will produce very integrated metrics for your application. The advantage is that you will be able to get more information because you have to code a application specific plugin that can be integrated with you deployed application. The application is aware of the monitoring.

Splunk is a more general solution and will parse the logs produced by the application. It will consume text files or database entries and you can use a number of predefined functions to analyze the logs. The advantages is that you can quickly integrate new application and systems into your monitoring, but it will only yield you metrics that are in the logs. The application is oblivious of the monitoring.

If you only want to monitor the java web application and the servers it is running on and you have a development team, probably riemann is the way to go. If you want to parse the application logs and server logs and then start monitoring network devices and firewall probably splunk is the way to go.

shahamit · ‎03-27-2013

I get your point. So do you mean monitoring tools like riemann are good if the application is in development phase and log management tools like splunk, graylog2, logstash are good otherwise? I did not find that convincing a bit considering log management solutions as a whole. Can you please elaborate on this a bit? Thanks for sharing your knowledge.

Splunk vs Monitoring Tools

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

Join the Conversation