You could ask either Splunk Sales or a reseller direct for full feature comparisons....but I think you will find you are comparing apples and pears. Site Scope from HP like many remote monitoring systems can be agentless and report incidents...or threshold breaches through snmp and the MIBs. Splunk uses the source system's logs to provide a richer picture. For Incident Management / app performance you will be able to see performance over time, norms and other data. We use a remote monitoring tool AND Splunk. The latter provides a wider view and satisfies out security needs whereas the former wouldn't.
Just to second this, our customers would normally use another tool for app performance (its not really Splunks strong point) but use Splunk for the analysis and reporting - its real strength.
Thank you. Can you pl let me know how you are using Splunk for app performance along with remote monitoring tools -
1. are you modifying source code of your business applications to include log traces for Splunk to catch?
2. And is this modification in the live production environment - as typically in production environment logs from source code are only of error and not of info and warning?
3. Sorry-I didnt get-SPlunk's strength is not app performance but analysis and reporting,If Splunk is not monitoring the app, are logs from biz app fed into SPlunk from app to analyze?
Re: 1, no we don't as our apps are proprietary and chatty enough already ;-), but you could embed log writes.
Re 2: Understand your point but I would err on the side of logging everything (it's not like an alarm system where you would be wiped out with volume), license permitting. Inside Splunk your searches pull critical, error OR info pending your interest on the day. It's powerful.
Re 3: You can do that. Depends on the type of app. Web based and IIS logs are well served already. There is also a lot of app support here in the community.
I'd still keep them separate per the above.
Splunk is complimentary to both solutions. I do have customers that use Splunk to monitor their Sitescope and Wily infrastructure. With Sitescope they also use Splunk to understand their top recipients of alerting so they can minimize false positives. I see other customers use Splunk to also help them with their Wily reporting since it tends to be difficult within that solution.