we are using TIVOLI to monitor the logs on our different server like application,WAS and DB server.we have been suggested to move to splunk.
few of our servers are on cloud and few of them are non-cloud env.
Is it feasible to move to splunk and perform the same activities using splunk.
what benefit we can get on moving to splunk?
Tivoli is more of an infrastructure monitoring solution(Similar to HP Operations Manager), logfile monitoring is one small part of Tivoli.
whereas for Splunk logfile monitoring is the main part.
if you are doing some logfile monitoring with Tivoli, you could do the same thing plus much more, with Splunk.
If Tivoli's logfile monitoring features can be scored as 2 out of 10, splunk features can be scored as 9 out of 10.
Splunk got free trials and there is a "free splunk" as well(it got some limitations, but for your case, it will suit you), you could download and give it a try. you will like it for sure.
https://www.splunk.com/en_us/download/splunk-enterprise.html
From Garner's website, please check this Tivoli vs Splunk Comparison:
https://www.gartner.com/reviews/market/security-information-event-management/compare/ibm-vs-splunk